I'm not sure how this hasn't been dealt with before, but how do I go about using VueJs and authorizing actions in Vue template?
If I'm using Laravel's blade, this is easy (using @can directive), but there's no documentation or any way to perform this in Vue after searching for hours on Google.
Now, I know I can simply load the users permissions into an array / JSON object inside the view, but there seems to be no way of displaying / hiding actions in Vue templates using Laravel's gate methods to determine if the user is allowed to perform the action on a specific record.
For example, there's a list of comments, but the user must own the comment to be able to see the 'edit' button.
The thing is, if I implement the logic in Vue, I'd be duplicating authorization logic throughout my entire backend and frontend for this.
Using Laravel's policy's, I'm able to perform complex authorization of specific actions. But I'm stumped as to how I would implement the policy in Vue.
There's also more complex scenarios, such as if a user that has an admin role is browsing comments, they should be able to edit it even if they don't own the comment.
Does anyone have any suggestions for this type of scenario?
EDIT:
Now I could add an attribute accessor to my models, for example:
Model:
class Comment extends Model
{
protected $appends = ['can_update'];
public function getCanUpdateAttribute()
{
return Gate::allows('update', $this);
}
}
Vue:
<button v-if="comment.can_update">Edit</button>
But this seems like I'm again duplicating logic that already exists inside my policies.
from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2xgBaSw
via IFTTT
Aucun commentaire:
Enregistrer un commentaire