Laravel中间件多重角色

问题描述 投票:0回答:1

我正在研究Laravel中间件的一些问题。我要完成的是注册用户具有4个角色。 1.主管理员2.管理员3.卖方4.客户。我希望我的主管理员,管理员和卖方可以访问我的CategoryController,而客户不能访问它,但是当我将中间件放入控制器的构造函数中时,它只允许masteradmin访问CategoryController并返回admin和卖方用户。请为我提供建议。

Kernel.php $ routemiddleware:

    'checkrole' => \App\Http\Middleware\CheckRole::class,
    'admincheck' => \App\Http\Middleware\Admin::class,
    'sellercheck' => \App\Http\Middleware\Seller::class,
    'customercheck' => \App\Http\Middleware\Customer::class,
    'masteradmin' => \App\Http\Middleware\MasterAdmin::class,

http / Middleware / CheckRole

    public function handle($request, Closure $next)
{
    if(Auth::user()->user_role  == 1)
    {
      return redirect('admin');
    }
    elseif(Auth::user()->user_role  == 2)
    {
      return redirect('seller');
    }
    elseif(Auth::user()->user_role  == 3)
    {
      return redirect('customer');
    }
      return $next($request);
}

http / Middleware / MasterAdmin

    public function handle($request, Closure $next)
{
  if(Auth::user()->user_role != 0)
  {
    return back();
  }
    return $next($request);
}

http / Middleware / Admin

  public function handle($request, Closure $next)
{
  if(Auth::user()->user_role != 1)
  {
    return back();
  }
    return $next($request);
}

http / Middleware /卖方

  public function handle($request, Closure $next)
{
  if(Auth::user()->user_role != 2)
  {
    return back();
  }
    return $next($request);
}

Http /中间件/客户

    public function handle($request, Closure $next)
{
    if(Auth::user()->user_role != 3)
    {
      return back();
    }
    return $next($request);
}

CategoryController:

    class CategoryController extends Controller
{
    public function __construct()
    {
      $this->middleware('auth');
      $this->middleware('verified');
      $this->middleware('masteradmin');
      $this->middleware('admincheck');
      $this->middleware('sellercheck');
      // $this->authorizeResource(Category::class, 'category');
    }
    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function index()
    {
     return view('category.index');
    }

HomeController

class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth');
        $this->middleware('verified');
        $this->middleware('checkrole');
    }

    /**
     * Show the application dashboard.
     *
     * @return \Illuminate\Contracts\Support\Renderable
     */
    public function index()
    {
        return view('home');
    }

现在无法正常工作,我想让一个或多个用户访问我的整个控制器,请提前告知我如何实现此感谢

php laravel user-permissions laravel-middleware laravel-7
1个回答
0
投票

问题是您的adminUser将必须通过masterAdminUserreturn back();中间件。因此,您的adminUser将没有机会通过管理员中间件,也无法访问类别。

一种解决方案是在单个中间件(例如CategoryMiddleware)中处理角色管理。该中间件将检查角色,并且仅在不允许的情况下检查return back();

更干净的Laravel解决方案是使用策略,这似乎非常适合您的情况-您可以查看documentation

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.