Andrew M
Reputation: 391
Grouped routes not working with filters
I can't seem to get my filters to work with my grouped routes. No matter what I try I am always able to access the route when im not suppose to. I'm still a bit new to laravel and I can't figure this out why it wont work.
Here is the route
Route::group(array('prefix' => 'bf4'), function()
{
Route::get('scoreboard', 'HomeController@bf4scoreboard');
Route::get('playerinfo/{id}', 'PlayerController@bf4info')->where('id', '[0-9]+');
Route::get('playersearch', 'PlayerController@searchbf4');
Route::post('playersearch', 'PlayerController@searchbf4');
// Only users with the permission to view the battlefield 4 admin section are allowed
Route::group(array('prefix' => 'admin', 'before' => 'bf4_admin'), function()
{
Route::get('records', 'BattlefieldAdminController@showAdKatRecords');
});
});
Here is the filter
Route::filter('bf4_admin', function()
{
if(!Entrust::can('viewbf4admin'))
{
return Redirect::to('/');
}
});
Problem is it will always allow me to view that page when it shouldn't as I don't have the permission to view it on the user role.
What am I doing wrong?
EDIT 1
Here is the full routes file. Its messy but will be cleaned up later.
App::missing(function($exception)
{
return View::make('error.404');
});
App::error(function(ModelNotFoundException $e)
{
return Response::view('error.404');
});
Route::resource('upload', 'FileController');
Route::group(array('prefix' => 'user'), function()
{
Route::post('/create', 'UserController@store');
Route::get('/login', 'UserController@login');
Route::post('/login', 'UserController@do_login');
Route::get('/confirm/{code}', 'UserController@confirm');
Route::post('/forgot_password', 'UserController@do_forgot_password');
Route::get('/reset_password/{token}', 'UserController@reset_password');
Route::post('/reset_password', 'UserController@do_reset_password');
Route::get('/logout', 'UserController@logout');
});
Route::group(array('before' => 'auth'), function()
{
Route::get('user/profile/{username?}', 'UserController@show_profile');
//Route::get('/profile/{name?}', 'UserController@show_profile');
Route::get('/profile/edit', 'UserController@edit_profile');
});
// Begin API Route
Route::group(array('prefix' => 'api'), function()
{
// General Battlefield Routes
Route::group(array('prefix' => 'battlefield'), function()
{
Route::get('scoreboard/{id}/chat', function($id)
{
$isBF4 = (DB::table('tbl_server')->join('tbl_games', 'tbl_server.GameID', '=', 'tbl_games.GameID')->where('ServerID', $id)->pluck('Name') == 'BF4') ? TRUE : FALSE;
return Response::json(Helper::getServerChatScoreboard($id, $isBF4));
});
Route::post('adminReports', array('before' => 'auth'), function()
{
return Response::json(Helper::getAdminReports());
});
Route::post('playerSearch/{name?}', function($name = FALSE)
{
return Response::json(Helper::searchForPlayer($name));
});
Route::get('playerInfo/{id?}', function($playerid = FALSE)
{
$info = Helper::buildPlayerProfile($playerid);
if(isset($info['status']) && $info['status'] == 'error') return Response::json($info, 404);
return Response::json($info);
})->where('id', '[0-9]+');
});
// Battlefield 3 Specific Routes
Route::group(array('prefix' => 'battlefield/3'), function()
{
Route::get('scoreboard/{id}', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf3Scoreboard;
return $b->initialize($id);
});
Route::post('scoreboard/{id}/admin', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf3Admin;
return $b->initialize($id);
});
Route::get('population', function()
{
$gameid = DB::table('tbl_games')->where('Name', 'BF3')->pluck('GameID');
return Response::json(Helper::fetchServerPopulation($gameid));
});
});
Route::post('bf3/admin_reports', function()
{
return Response::json(array('status' => 'success'));
});
Route::group(array('prefix' => 'battlefield/4'), function()
{
Route::get('scoreboard/{id}', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf4Scoreboard;
return $b->initialize($id);
});
Route::post('scoreboard/{id}/admin', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf4Admin;
