1. Generate user authorization policy management model
$ php artisan make:policy UserPolicy
All generated authorization policy file will be placed in the app/Policies folder.
2. To add in the authorization policy action against a variety of methods on the update method UserController strategy for permission when users update verification:
app/Policies/UserPolicy.php
<?php namespace App\Policies; use Illuminate\Auth\Access\HandlesAuthorization; use App\Models\User; class UserPolicy { use HandlesAuthorization; public function update(User $currentUser, User $user) { return $currentUser->id === $user->id; } }
update The method takes two parameters, the first parameter is a login user default current example, the second argument to be compared with an authorized user instance. When the two are the same id, it represents two users are the same user, the user is authorized to be followed by the next operation. If id is not the same, it will throw an exception information 403 to deny access.
Use authorization policies need to note the following points:
- Do not need to check
$currentUseris not NULL. The user is not logged in, the framework will automatically return all of its rightsfalse; - When you call, by default, it does not require the user to transfer the currently logged within the method, because the framework will automatically load the currently logged-on user.
3. Automatic registration authorization policy
Automatic Licensing Model model assumes default files directly stored in the app directory, if the model has been modified to store directory app/Models, followed by the need to custom rules automatic license registration, modification boot() methods:
app/Providers/AuthServiceProvider.php
<? PHP namespace App \ Providers; . . . Class AuthServiceProvider the extends ServiceProvider { . . . Public function the Boot () { $ the this -> registerPolicies (); // modify the logical policy for automatic discovery of Gate :: guessPolicyNamesUsing ( function ( $ modelClass ) { // dynamic returns a policy corresponding to the model name, such as: // 'the App \ models \ the User' => 'the App \ policies \ UserPolicy', return 'the App \ policies \\' class_basename (. $ modelClass ) 'the policy. ' ; \\ $ modelClass already here app / Policies / UserPolicy.php defined as App / Models / the User }); } }
4. Add the UserController $ the this - > the authorize ( 'Update' , $ User ) ;
app/Http/Controllers/UsersController.php
public function edit(User $user) { $this->authorize('update', $user); return view('users.edit', compact('user')); } public function update(User $user, Request $request) { $this->authorize('update', $user); $this->validate($request, [ 'name' => 'required|max:50', 'password' => 'nullable|confirmed|min:6' ]); $data = []; $data['name'] = $request->name; if ($request->password) { $data['password'] = bcrypt($request->password); } $user->update($data); session()->flash('success', '个人资料更新成功!'); return redirect()->route('users.show', $user->id); }