Ray Paras
Reputation: 157
route resource update and delete not working using multiple roles except store laravel 8
I want to delete my admin product using a route resource. But when I submit, it goes to page 404 same as update method.. But my URL id is showing...
This is the URL on destroy method http://127.0.0.1:8000/admin/1 but the store is working fine. It's directing to my URL and stored in database.
This is my store method on Admin/ProductController resource:
public function store(Request $request)
{
$request['user_id'] = auth()->user()->id;
Product::create($request->all());
return redirect()->back();
}
This is my destroy method on Admin/ProductController resource:
public function destroy($id)
{
Product::where('id', $id->id)->delete();
return redirect()->back();
}
Here is my form action store method. This form is working fine:
<form method="post" action="{{route('admin.store')}}">
<input type="text" name="category" class="form-control">
<button type="submit" class="btn btn-primary">Save changes</button>
</form>
Here is my form action delete. The problem is when I submit, it goes to 404 page:
<form method="post" action="{{ route('admin.destroy', $product->id) }}">
<input type="text" name="category" class="form-control">
<button type="submit" class="btn btn-primary">Save changes</button>
</form>
Here is my route user and admin:
Route::get('/', function () {
return view('welcome');
});
Auth::routes();
Route::group(['as' => 'user.', 'prefix' => 'users', 'namespace' => 'App\Http\Controllers\Users'], function() {
Route::get('/', [App\Http\Controllers\Users\UsersController::class, 'index']);
Route::resources(['/' => ProductController::class], ['except' => ['index']]);
});
Route::group(['middleware' => 'admin', 'as' => 'admin.', 'prefix' => 'admin', 'namespace' => 'App\Http\Controllers\Admin'], function() {
Route::get('/', [App\Http\Controllers\Admin\AdminController::class, 'index']);
Route::resources(['/' => ProductController::class], ['except' => ['index']]);
});
Here is my route list:
+--------+-----------+------------------------+------------------+------------------------------------------------------------------------+------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+-----------+------------------------+------------------+------------------------------------------------------------------------+------------+
| | GET|HEAD | / | | Closure | web |
| | POST | admin | admin.store | App\Http\Controllers\Admin\ProductController@store | web |
| | | | | | admin |
| | GET|HEAD | admin | admin.index | App\Http\Controllers\Admin\ProductController@index | web |
| | | | | | admin |
| | GET|HEAD | admin/create | admin.create | App\Http\Controllers\Admin\ProductController@create | web |
| | | | | | admin |
| | DELETE | admin/{} | admin.destroy | App\Http\Controllers\Admin\ProductController@destroy | web |
| | | | | | admin |
| | PUT|PATCH | admin/{} | admin.update | App\Http\Controllers\Admin\ProductController@update | web |
| | | | | | admin |
| | GET|HEAD | admin/{} | admin.show | App\Http\Controllers\Admin\ProductController@show | web |
| | | | | | admin |
| | GET|HEAD | admin/{}/edit | admin.edit | App\Http\Controllers\Admin\ProductController@edit | web |
| | | | | | admin |
| | GET|HEAD | api/user | | Closure | api |
| | | | | | auth:api |
| | POST | login | | App\Http\Controllers\Auth\LoginController@login | web |
| | | | | | guest |
| | GET|HEAD | login | login | App\Http\Controllers\Auth\LoginController@showLoginForm | web |
| | | | | | guest |
| | POST | logout | logout | App\Http\Controllers\Auth\LoginController@logout | web |
| | GET|HEAD | password/confirm | password.confirm | App\Http\Controllers\Auth\ConfirmPasswordController@showConfirmForm | web |
| | | | | | auth |
| | POST | password/confirm | | App\Http\Controllers\Auth\ConfirmPasswordController@confirm | web |
| | | | | | auth |
| | POST | password/email | password.email | App\Http\Controllers\Auth\ForgotPasswordController@sendResetLinkEmail | web |
| | GET|HEAD | password/reset | password.request | App\Http\Controllers\Auth\ForgotPasswordController@showLinkRequestForm | web |
