How to handle roles/permissions in an SPA (Laravel+Vue)
I think best way is store data inside Vuex if you use the store or you can use prototype and use Vue.prototype.$userPerms = axios.get() and you will be able to use this.$userPerms in every component.
But best way to protect data is that API cannot return data which are not able to see by user. So if some somehow hack his role. He still not be able to see data because it's not returned by API.
Control data access in Laravel then use @casl on the frontend to do some additional permission based logic.
npm install @casl/vue @casl/ability
Packages:
https://www.npmjs.com/package/@casl/vue
https://www.npmjs.com/package/@casl/ability
Example app:
https://github.com/stalniy/casl-vue-api-example
Tutorial:
https://vuejsdevelopers.com/2018/01/08/vue-js-roles-permissions-casl/