taijuten

taijuten

Member Since 4 Years Ago

Hastings

Experience Points 48,835
Experience Level 10

1,165 experience to go until the next level!

In case you were wondering, you earn Laracasts experience when you:

  • Complete a lesson — 100pts
  • Create a forum thread — 50pts
  • Reply to a thread — 10pts
  • Leave a reply that is liked — 50pts
  • Receive a "Best Reply" award — 500pts
Lessons Completed 194
Lessons
Completed
Best Reply Awards 44
Best Reply
Awards
  • start-engines Created with Sketch.

    Start Your Engines

    Earned once you have completed your first Laracasts lesson.

  • first-thousand Created with Sketch.

    First Thousand

    Earned once you have earned your first 1000 experience points.

  • 1-year Created with Sketch.

    One Year Member

    Earned when you have been with Laracasts for 1 year.

  • 2-years Created with Sketch.

    Two Year Member

    Earned when you have been with Laracasts for 2 years.

  • 3-years Created with Sketch.

    Three Year Member

    Earned when you have been with Laracasts for 3 years.

  • 4-years Created with Sketch.

    Four Year Member

    Earned when you have been with Laracasts for 4 years.

  • 5-years Created with Sketch.

    Five Year Member

    Earned when you have been with Laracasts for 5 years.

  • school-session Created with Sketch.

    School In Session

    Earned when at least one Laracasts series has been fully completed.

  • welcome-newcomer Created with Sketch.

    Welcome To The Community

    Earned after your first post on the Laracasts forum.

  • full-time-student Created with Sketch.

    Full Time Learner

    Earned once 100 Laracasts lessons have been completed.

  • pay-it-forward Created with Sketch.

    Pay It Forward

    Earned once you receive your first "Best Reply" award on the Laracasts forum.

  • subscriber-token Created with Sketch.

    Subscriber

    Earned if you are a paying Laracasts subscriber.

  • lifer-token Created with Sketch.

    Lifer

    Earned if you have a lifetime subscription to Laracasts.

  • lara-evanghelist Created with Sketch.

    Laracasts Evangelist

    Earned if you share a link to Laracasts on social media. Please email [email protected] with your username and post URL to be awarded this badge.

  • chatty-cathy Created with Sketch.

    Chatty Cathy

    Earned once you have achieved 500 forum replies.

  • lara-veteran Created with Sketch.

    Laracasts Veteran

    Earned once your experience points passes 100,000.

  • 10k-strong Created with Sketch.

    Ten Thousand Strong

    Earned once your experience points hits 10,000.

  • lara-master Created with Sketch.

    Laracasts Master

    Earned once 1000 Laracasts lessons have been completed.

  • laracasts-tutor Created with Sketch.

    Laracasts Tutor

    Earned once your "Best Reply" award count is 100 or more.

  • laracasts-sensei Created with Sketch.

    Laracasts Sensei

    Earned once your experience points passes 1 million.

  • top-50 Created with Sketch.

    Top 50

    Earned once your experience points ranks in the top 50 of all Laracasts users.

12 Sep
2 years ago

taijuten started a new conversation Lazy Loading Appears Not To Be Working For One Subresource

Hey guys, I'm pulling my hair out over one particular issue. I'm sure the problem / solution is incredibly simple, but I don't seem to be seeing it.

I'm using Fractal (https://github.com/thephpleague/fractal) for a Laravel-based API. I'm also using Lazy Loading on "include"d models.

Very simply, I have a relationship, which appears to be having an N+1 problem.

The problem appears to be my Slot->Booking, relationship, as when removing this nested resource from my included payload, I get significantly (~90%) fewer SQL queries.

Slot Model

<?php

namespace App;

use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;

class Slot extends Model
{
    use SoftDeletes;
        protected $fillable = ['capacity', 'starts_at', 'ends_at', 'created_at', 'updated_at', 'group_id', 'session_id'];
        protected $dates = ['deleted_at', 'starts_at', 'ends_at'];

    public function group()
    {
        return $this->belongsTo('App\Group');
    }

    public function bookings() {
        return $this->belongsToMany('App\Booking');
    }

    public function bookingSlots() {
        return $this->hasMany('App\BookingSlot');
    }
}

One thing worth noting, is that the slot->booking relationship is through BookingSlot, which itself has a model (there is supplementary information stored within this model).

Interestingly, if I do slot->bookingSlots->booking I do not appear to get the N+1 issue.

Can anyone point to a reason for this happening, and if so, a workaround?

Please let me know if there would be any advantage to me posting further code.

30 Jan
2 years ago

taijuten left a reply on Issue With "Activate New Release" Deployment Hook

@jbajou I spoke to Taylor about this, and he recommended just removing the "Reload FPM on deploy" from the server options in Envoyer, and it worked for me

11 Dec
2 years ago

taijuten started a new conversation Issue With "Activate New Release" Deployment Hook

I'm having issues with the Activation of New Release.

