authorize 相关问题

Nginx 正则表达式如果 url 以单词结尾则返回 404

类似 /admin/somefile 的 URL?某些参数应该可以工作 像 /admin/somefile?someparameters#authorize 这样的 URL 应该返回 404 所以我在网址末尾寻找“#authorize” 现在我是

使用[Authorize]时请求超出配置的maxQueryStringLength

我有一个 C# 中的 MVC3 站点,我有一个从 JavaScript 函数提供查询参数的特定视图,该函数通过以下方式重定向到该站点 window.location.href = "../ActionName?" + 查询_...

Laravel 中的策略对我不起作用,这是我的代码

我无法让策略在我的 Laravel 项目中工作,我安装了一个新项目来从头开始测试,我有这个控制器: 我无法让策略在我的 Laravel 项目中工作,我安装了一个新项目来从头开始测试,我有这个控制器: <?php namespace App\Http\Controllers; use App\Http\Controllers\Controller; use Illuminate\Http\Request; use App\Models\User; class UserController extends Controller { public function index() { $this->authorize('viewAny', auth()->user()); return response("Hello world"); } } 本政策: <?php namespace App\Policies; use Illuminate\Auth\Access\Response; use App\Models\User; class UserPolicy { public function viewAny(User $user): bool { return true; } } 这是我的模型 <?php namespace App\Models; // use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; use Laravel\Sanctum\HasApiTokens; class User extends Authenticatable { use HasApiTokens, HasFactory, Notifiable; /** * The attributes that are mass assignable. * * @var array<int, string> */ protected $fillable = [ 'name', 'email', 'password', ]; /** * The attributes that should be hidden for serialization. * * @var array<int, string> */ protected $hidden = [ 'password', 'remember_token', ]; /** * The attributes that should be cast. * * @var array<string, string> */ protected $casts = [ 'email_verified_at' => 'datetime', 'password' => 'hashed', ]; } 我收到错误 403:此操作未经授权。我希望有人能帮助我解决我的问题。谢谢你 我也尝试过修改AuthServiceProvider文件,但没有任何改变。 必须在 App\Providers\AuthServiceProvider 中添加您的策略吗? protected $policies = [ User::class => UserPolicy::class ]; 您需要指定您正在使用的模型。具体来说,就是User。因此,传递当前登录的用户: $this->authorize('viewAny', auth()->user()); 此外,您正在尝试验证用户是否有权访问该页面。确保尝试访问该页面的人是用户,以便策略可以授权或不授权。 要在没有入门套件的情况下进行测试,请创建一个用户并使用它登录。 <?php namespace App\Http\Controllers; use Illuminate\Support\Facades\Auth; class UserController extends Controller { public function index() { $user = \App\Models\User::factory()->create(); Auth::login($user); $this->authorize('viewAny', auth()->user()); return response("Hello world"); } } 但是,如果您希望授予访客用户访问权限,您可以使用 ? 符号将 User 模型设为可选: public function viewAny(?User $user) { return true; }

Laravel POST 方法返回状态:405 不允许在 POST 方法上使用方法

请查找以下信息: NoteController.php 请查找以下信息: NoteController.php <?php namespace App\Http\Controllers; use App\Http\Requests\NoteRequest; use App\Models\Note; use Illuminate\Http\JsonResponse; class NoteController extends Controller { public function index():JsonResponse { $notes = Note::all(); return response()->json($notes, 200); } public function store(NoteRequest $request):JsonResponse { $note = Note::create( $request->all() ); return response()->json([ 'success' => true, 'data' => $note ], 201); } public function show($id):JsonResponse { $note = Note::find($id); return response()->json($note, 200); } public function update(NoteRequest $request, $id):JsonResponse { $note = Note::find($id); $note->update($request->all()); return response()->json([ 'success' => true, 'data' => $note, ], 200); } public function destroy($id):JsonResponse { Note::find($id)->delete(); return response()->json([ 'success' => true ], 200); } } NoteRequest.php <?php namespace App\Http\Requests; use Illuminate\Foundation\Http\FormRequest; class NoteRequest extends FormRequest { public function authorize() { return true; } public function rules() { return [ 'title', 'required|max:255|min:3', 'content', 'nullable|max:255|min:10', ]; } } Note.php(模型) <?php namespace App\Models; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Model; class Note extends Model { use HasFactory; protected $guarded = []; } api.php <?php use App\Http\Controllers\NoteController; use Illuminate\Support\Facades\Route; Route::prefix('v1')->group(function () { Route::resource('/note', NoteController::class); }); php artisan 路线:列表 GET|HEAD / ...................................................................................................................... POST _ignition/execute-solution ............... ignition.executeSolution › Spatie\LaravelIgnition › ExecuteSolutionController GET|HEAD _ignition/health-check ........................... ignition.healthCheck › Spatie\LaravelIgnition › HealthCheckController POST _ignition/update-config ........................ ignition.updateConfig › Spatie\LaravelIgnition › UpdateConfigController GET|HEAD api/v1/note .......................................................................... note.index › NoteController@index POST api/v1/note .......................................................................... note.store › NoteController@store GET|HEAD api/v1/note/create ................................................................. note.create › NoteController@create GET|HEAD api/v1/note/{note} ..................................................................... note.show › NoteController@show PUT|PATCH api/v1/note/{note} ................................................................. note.update › NoteController@update DELETE api/v1/note/{note} ............................................................... note.destroy › NoteController@destroy GET|HEAD api/v1/note/{note}/edit ................................................................ note.edit › NoteController@edit GET|HEAD sanctum/csrf-cookie .................................. sanctum.csrf-cookie › Laravel\Sanctum › CsrfCookieController@show 迅雷请求(同邮递员) JSON 请求 { "title": "Hello World", "content": "Lorem ipsum." } 尝试发出 JSON POST 请求并获取状态:405 方法不允许并且我正在使用 php artisan 服务,如果需要,我可以提供 GIT 项目。请告诉我。 您的验证规则看起来不正确。在您的 NoteRequest 类中,规则应该是一个关联数组,其中键是字段名称,值是验证规则。但是,在您的代码中,规则被定义为以逗号分隔的字符串列表。这可能会导致验证失败并返回 405 Method Not allowed 错误。 public function rules() { return [ 'title' => 'required|max:255|min:3', 'content' => 'nullable|max:255|min:10', ]; }

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.