Roo
Reputation: 427
Laravel Policies not stopping delete action
I have just started using Policies within Laravel 5.4 to handle my authorization. I have been following the official documentation and created a PostPolicy.
<?php
namespace App\Policies;
use App\User;
use App\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
class PostPolicy
{
use HandlesAuthorization;
public function delete(User $user, Post $post)
{
return false;
//return $user->id === $post->user_id;
}
}
My goal is to stop the ability to delete a post using Policies. I am currently still able to delete and cannot find a way to implement these Policy rules.
Upvotes: 2
Views: 2313
Answers (1)
Alexey Mezenin
Reputation: 163768
You need to authorize actions. For example, you could do that:
if ($user->can('delete', $post)) {
Or in controller:
$this->authorize('delete', $post);
https://laravel.com/docs/5.5/authorization#authorizing-actions-using-policies
Upvotes: 3
Related Questions
- Laravel Eloquent delete() not working
- how to force delete in laravel 5.4
- Laravel - Soft delete isn't taking effect
- Laravel 5.4 CRUD DELETE Method not working, there is no reaction on clicking DELETE
- how to disable delete action in laravel encore admin
- Delete on Eloquent doesn't delete Laravel 5.4
- Laravel Policy Ignoring View, Update, and Delete but Create works just fine
- Laravel: cannot create correct DELETE action request
- Laravel , Eloquent delete not working
- Permanent Delete Option Not working