我正在研究Laravel中间件的一些问题。我要完成的是注册用户具有4个角色。 1.主管理员2.管理员3.卖方4.客户。我希望我的主管理员,管理员和卖方可以访问我的CategoryController,而客户不能访问它,但是当我将中间件放入控制器的构造函数中时,它只允许masteradmin访问CategoryController并返回admin和卖方用户。请为我提供建议。
Kernel.php $ routemiddleware:
'checkrole' => \App\Http\Middleware\CheckRole::class,
'admincheck' => \App\Http\Middleware\Admin::class,
'sellercheck' => \App\Http\Middleware\Seller::class,
'customercheck' => \App\Http\Middleware\Customer::class,
'masteradmin' => \App\Http\Middleware\MasterAdmin::class,
http / Middleware / CheckRole
public function handle($request, Closure $next)
{
if(Auth::user()->user_role == 1)
{
return redirect('admin');
}
elseif(Auth::user()->user_role == 2)
{
return redirect('seller');
}
elseif(Auth::user()->user_role == 3)
{
return redirect('customer');
}
return $next($request);
}
http / Middleware / MasterAdmin
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 0)
{
return back();
}
return $next($request);
}
http / Middleware / Admin
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 1)
{
return back();
}
return $next($request);
}
http / Middleware /卖方
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 2)
{
return back();
}
return $next($request);
}
Http /中间件/客户
public function handle($request, Closure $next)
{
if(Auth::user()->user_role != 3)
{
return back();
}
return $next($request);
}
CategoryController:
class CategoryController extends Controller
{
public function __construct()
{
$this->middleware('auth');
$this->middleware('verified');
$this->middleware('masteradmin');
$this->middleware('admincheck');
$this->middleware('sellercheck');
// $this->authorizeResource(Category::class, 'category');
}
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
return view('category.index');
}
HomeController
class HomeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth');
$this->middleware('verified');
$this->middleware('checkrole');
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('home');
}
现在无法正常工作,我想让一个或多个用户访问我的整个控制器,请提前告知我如何实现此感谢
问题是您的adminUser
将必须通过masterAdminUser
的return back();
中间件。因此,您的adminUser
将没有机会通过管理员中间件,也无法访问类别。
一种解决方案是在单个中间件(例如CategoryMiddleware
)中处理角色管理。该中间件将检查角色,并且仅在不允许的情况下检查return back();
更干净的Laravel解决方案是使用策略,这似乎非常适合您的情况-您可以查看documentation。