Stephenmelb
Reputation: 457
Laravel Sentry restrict Edit permissions to Creator
I am using Laravel to build a simple Movie management System.
When a User creates a Movie in my DB, I use the following
public function store()
{
$input = Input::except('_token');
$id = Helpers::loggedInUser()->id;
$input['creator_id'] = $id;
$this->title->create($input);
return Redirect::back()->withSuccess( trans('main.created successfully') );
}
This successfully passes the users id and stores in it a creator_id field
I want to restrict users from editing Movies which they did not create. So in the edit function I have
public function edit($title)
{
$title = $this->title->byURi( e($title) );
$id = Helpers::loggedInUser()->id;
$titleuser=$title['creator_id'];
if ( $titleuser = $id )
{
return View::make('Titles.Edit')->withTitle($title)->withType('movies');
}
}
However, this does not seem to work. Anyone with a movie.edit permission in my sentry user db can still see the view.
Upvotes: 0
Views: 117
Answers (1)
ManiacTwister
Reputation: 321
If you compare two variables you have to use two equal signs, otherwise you set the first variable to the value of the second.
if ( $titleuser == $id )
Upvotes: 1
Related Questions
- how to set permissions by the owner using sentry laravel 4
- How to Use Permissions in Sentry for Laravel application
- How to: implement sentry 2 permissions with Laravel 4?
- Laravel 4 & Sentry
- laravel5 user role and permission
- Laravel 4.1 - Sentry 2 User group access/permission
- Sentry 2 for laravel 4 ACL
- Best way to check permissions with sentry 2 at Laravel
- Sentry 2 - Create Group Permissions - Laravel Package
- Laravel 4, Sentry 2 and user permissions