[英]Laravel 5 form request validation returning forbidden error
I am trying to use Laravel 5.1's form request validation, to authorize if the request is from the owner. 我正在尝试使用Laravel 5.1的表单请求验证,以授权请求是否来自所有者。 The validation is used when the user is trying to update part of the table
clinics
through the show.blade.php
. 当用户尝试通过
show.blade.php
更新部分表clinics
,将使用show.blade.php
。
My set up so far: 我到目前为止的设置:
routes.php: routes.php文件:
Route::post('clinic/{id}',
array('as' => 'postUpdateAddress', 'uses' => 'ClinicController@postUpdateAddress'));
ClinicController.php: ClinicController.php:
public function postUpdateAddress($id,
\App\Http\Requests\UpdateClinicAddressFormRequest $request)
{
$clinic = Clinic::find($id);
$clinic->save();
return Redirect::route('clinic.index');
}
UpdateClinicAddressFormRequest.php: UpdateClinicAddressFormRequest.php:
public function authorize()
{
$clinicId = $this->route('postUpdateAddress');
return Clinic::where('id', $clinicId)
->where('user_id', Auth::id())
->exists();
}
Show.blade.php Show.blade.php
{!! Form::open(array('route' => array('postUpdateAddress', $clinic->id), 'role'=>'form')) !!}
{!! Form::close() !!}
If I
dd($clinicId)
within the authorize function, it returnsnull
, so I think that's where the problem lies!如果我在authorize函数中
dd($clinicId)
,它返回null
,所以我认为这就是问题所在!
Any help why on submit it's saying 'forbidden' would be hugely appreciated. 任何帮助,为什么提交它说'禁止'将非常感激。
You are getting Forbidden Error because authorize()
method of form request is returning false : 您收到Forbidden Error,因为表单请求的
authorize()
方法返回false :
The issue is this: $clinicId = $this->route('postUpdateAddress');
问题是:
$clinicId = $this->route('postUpdateAddress');
To access a route parameter value in Form Requests you could do this: 要在表单请求中访问路由参数值,您可以执行以下操作:
$clinicId = \\Route::input('id'); //to get the value of {id}
so authorize()
should look like this: 所以
authorize()
应该是这样的:
public function authorize()
{
$clinicId = \Route::input('id'); //or $this->route('id');
return Clinic::where('id', $clinicId)
->where('user_id', Auth::id())
->exists();
}
I add this owner confirmation to authorize() method in Request and work 我将此所有者确认添加到Request和work中的authorize()方法
public function authorize()
{
return \Auth::check();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.