laravel 5.4 - how to prevent one's role from being able to access the property of another role?
Question
I have an inventory app that has three different roles, namely operator, admin, and super admin.
the problem is when I enter with one of the roles, I can access the menu belongs to another role by writing the link from the menu in the browser's link bar.
example
in the admin page there is a backup and restore menu, link: /admin/backupAndRestore
then I log in as an operator
in the operator page there is only the item borrowing and return item menu, but if I write a link of the admin backup and restore menu in the browser's link bar like localhost: 8000/admin/backupAndRestore I can access the page.
I want to make it like a user who has logged in can not access the register or login page and redirected to the home page, what should I do?
1 answers
solution1
1 2018-02-05 23:49:43
The functionality you are looking for is known as authorization in the Laravel framework. Since you can technically implement user roles in many different ways, it is not realistic to post a code example for you here. Instead, I recommend you read the entire documentation page on authorization and then devise an implementation that works for your setup. It is most likely that you will want to build your logic using Policies , which are classes that organize authorization logic around a particular model.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.