| | POST | password/reset | password.update | App\Http\Controllers\Auth\ResetPasswordController@reset | web |
| | GET|HEAD | password/reset/{token} | password.reset | App\Http\Controllers\Auth\ResetPasswordController@showResetForm | web |
| | GET|HEAD | register | register | App\Http\Controllers\Auth\RegisterController@showRegistrationForm | web |
| | | | | | guest |
| | POST | register | | App\Http\Controllers\Auth\RegisterController@register | web |
| | | | | | guest |
| | GET|HEAD | users | user. | App\Http\Controllers\Users\UsersController@index | web |
| | POST | users | user.store | App\Http\Controllers\Users\ProductController@store | web |
| | | | | | auth |
| | GET|HEAD | users/create | user.create | App\Http\Controllers\Users\ProductController@create | web |
| | | | | | auth |
| | DELETE | users/{} | user.destroy | App\Http\Controllers\Users\ProductController@destroy | web |
| | | | | | auth |
| | GET|HEAD | users/{} | user.show | App\Http\Controllers\Users\ProductController@show | web |
| | | | | | auth |
| | PUT|PATCH | users/{} | user.update | App\Http\Controllers\Users\ProductController@update | web |
| | | | | | auth |
| | GET|HEAD | users/{}/edit | user.edit | App\Http\Controllers\Users\ProductController@edit | web |
| | | | | | auth |
+--------+-----------+------------------------+------------------+---------------------------------------
Here is my App\Http\Auth\LoginController:
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
class LoginController extends Controller
{
use AuthenticatesUsers;
protected $redirectTo = RouteServiceProvider::HOME;
public function __construct()
{
$this->middleware('guest')->except('logout');
}
public function login(Request $request)
{
$inputVal = $request->all();
$this->validate($request, [
'email' => 'required|email',
'password' => 'required',
]);
if (auth()->attempt(['email' => $inputVal['email'], 'password' => $inputVal['password']])) {
if (auth()->user()->role == 'admin') {
return redirect()->route('admin.');
} else {
return redirect()->route('user');
}
} else {
return redirect()->route('login')
->with('error', 'Email & Password are incorrect.');
}
}
}
Here is my admin middleware:
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class Admin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
if (auth()->user()->role === 'admin') {
return $next($request);
}
return redirect()->back();
}
}
I don't know what is wrong on this, store is working but the update and destroy is not. I guess the error is on route or middleware.
Upvotes: 0
Views: 2279
Answers (2)
A.A Noman
Reputation: 5270
If your method is post then you have to also add CSRF
<form method="post" action="{{ route('admin.destroy', $product->id) }}">
{{ csrf_field() }}
{{ method_field('delete') }}
<input type="text" name="category" class="form-control">
<button type="submit" class="btn btn-primary">Save changes</button>
</form>
Upvotes: 1
matiaslauriti
Reputation: 8082
I think your problem is that your are not telling your delete form to use DELETE action. Because of HTML, you cannot use action="delete" so you have to fake it and Blade allows you to do that.
So try this:
<form method="post" action="{{ route('admin.destroy', $product->id) }}">
@csrf
@method('DELETE')
<input type="text" name="category" class="form-control">
<button type="submit" class="btn btn-primary">Save changes</button>
</form>
More info about it on the Blade documentation.
Same fix should be applied in your update, you should use @method('PUT') after your update form's tag.
Upvotes: 1
Related Questions
- Laravel middleware with multiple roles
- Same route defined with different middleware called last wirted route issue
- Laravel same route for different middlewares
- Middleware doesn't protect routes based on role
- How you can use 2 roles on 1 route?
- Route resource destroy not working laravel
- Laravel Middleware Assigning Multiple Role not Worked
- Laravel Middleware doesn't work properly for Role Middleware
- Laravel roles on routes
- Laravel resource routing - update throws "method not allowed" error