我正在使用laravel 5.2。
用户由admin创建。 当用户登录他的页面时,可以访问管理员不允许使用的页面。 我想限制用户访问管理员不使用的页面。 管理员为每个用户分配角色。 当用户登录他的页面时,他可以看到管理员分配的页面。 但是用户可以借助URL访问页面。 管理员不会将这些URL发布到use.controller部分,如下所示。
//controller part
<?php
namespace App\Http\Controllers\Admin;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use App\Http\Controllers\AdminController;
use App\CreateEmployee;
use DB;
use App\Area;
use Session;
use Redirect;
use Validator;
use App\make;
class CreateEmployeeController extends AdminController {
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index() { }
public function addemployee() {
$employee = CreateEmployee::where('id','<>',1)->get();
$shop = Area::all();
return view('app.admin.employee.createemployee',compact('employee','shop'));
}
public function saveemployee(Request $request) {
$title = 'Add Employee';
$employee = new CreateEmployee();
$employee ->username = $request->username;
$employee ->area_name = $request->area;
$employee ->password = bcrypt($request->password);
$employee ->employee = 'yes';
$employee ->admin = 1;
$validator = Validator::make($request->all(), [
'password' => 'required|min:6|confirmed',
'password_confirmation' => 'required|min:6',
]);
if ($validator->fails()) {
return redirect('admin\create-employee')
->withErrors($validator)
->withInput();
}
else {
$employee->save();
Session::flash('flash_notification', array('level' => 'success', 'message' => 'Employee Created Successfully'));
return Redirect::action('Admin\CreateEmployeeController@addemployee');
}
}
public function editemployee($id) {
$employee = CreateEmployee::where('id',$id)->get();
return view('app.admin.employee.editemployee',compact('employee'));
}
public function updateemployee(Request $request) {
CreateEmployee::where('id',$request->id)->update(array('username'=>$request->username,'area_name'=>$request->area));
Session::flash('flash_notification', array('level' => 'success', 'message' => 'Employee Details Updated Successfully'));
return Redirect::action('Admin\CreateEmployeeController@addemployee',array('id' => $request->id));
}
public function deleteconfirms($id) {
$employee= CreateEmployee::find($id);
$employee->delete();
Session::flash('flash_notification', array('level' => 'success', 'message' => 'Employee Deleted Successfully'));
return redirect()->action('Admin\CreateEmployeeController@addemployee');
}
}