我试图在我的系统中使用不同的用户级别。我的数据库是我的用户和他们的级别(master,portais,chaves等)
所以,我想要的是每个用户的不同路由,因此每个用户只能访问系统的一部分。
我可以轻松地在系统的每个页面检查他的AUTH,如果他登录的是一个他不应该看到该页面的帐户,就不会向他显示页面。但是,使用中间件/路由没有一种简单的方法吗?!
我在routes.php上尝试过类似的东西:
Route::group(['middleware' => 'Master'], function()
{
Route::any('/vendedor/produtos/removeProduto', 'AjaxController@vendedorRemoveProduto');
Route::any('/vendedor/produtos/editaPrecoProduto', 'AjaxController@editaPrecoProduto');
Route::any('/vendedor/produtos/alterarestadoproduto', 'AjaxController@alterarestadoumproduto');
Route::any('/vendedor/produtos/listaProdutos', 'AjaxController@listaProdutos');
Route::any('/vendedor/produtos/adicionaProdutoCliente', 'AjaxController@adicionaProdutoCliente');
Route::any('/', 'DashboardController@home'); });
Route::group(['middleware' => 'portais'], function()
{
Route::any('/cadastrarobjedu/criartema', 'AjaxController@criartemaobjedu');
Route::any('/cadastrarobjedu/cadastrar', 'AjaxController@cadastraobjedu');
Route::any('/cadastrarobjedu', 'DashboardController@cadastrarobjedu');
Route::any('/listarobjedu', 'DashboardController@listarobjedu');
Route::any('/editarobjeto/{id}', 'DashboardController@editarobjeto');
Route::any('/apagarobjeto/{id}', 'AjaxController@apagarobjeto');
Route::any('/', 'DashboardController@home'); });
但是这没有用,请给我一个错误,说'" MASTER"阶级已经存在。我还有更改吗?
答案 0 :(得分:2)
您需要实现一个中间件来检查当前用户是否已经给出了级别。
Laravel 5.0
//app/Http/Kernel.php - register middleware classes
protected $routeMiddleware = [
'levelMaster' => 'App\Http\Middleware\LevelMasterMiddleware',
'levelPortais' => 'App\Http\Middleware\LevelPortaisMiddleware'
];
//app/Http/Middleware/LevelMiddleware.php - base middleware class that checks if user has level stored in $level;
namespace App\Http\Middleware;
use Closure;
use App;
use Auth;
abstract class LevelMiddleware
{
protected $level;
public function handle($request, Closure $next)
{
if (Auth::user() && Auth::user()->level !== $this->level) {
return App::abort(Auth::check() ? 403 : 401, Auth::check() ? 'Forbidden' : 'Unauthorized');
}
return $next($request);
}
}
//app/Kernel/Middleware/LevelMasterMiddleware.php - checks if user has level Master
namespace App\Http\Middleware;
class LevelMasterMiddleware extends LevelMiddleware
{
protected $level = 'master';
}
//app/Kernel/Middleware/LevelPortaisMiddleware.php - checks if user has level Portais
namespace App\Http\Middleware;
class LevelPortaisMiddleware extends LevelMiddleware
{
protected $level = 'portais';
}
//config/routes.php - configure routes for different levels
Route::group(['middleware' => 'levelMaster'], function()
{
//here add routes for users with level=master
}
Route::group(['middleware' => 'levelPortais'], function()
{
//here add routes for users with level=portais
}
Laravel 5.1
最新版本的Laravel引入了中间件参数,可以简化上述代码,因为只需要一个中间件类:
//app/Http/Kernel.php - register middleware class
protected $routeMiddleware = ['level' => 'App\Http\Middleware\LevelMiddleware'];
//app/Http/Middleware/LevelMiddleware.php - check if current user has given level
namespace App\Http\Middleware;
use Closure;
use App;
use Auth;
class LevelMiddleware
{
public function handle($request, Closure $next, $level)
{
if (Auth::user() && Auth::user()->level !== $level) {
return App::abort(Auth::check() ? 403 : 401, Auth::check() ? 'Forbidden' : 'Unauthorized');
}
return $next($request);
}
}
//config/routes.php - configure routes for different levels and pass level as middleware parameter
Route::group(['middleware' => 'level:master'], function()
{
//here add routes for users with level=master
}
Route::group(['middleware' => 'level:portais'], function()
{
//here add routes for users with level=portais
}