return $b->initialize($id);
});
Route::get('premessage', function()
{
return Helper::fetchPreMessages(Input::get('id'));
});
Route::get('population', function()
{
$gameid = DB::table('tbl_games')->where('Name', 'BF4')->pluck('GameID');
return Response::json(Helper::fetchServerPopulation($gameid));
});
});
Route::group(array('prefix' => 'common'), function()
{
Route::post('adminReports', function()
{
return Response::json(Helper::getAdminReports());
});
Route::get('/repofeed', function()
{
return Response::json(Helper::fetchRepoActivity());
});
});
});
// End API Route
// Begin Page Route
Route::get('install', 'SetupController@install');
Route::get('/', function()
{
return Redirect::to('/dashboard');
});
Route::get('dashboard', 'HomeController@index');
Route::group(array('prefix' => 'bf4'), function()
{
Route::get('scoreboard', 'HomeController@bf4scoreboard');
Route::get('playerinfo/{id}', 'PlayerController@bf4info')->where('id', '[0-9]+');
Route::get('playersearch', 'PlayerController@searchbf4');
Route::post('playersearch', 'PlayerController@searchbf4');
// Only users with the permission to view the battlefield 4 admin section are allowed
Route::group(array('prefix' => 'admin', 'before' => 'bf4_admin'), function()
{
Route::get('records', 'BattlefieldAdminController@showAdKatRecords');
});
});
Route::group(array('prefix' => 'bf3'), function()
{
Route::get('scoreboard', 'HomeController@bf3scoreboard');
Route::get('playerinfo/{id}', 'PlayerController@bf3info')->where('id', '[0-9]+');
Route::get('playersearch', 'PlayerController@searchbf3');
Route::post('playersearch', 'PlayerController@searchbf3');
Route::group(array('prefix' => 'admin', 'before' => 'bf3_admin'), function()
{
Route::get('records', 'BattlefieldAdminController@showAdKatRecords');
});
});
Route::when('admin/*', 'site_admin');
Route::group(array('prefix' => 'admin', 'before' => 'auth'), function()
{
Route::get('memberlist', 'AdminController@memberList');
Route::get('user/{id}', 'AdminController@showuser')->where('id', '[0-9]+');
Route::get('user/{id}/edit', 'AdminController@edituser')->where('id', '[0-9]+');
Route::post('user/{id}/edit', 'AdminController@do_edituser')->where('id', '[0-9]+');
});
// End Page Route
Upvotes: 0
Views: 221
Answers (1)
Antonio Carlos Ribeiro
Reputation: 87719
It works fine for me. I copied everything to my routes file and did some changes just to ignore Entrust and show a denied message in the filter:
Hitting http://server.dev/site/bf4/admin/records gives me denied. So the filter is working and redirection also worked, I just removed it to see a clear message.
Copy this all to your routes files and try the same. If it doesn't work, you might have a problem somewhere else:
App::missing(function($exception)
{
return View::make('error.404');
});
App::error(function(ModelNotFoundException $e)
{
return Response::view('error.404');
});
Route::filter('bf4_admin', function()
{
return 'denied';
});
Route::resource('upload', 'FileController');
Route::group(array('prefix' => 'user'), function()
{
Route::post('/create', 'UserController@store');
Route::get('/login', 'UserController@login');
Route::post('/login', 'UserController@do_login');
Route::get('/confirm/{code}', 'UserController@confirm');
Route::post('/forgot_password', 'UserController@do_forgot_password');
Route::get('/reset_password/{token}', 'UserController@reset_password');
Route::post('/reset_password', 'UserController@do_reset_password');
Route::get('/logout', 'UserController@logout');
});
Route::group(array('before' => 'auth'), function()
{
Route::get('user/profile/{username?}', 'UserController@show_profile');
//Route::get('/profile/{name?}', 'UserController@show_profile');
Route::get('/profile/edit', 'UserController@edit_profile');
});
// Begin API Route
Route::group(array('prefix' => 'api'), function()
{
// General Battlefield Routes
Route::group(array('prefix' => 'battlefield'), function()
{
Route::get('scoreboard/{id}/chat', function($id)
{
$isBF4 = (DB::table('tbl_server')->join('tbl_games', 'tbl_server.GameID', '=', 'tbl_games.GameID')->where('ServerID', $id)->pluck('Name') == 'BF4') ? TRUE : FALSE;
