Laravel 中间件多角色
[英]Laravel middleware multiple roles
问题描述
I am going through some issues with Laravel middleware.
我正在处理 Laravel 中间件的一些问题。 What I want to accomplish is registered user has 4 roles.我想要完成的是注册用户有 4 个角色。 1. Master Admin 2. Admin 3. Seller 4. Customer. 1. 主管理员 2. 管理员 3. 卖家 4. 客户。 I want my Master Admin, Admin, and Seller to have access to my CategoryController, and the customer cannot access it but when I put middleware in my controller's constructor it only lets masteradmin access the CategoryController and returns back admin and seller users.我希望我的主管理员、管理员和卖家能够访问我的 CategoryController,而客户无法访问它,但是当我将中间件放入控制器的构造函数中时,它只允许 masteradmin 访问 CategoryController 并返回管理员和卖家用户。 Please advise me on how to do this.请告诉我如何做到这一点。
Kernel.php $routemiddleware: Kernel.php $routemiddleware:
'checkrole' => \App\Http\Middleware\CheckRole::class,
'admincheck' => \App\Http\Middleware\Admin::class,
'sellercheck' => \App\Http\Middleware\Seller::class,
'customercheck' => \App\Http\Middleware\Customer::class,
'masteradmin' => \App\Http\Middleware\MasterAdmin::class,
http/Middleware/CheckRole http/中间件/CheckRole
public function handle($request, Closure $next)
{
if(Auth::user()->user_role == 1)
{
return redirect('admin');
}
elseif(Auth::user()->user_role == 2)
{
return redirect('seller');
}
elseif(Auth::user()->user_role == 3)
{
return redirect('customer');
}
return $next($request);
}
http/Middleware/MasterAdmin http/中间件/MasterAdmin
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 0)
{
return back();
}
return $next($request);
}
http/Middleware/Admin http/中间件/管理员
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 1)
{
return back();
}
return $next($request);
}
http/Middleware/Seller http/中间件/卖家
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 2)
{
return back();
}
return $next($request);
}
Http/Middleware/Customer Http/中间件/客户
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 3)
{
return back();
}
return $next($request);
}
CategoryController:类别控制器:
class CategoryController extends Controller
{
public function __construct()
{
$this->middleware('auth');
$this->middleware('verified');
$this->middleware('masteradmin');
$this->middleware('admincheck');
$this->middleware('sellercheck');
// $this->authorizeResource(Category::class, 'category');
}
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
return view('category.index');
}
HomeController家庭控制器
class HomeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth');
$this->middleware('verified');
$this->middleware('checkrole');
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('home');
}
It is not working right now i want to give one or more users access my entire controller please advice me on how achieve this thanks in advance它现在不工作我想让一个或多个用户访问我的整个 controller 请提前告诉我如何实现这一点谢谢
1 个解决方案
解决方案1
1 已采纳 2020-04-25 12:56:11
The problem is that your adminUser will have to go through the masterAdminUser Middleware that return back();问题是您的adminUser将不得不通过return back();的masterAdminUser中间件 go; . . Therefore your adminUser will not have a chance to go through the admin Middleware and not be able to access the Categories.因此,您的adminUser将没有机会通过管理中间件访问 go 并且无法访问类别。
A solution for this would be to handle your role management in a single middleware, for example, a CategoryMiddleware .一个解决方案是在单个中间件中处理您的角色管理,例如CategoryMiddleware 。 This middleware will check the role and return back();这个中间件会检查角色并return back(); only if not allowed只有在不允许的情况下
A cleaner Laravel solution would be to use Policies, that seems very suited for your situation - you can have a look at the documentation .更清洁的 Laravel 解决方案是使用策略,这似乎非常适合您的情况 - 您可以查看文档。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.