Implementing Laravel-Roles (https://github.com/jeremykenedy/laravel-roles) on an ecommerce website I found problems implementing policies to give user access into resources.
As an example, Im working on model 'salesorder'
1- my idea is to use policies to give user access into controllers resources.
my current policy 'SalesOrderPolicy' displays the following code, eg:
public function view(User $user)
{
$method = (string)$this->ability;
if ($user->hasPermission(view.salesorder) === null) {
return 0;
}
return $user->hasPermission(view.salesorder);
}
2- my db was fulfilled with permissions in Permissions Table, in this case (view, edit.. for SalesOrder): 
3- In my controller Im using: authorize('view), salesorder::class to include the policy.
public function index(Request $request)
{
$this->authorize('view', SalesOrder::class);
$salesOrders = $this->sales->all(array('*'), $request->scope);
return view('salesorder.view_salesorders')->with(compact('salesOrders'));
}
In all cases I receive forbidden access error.
to put plain and simple, my idea is to display to a user only its salesorders (and not all the database, as its happening now).
But despite I read documents, including a similar github project with name bican/roles, I cannot understand how can I work with Policies for view, create, edit, delete -> for each model in my app -> displaying table with view results only when records belongs to the userid that is currently logged.
from Newest questions tagged laravel-5 - Stack Overflow https://ift.tt/2Qfc7IX
via IFTTT
Aucun commentaire:
Enregistrer un commentaire