return Response::json(Helper::getServerChatScoreboard($id, $isBF4));
});
Route::post('adminReports', array('before' => 'auth'), function()
{
return Response::json(Helper::getAdminReports());
});
Route::post('playerSearch/{name?}', function($name = FALSE)
{
return Response::json(Helper::searchForPlayer($name));
});
Route::get('playerInfo/{id?}', function($playerid = FALSE)
{
$info = Helper::buildPlayerProfile($playerid);
if(isset($info['status']) && $info['status'] == 'error') return Response::json($info, 404);
return Response::json($info);
})->where('id', '[0-9]+');
});
// Battlefield 3 Specific Routes
Route::group(array('prefix' => 'battlefield/3'), function()
{
Route::get('scoreboard/{id}', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf3Scoreboard;
return $b->initialize($id);
});
Route::post('scoreboard/{id}/admin', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf3Admin;
return $b->initialize($id);
});
Route::get('population', function()
{
$gameid = DB::table('tbl_games')->where('Name', 'BF3')->pluck('GameID');
return Response::json(Helper::fetchServerPopulation($gameid));
});
});
Route::post('bf3/admin_reports', function()
{
return Response::json(array('status' => 'success'));
});
Route::group(array('prefix' => 'battlefield/4'), function()
{
Route::get('scoreboard/{id}', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf4Scoreboard;
return $b->initialize($id);
});
Route::post('scoreboard/{id}/admin', function($id = NULL)
{
$b = new App\Models\Battlefield\Bf4Admin;
return $b->initialize($id);
});
Route::get('premessage', function()
{
return Helper::fetchPreMessages(Input::get('id'));
});
Route::get('population', function()
{
$gameid = DB::table('tbl_games')->where('Name', 'BF4')->pluck('GameID');
return Response::json(Helper::fetchServerPopulation($gameid));
});
});
Route::group(array('prefix' => 'common'), function()
{
Route::post('adminReports', function()
{
return Response::json(Helper::getAdminReports());
});
Route::get('/repofeed', function()
{
return Response::json(Helper::fetchRepoActivity());
});
});
});
// End API Route
// Begin Page Route
Route::get('install', 'SetupController@install');
Route::get('/', function()
{
return 'home';
});
Route::get('dashboard', 'HomeController@index');
Route::group(array('prefix' => 'bf4'), function()
{
Route::get('scoreboard', 'HomeController@bf4scoreboard');
Route::get('playerinfo/{id}', 'PlayerController@bf4info')->where('id', '[0-9]+');
Route::get('playersearch', 'PlayerController@searchbf4');
Route::post('playersearch', 'PlayerController@searchbf4');
// Only users with the permission to view the battlefield 4 admin section are allowed
Route::group(array('prefix' => 'admin', 'before' => 'bf4_admin'), function()
{
Route::get('records', 'BattlefieldAdminController@showAdKatRecords');
});
});
Route::group(array('prefix' => 'bf3'), function()
{
Route::get('scoreboard', 'HomeController@bf3scoreboard');
Route::get('playerinfo/{id}', 'PlayerController@bf3info')->where('id', '[0-9]+');
Route::get('playersearch', 'PlayerController@searchbf3');
Route::post('playersearch', 'PlayerController@searchbf3');
Route::group(array('prefix' => 'admin', 'before' => 'bf3_admin'), function()
{
Route::get('records', 'BattlefieldAdminController@showAdKatRecords');
});
});
Route::when('admin/*', 'site_admin');
Route::group(array('prefix' => 'admin', 'before' => 'auth'), function()
{
Route::get('memberlist', 'AdminController@memberList');
Route::get('user/{id}', 'AdminController@showuser')->where('id', '[0-9]+');
Route::get('user/{id}/edit', 'AdminController@edituser')->where('id', '[0-9]+');
Route::post('user/{id}/edit', 'AdminController@do_edituser')->where('id', '[0-9]+');
});
// +--------+----------------------------------------------+----------------------------------------------+---------------------------------------------+------------------+---------------+
// | Domain | URI | Name | Action | Before Filters | After Filters |
