All geek questions in one place

Laravel 5, Entrust - check roles that don't work

I am new to Laravel. I am trying to use Zizaco / entrust in Laravel 5 (from the laravel-5 branch). All working fine - attach rules, disable rules ... but when I try to check permissions, I have problems.

At first I try to use route.php, but at this point Entrust does not know who I am, hasRole and routeNeedsRole do not work in routes.php.

hasRole works in hasRole , but routeNeedsRole does not. An attempt to use as the second line of parameters, an array, the same effect - abort(403) is performed.

Because hasRole works, this problem looks very strange to me.

composer dump-autoload - used, but does not solve the problem

in routes.php

 Entrust::hasRole('superadmin');// => false \Entrust::routeNeedsRole('admin/dashboard', ['superadmin'], abort(403, 'Forbidden'), false); // display 403 page

in middleware

 \Entrust::hasRole('superadmin'); // => true \Entrust::routeNeedsRole('admin/dashboard', ['superadmin'], abort(403, 'Forbidden'), false); // display 403 page

My User.php Model

 use Zizaco\Entrust\Traits\EntrustUserTrait; class User extends Model implements AuthenticatableContract, CanResetPasswordContract { use Authenticatable, CanResetPassword, EntrustUserTrait;

routes.php

 Route::group([ 'prefix' => 'admin', 'namespace' => 'Admin', 'middleware' => ['auth', 'admin']], function (){ Route::get('dashboard', [ 'as' => 'dashboard', 'uses' => " DashBoardController@index " ]); });

I also have Role and Permission models, as in the Readme file https://github.com/Zizaco/entrust/tree/laravel-5

//sorry for my English.

+5
source share
2 answers

Update: Laravel 5.1.11 and newer now with built-in Authorization . This is a much more friendly Laravel and will always be in good condition. Use it whenever possible

You are using middleware incorrectly. There are a lot of Laravel 4 materials in the documents for Entrust, so you have to be selective about what you use from there. Middleware should not set routeNeedsRole . Actually routeNeedsRole in my opinion is not suitable for L5. Here's how I do it:

Create new middleware with

 php artisan make:middleware AuthAdmin

Now in the newly created application /Http/Middleware/AuthAdmin.php

 <?php namespace App\Http\Middleware; use Closure; use Illuminate\Contracts\Auth\Guard; class AuthAdmin { protected $auth; public function __construct(Guard $auth) { $this->auth = $auth; } public function handle($request, Closure $next) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->guest('auth/login'); } } else if(! $request->user()->hasRole('superadmin')) { return abort(404); //Or redirect() or whatever you want } return $next($request); } }

This will do the same as the auth middleware, but if they are already logged in and do not have the "superadmin" role, they will get 404.

Next, we need to add middleware for routing. Do it in app/Http/Kernal.php :

 protected $routeMiddleware = [ ..., 'superadmin' => 'App\Http\Middleware\AuthAdmin', ];

This allows you to add middleware to the controller. Now let's do it. In the controller, we do this in the constructor:

 public function __construct() { $this->middleware('superadmin'); }

This will add middleware to the entire controller. You can be specific regarding routes if necessary, but for your case I would suggest that we need an entire secure controller.

Let me know if you need more help.

Note. . It would be ideal if AuthAdmin first ran the "auth" middleware instead of copying the code, but I donโ€™t know how to do this from the middleware, and we donโ€™t do you need to do middleware => ['auth', 'superadmin'] instead of 'superadmin' . If we did not copy the "auth" code, we would try to get ->hasRole() from null, which would receive an error.

+11
source

Try in your controllers:

Auth :: user () โ†’ hasRole ('superamin');

0
source

Source: https://habr.com/ru/post/1215345/

More articles:


All Articles