stackoom
  简体   繁体   中英

Why does my Laravel policy always return false?

 原文  2021-02-11 18:59:50       php/ laravel/ vue.js/ laravel-8/ laravel-authorization

Question

The code for the policy is here:

class userOwnedClassPolicy
{
    use HandlesAuthorization;
    ...
    public function create(User $user)
    {
        return ($user->userType == 'teacher');
    }
    ...
}

This policy is registered thusly in the AuthServiceProvider.php file:

class AuthServiceProvider extends ServiceProvider
{
    //Map models to authorization policies.
    protected $policies = [
        App\Models\classMember::class => App\Policies\classMemberPolicy::class,
        App\Models\evaluation::class => App\Policies\evaluationPolicy::class,
        App\Models\group::class => App\Policies\groupPolicy::class,
        App\Models\groupMember::class => App\Policies\groupMemberPolicy::class,
        App\Models\sharedClass::class => App\Policies\sharedClassPolicy::class,
        App\Models\slg::class => App\Policies\slgPolicy::class,
        App\Models\spreadsheet::class => App\Policies\spreadsheetPolicy::class,
        App\Models\spreadsheetValue::class => App\Policies\spreadsheetValuePolicy::class,
        App\Models\teacher::class => App\Policies\teacherPolicy::class,
        App\Models\test::class => App\Policies\testPolicy::class,
        App\Models\userOwnedClass::class => App\Policies\userOwnedClassPolicy::class
    ];

    public function boot()
    {
        $this->registerPolicies();
    }
}

(I have tried registering the policies using strings of the file paths as well, but this accomplishes nothing.)

The relevant section of controller code is here: 

class ClassController extends Controller
{
    ...
    public function store(Request $postReq)
    {
        $this->authorize('create', Auth::user());
        userOwnedClass::create([
            'name' => $postReq->input('className'),
            'ownerId' => Auth::user()->id
        ]);
    }
    ...
}

I have tried substituting the code in the policy's create method with return true , but even that fails. What have I done wrong, and why does the controller always return a 403 error when called?

1 answers

solution1
 0  2021-02-11 20:15:31

As you created policy userOwnedClassPolicy and set it for userOwnedClass model in AuthServiceProvider here:

App\Models\userOwnedClass::class => App\Policies\userOwnedClassPolicy::class

you cannot just run policy method:

$this->authorize('create', Auth::user());

When you run this line above, you tell - check create method for policy for \App\Models\User object, but you don't have any policy created for this model.

So in this case you should run it like so:

$this->authorize('create', \App\Models\userOwnedClass::class);

Then Laravel will know that it should run create method from userOwnedClassPolicy policy and it will automatically pass currently authenticated user into $user variable in policy method.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question why does my function always return false? laravel8 - why my $request always return false Why does my ACF custom field return always false or array? Authorize or can methods always return false for laravel policy Why Laravel Auth::check always return false? Laravel resource policy always false laravel policy authorize always false Why does my second function always return false? Also, why does code in my if statement run regardless? laravel 5 Authentication always return false Laravel middlewares always return false
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM