我正在使用中间件为用户获取角色。
问题是,我想如何使用路线。我希望每个用户都能够访问/dashboard,并且知道他们已经获得了什么角色并将其发送到正确的路线。
我可以在调试后看到第一条路由被忽略而支持最后一条路由,因此如果用户不是管理员,则会收到一条错误消息,说明权限不足。
有没有办法可以调整我的中间件或路由,这样任何用户都可以转到/dashboard并获得与其角色相关的路由?
routes.php文件
Auth::routes();
Route::group([ 'prefix' => 'dashboard'], function () {
// User Dashboard
Route::get('/', ['as' => 'dashboard-user', 'middleware' => 'roles', 'roles' => ['user'], 'uses' => 'DashboardController@user']);
// Admin Dashboard
Route::get('/', ['as' => 'dashboard-admin', 'middleware' => 'roles', 'roles' => ['admin'], 'uses' => 'DashboardController@admin']);
});
CheckRole.php
namespace App\Http\Middleware;
use Closure;
class CheckRole
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->user() === null) {
return response("Insufficient permissions", 401);
}
$actions = $request->route()->getAction();
$roles = isset($actions['roles']) ? $actions['roles'] : null;
if ($request->user()->hasAnyRole($roles) || !$roles) {
return $next($request);
}
return response("Insufficient permissions", 401);
}
}
user.php的
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
public function roles()
{
return $this->belongsToMany('App\Role', 'user_role', 'user_id', 'role_id');
}
public function hasAnyRole($roles)
{
if (is_array($roles)) {
foreach ($roles as $role) {
if ($this->hasRole($role)) {
return true;
}
}
} else {
if ($this->hasRole($roles)) {
return true;
}
}
return false;
}
public function hasRole($role)
{
if ($this->roles()->where('name', $role)->first()) {
return true;
}
return false;
}
}
Kernel.php
namespace App\Http;
use App\Http\Middleware\CheckRole;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
...
...
...
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
...
...
'roles' => \App\Http\Middleware\CheckRole::class
];
}