BobZamin

Member Since 6 Months Ago

Experience Points
430
Total
Experience

4,570 experience to go until the next level!

In case you were wondering, you earn Laracasts experience when you:

  • Complete a lesson — 100pts
  • Create a forum thread — 50pts
  • Reply to a thread — 10pts
  • Leave a reply that is liked — 50pts
  • Receive a "Best Reply" award — 500pts
Lessons Completed
2
Lessons
Completed
Best Reply Awards
0
Best Reply
Awards
  • start your engines Created with Sketch.

    Start Your Engines

    Earned once you have completed your first Laracasts lesson.

  • first-thousand Created with Sketch.

    First Thousand

    Earned once you have earned your first 1000 experience points.

  • 1-year Created with Sketch.

    One Year Member

    Earned when you have been with Laracasts for 1 year.

  • 2-years Created with Sketch.

    Two Year Member

    Earned when you have been with Laracasts for 2 years.

  • 3-years Created with Sketch.

    Three Year Member

    Earned when you have been with Laracasts for 3 years.

  • 4-years Created with Sketch.

    Four Year Member

    Earned when you have been with Laracasts for 4 years.

  • 5-years Created with Sketch.

    Five Year Member

    Earned when you have been with Laracasts for 5 years.

  • school-in-session Created with Sketch.

    School In Session

    Earned when at least one Laracasts series has been fully completed.

  • welcome-newcomer Created with Sketch.

    Welcome To The Community

    Earned after your first post on the Laracasts forum.

  • full-time-student Created with Sketch.

    Full Time Learner

    Earned once 100 Laracasts lessons have been completed.

  • pay-it-forward Created with Sketch.

    Pay It Forward

    Earned once you receive your first "Best Reply" award on the Laracasts forum.

  • subscriber Created with Sketch.

    Subscriber

    Earned if you are a paying Laracasts subscriber.

  • lifer Created with Sketch.

    Lifer

    Earned if you have a lifetime subscription to Laracasts.

  • evangelist Created with Sketch.

    Laracasts Evangelist

    Earned if you share a link to Laracasts on social media. Please email [email protected] with your username and post URL to be awarded this badge.

  • chatty-cathy Created with Sketch.

    Chatty Cathy

    Earned once you have achieved 500 forum replies.

  • lara-veteran Created with Sketch.

    Laracasts Veteran

    Earned once your experience points passes 100,000.

  • 10k-strong Created with Sketch.

    Ten Thousand Strong

    Earned once your experience points hits 10,000.

  • lara-master Created with Sketch.

    Laracasts Master

    Earned once 1000 Laracasts lessons have been completed.

  • laracasts-tutor Created with Sketch.

    Laracasts Tutor

    Earned once your "Best Reply" award count is 100 or more.

  • laracasts-sensei Created with Sketch.

    Laracasts Sensei

    Earned once your experience points passes 1 million.

  • top-50 Created with Sketch.

    Top 50

    Earned once your experience points ranks in the top 50 of all Laracasts users.

  • Community Pillar

    Earned once your experience points ranks in the top 10 of all Laracasts users.

Level 1
430 XP
May
04
6 days ago
Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

I'll stick with the controller method then, Thank you bro!

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

authorizing in controller works fine. But I don't understand why it doesn't work using middleware like the show.user route.

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Tried:

Route::get('/user/edit/{user}', [App\Http\Controllers\UserController::class, 'edit'])->middleware('can:update,user')->name('user.edit');

Still says 403 | Unauthorized

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Like this:

public function update(User $me, User $user)
    {
        return true;
        // return ($me->isSuper()) ? true : ($me->hasThesePermissions(['edit-users']) && (!$user->isSuper())) || $me->id === $user->id;
    }
Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Hello everybody, again, I know.

Have the same issue with another route now, for some reason the route for SHOW worked, but the route for EDIT doesn't, although I did the same thing with both.

My Routes

Auth::routes();

Route::middleware('auth')->group(function(){
  Route::get('/', function() { return redirect()->route('dashboard'); });
  Route::get('/dashboard', [App\Http\Controllers\DashboardController::class, 'index'])->name('dashboard');
  Route::get('/users', [App\Http\Controllers\UserController::class, 'index'])->middleware('can:viewAny, App\Models\User')->name('userManager');
  Route::get('/user/show/{user}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view,user,App\Models\User')->name('show.user'); // This worked!
  Route::post('/user/state/{userid}', [App\Http\Controllers\UserController::class, 'updatechecks'])->name('submit.check');
  Route::get('/user/create', [App\Http\Controllers\UserController::class, 'create'])->middleware('can:create,App\Models\User')->name('user.create');
  Route::post('/user/create', [App\Http\Controllers\UserController::class, 'store'])->middleware('can:create,App\Models\User')->name('user.store');
  Route::post('/user/delete/{user}', [App\Http\Controllers\UserController::class, 'destroy'])->name('user.delete'); // authorize() in controller
  Route::get('/user/edit/{user}', [App\Http\Controllers\UserController::class, 'edit'])->middleware('can:update,user,App\Models\User')->name('user.edit'); // This shit doesn't work!
});

