使用中间件的Laravel授权
我有以下表格: 角色表使用中间件的Laravel授权,laravel,authorization,laravel-5.3,Laravel,Authorization,Laravel 5.3,我有以下表格: 角色表 身份证 头衔 权限表 身份证 头衔 角色id 权限(如:{test:“创建”、“编辑”、“更新”、“删除”}) 现在登录后,我如何通过中间件检查特定用户是否具有上述权限,是否可以创建/编辑/更新/删除 我不想在路由中指定权限或角色名称 Route::group(['permission'=>'create-user'] ... 相反,我们希望借助中间件进行检查 Route::group(['middleware'=>'authorization'] ...
Route::group(['permission'=>'create-user'] ...
相反,我们希望借助中间件进行检查
Route::group(['middleware'=>'authorization'] ...
这样我就不必在每次添加新角色和对这些角色的权限时都在路由中指定单个权限
谢谢您需要创建一个中间件,在该中间件的handle方法中只需检查权限
public function handle($request, Closure $next, $guard = null)
{
$records = DB::table('role_table')
->join('permissions_table', 'role_table.ID', '=', 'permissions_table.Role_id')
->select('permissions_table.Permissions')
->first();
if (count($records) > 0) {
$permisssions = json_decode($records->Permissions, true);
if (in_array("create", $permissions['test'])) {
// has permission to create
// redirect to the authorized page
}
...
} else {
return redirect('to access denied page');
}
return $next($request);
}
将中间件添加到App\Http\Kernel.php
$routeMiddleware
数组
protected $routeMiddleware = [
'authorization' => \App\Http\Middleware\AuthorizationMiddleware::class
];
您需要创建一个中间件,在该中间件的handle方法中只需检查权限
public function handle($request, Closure $next, $guard = null)
{
$records = DB::table('role_table')
->join('permissions_table', 'role_table.ID', '=', 'permissions_table.Role_id')
->select('permissions_table.Permissions')
->first();
if (count($records) > 0) {
$permisssions = json_decode($records->Permissions, true);
if (in_array("create", $permissions['test'])) {
// has permission to create
// redirect to the authorized page
}
...
} else {
return redirect('to access denied page');
}
return $next($request);
}
将中间件添加到App\Http\Kernel.php
$routeMiddleware
数组
protected $routeMiddleware = [
'authorization' => \App\Http\Middleware\AuthorizationMiddleware::class
];