// +--------+----------------------------------------------+----------------------------------------------+---------------------------------------------+------------------+---------------+
// | | GET upload | upload.index | FileController@index | | |
// | | GET upload/create | upload.create | FileController@create | | |
// | | POST upload | upload.store | FileController@store | | |
// | | GET upload/{upload} | upload.show | FileController@show | | |
// | | GET upload/{upload}/edit | upload.edit | FileController@edit | | |
// | | PUT upload/{upload} | upload.update | FileController@update | | |
// | | PATCH upload/{upload} | | FileController@update | | |
// | | DELETE upload/{upload} | upload.destroy | FileController@destroy | | |
// | | POST user/create | | UserController@store | | |
// | | GET user/login | | UserController@login | | |
// | | POST user/login | | UserController@do_login | | |
// | | GET user/confirm/{code} | | UserController@confirm | | |
// | | POST user/forgot_password | | UserController@do_forgot_password | | |
// | | GET user/reset_password/{token} | | UserController@reset_password | | |
// | | POST user/reset_password | | UserController@do_reset_password | | |
// | | GET user/logout | | UserController@logout | | |
// | | GET user/profile/{username?} | | UserController@show_profile | auth | |
// | | GET profile/edit | | UserController@edit_profile | auth | |
// | | GET api/battlefield/scoreboard/{id}/chat | | Closure | | |
// | | POST api/battlefield/adminReports | | Closure | auth | |
// | | POST api/battlefield/playerSearch/{name?} | | Closure | | |
// | | GET api/battlefield/playerInfo/{id?} | | Closure | | |
// | | GET api/battlefield/3/scoreboard/{id} | | Closure | | |
// | | POST api/battlefield/3/scoreboard/{id}/admin | | Closure | | |
// | | GET api/battlefield/3/population | | Closure | | |
// | | POST api/bf3/admin_reports | | Closure | | |
// | | GET api/battlefield/4/scoreboard/{id} | | Closure | | |
// | | POST api/battlefield/4/scoreboard/{id}/admin | | Closure | | |
// | | GET api/battlefield/4/premessage | | Closure | | |
// | | GET api/battlefield/4/population | | Closure | | |
// | | POST api/common/adminReports | | Closure | | |
// | | GET api/common/repofeed | | Closure | | |
// | | GET install | | SetupController@install | | |
// | | GET / | | Closure | | |
// | | GET dashboard | | HomeController@index | | |
// | | GET bf4/scoreboard | | HomeController@bf4scoreboard | | |
// | | GET bf4/playerinfo/{id} | | PlayerController@bf4info | | |
// | | GET bf4/playersearch | | PlayerController@searchbf4 | | |
// | | POST bf4/playersearch | | PlayerController@searchbf4 | | |
// | | GET bf4/admin/records | | BattlefieldAdminController@showAdKatRecords | bf4_admin | |
// | | GET bf3/scoreboard | | HomeController@bf3scoreboard | | |
// | | GET bf3/playerinfo/{id} | | PlayerController@bf3info | | |
// | | GET bf3/playersearch | | PlayerController@searchbf3 | | |
// | | POST bf3/playersearch | | PlayerController@searchbf3 | | |
// | | GET bf3/admin/records | | BattlefieldAdminController@showAdKatRecords | bf3_admin | |
// | | GET admin/memberlist | | AdminController@memberList | auth, site_admin | |
// | | GET admin/user/{id} | | AdminController@showuser | auth, site_admin | |
// | | GET admin/user/{id}/edit | | AdminController@edituser | auth, site_admin | |
// | | POST admin/user/{id}/edit | | AdminController@do_edituser | auth, site_admin | |
// +--------+----------------------------------------------+----------------------------------------------+---------------------------------------------+------------------+---------------+
Upvotes: 1
Related Questions
- Laravel Route::group[] not working correctly
- Laravel 5.6 Route Group
- Laravel route group parameters
- How to apply multiple filters on Laravel 4 route group?
- Laravel 5 exception routes from filter in route groups
- Custom Laravel Route Filter Not Working
- How to apply multiple filters on route group in Laravel 4?
- How to properly filter your route::group in Laravel 4?
- Laravel routing : nested Route::group
- laravel filter group routes with same name