My Blade

<tbody class="text-gray-600 text-sm font-light shadow-sm">
        @foreach($users as $user)
            <tr class="hover:bg-gray-200 hover:shadow-md">
                <td class="hidden xl:table-cell py-3 px-3 md:px-6 m-0 text-lg md:text-base"><a
                        href="{{ route('show.user', $user->id) }}" {{-- This works! --}}
                        class="hover:underline">{{ $user->first_name }}</a></td>
                <td class="hidden xl:table-cell py-3 px-3 md:px-6 m-0 text-lg md:text-base"><a
                        href="{{ route('show.user', $user->id) }}"
                        class="hover:underline">{{ $user->last_name }}</a></td>
                <td class="py-3 px-3 text-lg md:px-6 m-0 md:text-base"><a
                        href="{{ route('show.user', $user->id) }}"
                        class="hover:underline">{{ $user->username }}</a></td>
                <td class="hidden xl:table-cell py-3 px-3 md:px-6 m-0 text-lg md:text-base"><a
                        href="{{ route('show.user', $user->id) }}"
                        class="hover:underline">{{ $user->roles->first()->name }}</a></td>
                <td class="hidden lg:table-cell py-3 px-3 md:px-6 m-0 text-lg md:text-base"><a
                        href="{{ route('show.user', $user->id) }}"
                        class="hover:underline">{{ $user->email }}</a></td>
                <td class="hidden md:table-cell py-3 px-3 md:px-6 m-0 text-lg md:text-base"><a
                        href="{{ route('show.user', $user->id) }}"
                        class="hover:underline">{{ $user->phone }}</a></td>
                <td class="py-3 px-3 text-center md:px-6 m-0">
                    <x-buttons.toggler userid="{{ $user->id }}" />
                </td>
                <td class="hidden xs:flex justify-end py-3 px-3 md:px-6 m-0">
                    <form class="pr-1" action="{{ route('user.delete', $user->id) }}"
                        method="post">
                        @csrf
                        <a href="#" class="btn btn--actions btn--danger" onclick="cnf(event)"><i
                                class="fa fa-times mr-1 ml-0"></i>Delete</a>
                        <script>
                            function cnf(e) {
                                return (confirm('You swear you want to delete this user?')) ? e.target.closest('form')
                                    .submit() : '';
                            }

                        </script>
                    </form>
                    <a href="{{ route('user.edit', $user->id) }}" {{-- This doesn't work! --}}
                        class="btn btn--actions btn--action"><i class="fa fa-pencil-alt mr-1 ml-0"></i>Edit</a>
                </td>
            </tr>
        @endforeach
    </tbody>

My controller

public function edit($id)
    {
        $user = User::findOrFail($id);
        return view('edit-user')->with('user', $user);
    }

This keeps giving me 403 | This action is Unauthorized.

What is wrong with this code?

Apr
15
3 weeks ago
Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

It f. worked! ) Thank you so much bro. Thank you everybody.

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Am I passing the data correctly?

UserController

	public function index()
    {
        $users = User::orderBy('fname', 'asc')->get();
        return view("users")->with('users', $users);
    }

	public function show($id)
    {
		$theuser = User::where('id', $id)->first();
        return view('view-user')->with('theuser', $theuser);
    }

view.users View

<a href="{{ route('show.user', ['theuser' => $theuser]) }}">{{ $user->fname }}</a>
Route::get('/user/show/{theuser}', [App\Http\Controllers\UserController::class, 'show'])
    ->middleware('can:view,theuser')->name('show.user');

UserPolicy

	public function view(User $user, User $model)
    {
        return true;
    }

The reason I'm passing the user as theuser is because there is another $user variable being passed to the layout from components.

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

These are my routes:

Route::middleware('auth')->group(function(){
  Route::get('/', function() { return redirect()->route('dashboard'); });
  Route::get('/dashboard', [App\Http\Controllers\DashboardController::class, 'index'])->name('dashboard');
  Route::get('/users', [App\Http\Controllers\UserController::class, 'index'])->middleware('can:viewAny, App\Models\User')->name('userManager');
  Route::get('/user/show/{model}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view,model')->name('show.user');
});

The auth middleware is assigned to the group.
Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Sorry, edited it, I meant I tried:

Route::get('/user/show/{model}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view,model')->name('show.user');

Still says 403 | Unauthorized.

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Tried:

Route::get('/user/show/{model}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view,model')->name('show.user');

Still says 403 | Unauthorized.

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

Tried:

Route::get('/user/show/{model}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view,App\Models\User')->name('show.user');

Still said too few arguments thing

And then tried this:

Route::get('/user/show/{model}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view,user')->name('show.user');

Now it says 403 | Unauthorized.

Activity icon

Replied to User Policy. Keep Getting 403 | This Action Is Unauthorized.

In that case the browser says:

Too few arguments to function App\Policies\UserPolicy::view()

Activity icon

Started a new Conversation User Policy. Keep Getting 403 | This Action Is Unauthorized.

Hi.

I'm trying to make a policy which either allows or denies a user to see the profile details of users. If it's a regular user, he can only see his own profile details page. If admin, anyone's.

Created the policy:

php artisan make:policy UserPolicy --model=User

Registered the policy in AuthServiceProvider:

'App\Models\User' => 'App\Policies\UserPolicy'

Modified the UserPolicy view method

	public function view(User $user, User $model)
    {
        return true;
    } 

Added a route pointing to the controllers show method and added a middleware to it

Route::get('/user/show/{model}', [App\Http\Controllers\UserController::class, 'show'])->middleware('can:view, model, App\Models\User')->name('show.user');

Created UserController and modified the show method

	public function show($id)
    {
        return view('view-user');
    }

Created users view, shows all users, to see details of a user, click on the user's name, below is the link

<a href="{{ route('show.user', ['model' => $user]) }}">{{ $user->fname }}</a>

In the browser, I get 403 unauthorized every time I click on a user's name to see his information. What am I doing wrong? Pls help, I'm stuck on this for 2nd day.