Shiju S S
Reputation: 51
Implement ACL using Policies in Multi Auth Laravel 5.2
AuthService Provider:
public function boot(GateContract $gate)
{
$this->registerPolicies($gate);
$gate->define('show-user', function ($admin) {
return $admin->hasRole('Admin');
});
}
Admin is a Auth Guard
Controller :
public function edit($admin) {
if (Gate::allows('show-user'))
return 'allow';
else {
return 'deny';
}
}
Gate Always returns 'Deny'
I have a repository function doing the same job.
public function checkPermission($admin) {
return $this->auth->hasRole('Admin') || $this->auth->id === $admin->id;
}
Upvotes: 0
Views: 417
Answers (1)
Giovanni Casinelli
Reputation: 41
Why are you comparing $admin->roles to a string? From the property name looks like it might return more than one role, maybe as a comma-separated string or array? You have to make sure you check that 'Admin' is one of the roles.
For example if it returns an array you can do:
return in_array('Admin', $admin->roles);
Upvotes: 1
Related Questions
- How authorize for multiple user on Policies in laravel?
- Laravel - Authorize with other policy
- Laravel multi auth and authorize resource
- Policies with extra parameters
- Unable to get Policies working in Laravel 5.3
- Use multiple Auth guards for one Policy
- Role based ACL in Laravel
- How can I do Authorization Policies in Laravel 5.3?
- Laravel Authorization using Policies
- Laravel 5 Auth and ACL