Laravel控制器中的权限

时间:2020-07-14 18:04:28

标签: laravel datatable permissions controller 

if ($request->ajax()) {
    $data = User::latest()->get();

    return Datatables::of($data)
                     ->addIndexColumn()
                     ->addColumn('FullName', function($row){
                         $name = $row->fname.' '.$row->lname;
                         return $name;
                     })
                     ->addColumn('action', function($row){
                        //@can('user-show')
                        $btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups">
                                    <div class="btn-group" role="group">
                                        <a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm">
                                            <span class="icon-size-fullscreen"></span>
                                            Show
                                        </a>';
                        //@endcan

                        //@can('user-edit')
                        $btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()">
                                         <span class="icon-pencil"></span>
                                     </a>';
                        //@endcan

                        $btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm">
                                         <span class="icon-trash"></span>
                                     </a>
                                 </div>
                             </div>';
                        return $btn;
                    })
                    ->rawColumns(['FullName'])
                    ->rawColumns(['action'])
                    ->escapeColumns([])
                    ->make(true);
}

您好,我想在Controller数据表Yajra中使用@can('user-create'),以便用户看不到他无权访问的按钮。 我可以在刀片服务器中执行此操作,但不能在控制器中执行。 我想检查角色是否具有以这种方式执行任务的权限。 否则,我的代码将无法正常运行。

2 个答案:

答案 0 :(得分:0)

如果您使用spatie权限插件,则可以在控制器中使用$user->can('permission')

这里:

if ($request->ajax()) {
    $data = User::latest()->get();
    
    // get logged user
    $user = auth()->user();
    
    return Datatables::of($data)
        ->addIndexColumn()
        ->addColumn('FullName', function($row){
            $name = $row->fname.' '.$row->lname;
            return $name;
        })
        ->addColumn('action', function($row) use ($user) {
            $btn = '';
        
            if ($user->can('user-show') {
                $btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups"><div class="btn-group" role="group">
                <a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm"><span class="icon-size-fullscreen"></span> Show</a>';
            }
            if ($user->can('user-edit') {
                $btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()"><span class="icon-pencil"></span></a>';
            }
            $btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm"><span class="icon-trash"></span></a> </div></div>';
            
            return $btn;
        })
        ->rawColumns(['FullName'])
        ->rawColumns(['action'])
        ->escapeColumns([])
        ->make(true);
}

答案 1 :(得分:0)

您可以通过两种方式进行操作:

  1. 在控制器中检查权限

例如。 :

if ($request->ajax()) {
    $data = User::latest()->get();
    
    // get logged user
    $user = auth()->user();
    
    return Datatables::of($data)           
        ->addColumn('action', function($row) use ($user) {
            $btn = '';
        
            if ($user->can('user-show') {
                $btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups"><div class="btn-group" role="group">
                <a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm"><span class="icon-size-fullscreen"></span> Show</a>';
            }
            if ($user->can('user-edit') {
                $btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()"><span class="icon-pencil"></span></a>';
            }
            $btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm"><span class="icon-trash"></span></a> </div></div>';
            
            return $btn;
        })
        ->rawColumns(['action'])
        ->make(true);
}

或另一种方式

if ($request->ajax()) {
        $data = User::latest()->get();
      
        
        return Datatables::of($data)
            ->addIndexColumn()
            ->addColumn('FullName', function($row){
                $name = $row->fname.' '.$row->lname;
                return $name;
            })
            ->addColumn('actions', 'path.actions')
            ->rawColumns(['FullName'])
            ->escapeColumns([])
            ->make(true);
    }

您的刀片文件就像

@can('user-edit')
Your code
@endcan
相关问题
最新问题