使用中间件的Laravel授权
我有以下表格: 角色表使用中间件的Laravel授权,laravel,authorization,laravel-5.3,Laravel,Authorization,Laravel 5.3,我有以下表格: 角色表 身份证 头衔 权限表 身份证 头衔 角色id 权限(如:{test:“创建”、“编辑”、“更新”、“删除”}) 现在登录后,我如何通过中间件检查特定用户是否具有上述权限,是否可以创建/编辑/更新/删除 我不想在路由中指定权限或角色名称 Route::group(['permission'=>'create-user'] ... 相反,我们希望借助中间件进行检查 Route::group(['middleware'=>'authorization'] ...
Route::group(['permission'=>'create-user'] ...
Route::group(['middleware'=>'authorization'] ...
谢谢您需要创建一个中间件,在该中间件的handle方法中只需检查权限
public function handle($request, Closure $next, $guard = null)
{
$records = DB::table('role_table')
->join('permissions_table', 'role_table.ID', '=', 'permissions_table.Role_id')
->select('permissions_table.Permissions')
->first();
if (count($records) > 0) {
$permisssions = json_decode($records->Permissions, true);
if (in_array("create", $permissions['test'])) {
// has permission to create
// redirect to the authorized page
}
...
} else {
return redirect('to access denied page');
}
return $next($request);
}
App\Http\Kernel.php$routeMiddlewareprotected $routeMiddleware = [
'authorization' => \App\Http\Middleware\AuthorizationMiddleware::class
];
您需要创建一个中间件,在该中间件的handle方法中只需检查权限
public function handle($request, Closure $next, $guard = null)
{
$records = DB::table('role_table')
->join('permissions_table', 'role_table.ID', '=', 'permissions_table.Role_id')
->select('permissions_table.Permissions')
->first();
if (count($records) > 0) {
$permisssions = json_decode($records->Permissions, true);
if (in_array("create", $permissions['test'])) {
// has permission to create
// redirect to the authorized page
}
...
} else {
return redirect('to access denied page');
}
return $next($request);
}
App\Http\Kernel.php$routeMiddlewareprotected $routeMiddleware = [
'authorization' => \App\Http\Middleware\AuthorizationMiddleware::class
];