根据用户登录laravel背包获取数据
[英]Get data based on user login in laravel backpack
问题描述
I am using backpack to created admin panel in my project. 
我正在使用背包在我的项目中创建管理面板。 I have two types of user one is Superadmin and second is admin. 我有两种类型的用户,一种是Superadmin,第二种是admin。 I just wanted to give the permissions to superadmin as he can list,add,edit all the rows from database.. 我只想给superadmin授予权限,因为他可以列出,添加,编辑数据库中的所有行。
but the admin can only edit,delete and list those rows created by himself.. 但是管理员只能编辑,删除和列出他自己创建的那些行。
So please help me, I am new in laravel backpack?? 所以请帮助我,我是laravel背包的新手?
1 个解决方案
解决方案1
0 已采纳 2017-04-20 15:20:58
Filter the results you show in the setup() method of your entity's CrudController, then disallow access to update/destroy methods. 过滤您在实体的CrudController的setup()方法中显示的结果,然后禁止访问更新/销毁方法。
You result could look something like this: 你的结果看起来像这样:
public function setup()
{
// take care of LIST operations
if (\Auth::user()->hasRole('admin')) {
$this->crud->addClause('where', 'author_id', '=', \Auth::user()->id);
}
}
Additionally, you need to place checks inside your update() and destroy() methods, to not allow an admin to delete someone else's entry. 此外,您需要在update()和destroy()方法中放置检查,以便管理员不允许删除其他人的条目。
// place this both inside your update() and inside your destroy() method
if (\Auth::user()->hasRole('admin') && $this->crud->entry->author_id!=\Auth::user()->id) {
abort(405);
}
Hope it helps. 希望能帮助到你。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.