Fatal编程技术网
  • php/
  • Php Laravel策略适用于view,但不适用于viewAny

Php Laravel策略适用于view,但不适用于viewAny

php laravel

Php Laravel策略适用于view,但不适用于viewAny,php,laravel,laravel-7,Php,Laravel,Laravel 7,我的API控制器策略对于view来说似乎运行良好,但对于viewAll,在发送admin API令牌时返回“此操作未经授权”。使用具有空间角色/权限的Laravel 7。AppBaseController扩展了照明\路由\控制器。我试过不用中间件,只是为了确定。尝试注释“before”函数,以确保它没有冲突。仔细检查,我正在发送带有viewAny调用的Answer::class。确认模型“can”方法在viewAny上也返回false。在viewAny中尝试使用或不使用可选用户参数。阅读并重新阅

我的API控制器策略对于view来说似乎运行良好,但对于viewAll,在发送admin API令牌时返回“此操作未经授权”。使用具有空间角色/权限的Laravel 7。AppBaseController扩展了照明\路由\控制器。我试过不用中间件,只是为了确定。尝试注释“before”函数,以确保它没有冲突。仔细检查,我正在发送带有viewAny调用的Answer::class。确认模型“can”方法在viewAny上也返回false。在viewAny中尝试使用或不使用可选用户参数。阅读并重新阅读文档,以及我能在这里找到的所有类似问题。似乎无法解决这个问题。甚至不知道如何追踪拉威尔是如何得到回应的

routes/api.php

<?php

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/

//logged in
Route::group(['middleware' => ['auth:api', 'verified']], function () {
    Route::get('answers', 'AnswerAPIController@index')->name('answers.index');
    Route::post('answers/{id}', 'AnswerAPIController@store')->name('answers.store');
    Route::get('answers/{id}', 'AnswerAPIController@show')->name('answers.show');
    Route::put('answers/{id}', 'AnswerAPIController@update')->name('answers.update');
    Route::delete('answers/{id}', 'AnswerAPIController@destroy')->name('answers.destroy');
});
回应

{
  "success": false,
  "message": "This action is unauthorized.",
  "data": {
    "api_token": "****"
  }
}

{
  "success": true,
  "data": {
    "id": 1,
    "question_id": 1,
    "order": 1,
    "text": "asdf",
    "is_correct": false
  },
  "message": "Answer retrieved successfully."
}
请求URL(视图)

回应

{
  "success": false,
  "message": "This action is unauthorized.",
  "data": {
    "api_token": "****"
  }
}

{
  "success": true,
  "data": {
    "id": 1,
    "question_id": 1,
    "order": 1,
    "text": "asdf",
    "is_correct": false
  },
  "message": "Answer retrieved successfully."
}
在一个典型的“问问题往往能说明问题”的例子中,经过两天的努力,我在30秒后找到了答案

在'viewAny'authorize方法中,我在Answer::class位中加入了这个方法,但是在控制器中我没有定义什么是'Answer'。我通过添加

use App\Models\Answer;
到控制器的顶部。

:)很高兴您让它工作了! 
{
  "success": true,
  "data": {
    "id": 1,
    "question_id": 1,
    "order": 1,
    "text": "asdf",
    "is_correct": false
  },
  "message": "Answer retrieved successfully."
}

use App\Models\Answer;