The fail is logging the following output:

Linux Detected...
Release Activated (20161211152555)!
PHP-FPM Detected: Reloading
[sudo] password for forge: Sorry, try again.
[sudo] password for forge: 
sudo: 1 incorrect password attempt

Either my Google-Fu is failing me today, or I'm not able to find any others with the same issue.

It looks like sudo password is being required, and the commands following the activation are being inserted as the password.

Any ideas on how to get around this?

06 Nov
2 years ago

taijuten left a reply on Clearing Cached Relationship After Attach Or Sync

@Snapey How would you achieve this? I've temporarily done a Group::find(...), but not sure if this is the best way to reload the relationship

taijuten left a reply on Clearing Cached Relationship After Attach Or Sync

@jeffdavis the intention of the for loop is to remove any which are already attached to the group, but not part of the submitted lessons array. Then after that, we attach all the of the ones in the array.

Essentially, this is replicating the sync functionality, but in a way that an Event can be fired when removing a lesson from the group.

taijuten started a new conversation Clearing Cached Relationship After Attach Or Sync

I have the following snippet from a controller, where I'd attaching one resource to another.

However, when I perform a die and dump of the resource, or return this to the client, it seems to have the data from the previous request, not containing the changes affected by the attach.

    if($request->has('lessons') && Lesson::where('client_id', $group->event->client->id)->whereIn('id', $request->lessons)->count() == count($request->lessons)) {
        // check to see if we should remove any lessons from the group
        foreach($group->lessons as $lesson) {
            if(!in_array($lesson->id, $request->lessons)) {
                $group->lessons()->detach($lesson->id);
                Eventable::fire(new GroupLessonRemoved($group, $lesson));
            }
        }
        $group->lessons()->attach($request->lessons);
        dd($group->lessons);
    }

For example, where I submit my request with a new lesson to attach, the output will show the lessons without that new one attached. If I refresh, it shows attached.

What am I missing here?

Any help would be greatly appreciated

28 May
3 years ago

taijuten left a reply on Making Dynamic Eloquent Scopes

shameless bump :)

27 May
3 years ago

taijuten started a new conversation Making Dynamic Eloquent Scopes

Evening all,

I have a certain problem that I need to solve, and I'm unsure of the best way to approach it.

Here's an example: I have a model: School. A School has many Students, and each student has many Guardians The many-to-many relationship between Students and Guardians has some other properties, such as is_legal_guardian (boolean) and order (integer).

All of this is fine, however, I need each School to be able to set up what I can only describe as a filter, or a preset, so, that when retrieving the Guardians for each Student, the results are filtered by whatever the school has defined for a particular filter. An example of this might be a school sets up a filter called "Legal Guardians who are first point of contact", where they only wish to return Guardians of each Student where the legal_guardian is true and the order equals 1.

The only way I can think of doing this is having a GuardianFilter model, and having Guardians linked to that, but unsure of how that relationship would work, when the relationship itself is defined by the School.

I apologise if this is difficult to follow, but am happy to provide further clarification if required.

15 Apr
3 years ago

taijuten left a reply on "Class '******' Not Found " Error In Laravel 5

Can you show your POrder php file?

taijuten left a reply on Laravel From Scratch 6th Video Fetching Data

Have you set up a mysql or similar database server? If so, have you created a database, and a user?

Are those credentials in your .env file?

taijuten left a reply on What Is The Location Context Of The File Class?

I believe File uses the storage folder by default, if you're using local storage.

Please see https://laravel.com/docs/master/filesystem#configuration

taijuten left a reply on "Class '******' Not Found " Error In Laravel 5

try running php artisan clear-compiled

20 Mar
3 years ago
19 Mar
3 years ago

taijuten left a reply on Guzzle Error With Jeffreys Example

When you use get(), it's a response object, as the error hints.

So if we have a look at the following: http://docs.guzzlephp.org/en/latest/quickstart.html#using-responses

You can see that there's no need to send(), we now need to process the response with these methods.

For example, try replacing send() with getContents()

taijuten started a new conversation Local Query Scope Failing

I'm doing some fairly in-depth query scopes on several of my models.

For example, I have the following scope:

    public function scopeVisibleToUser($query) {
        return $query->where(function($subQuery){
            $subQuery->isOwner()
                ->orOwnsGroup()
                ->orStaffPermission();
        });
    }

This refers to other query scopes within the same model:

    public function scopeIsOwner($query) {
        return $query->where('user_id', \Auth::user()->id);
    }

    public function scopeOrOwnsGroup($query) {
        return $query->orWhereHas('groups', function($subquery) {
            $subquery->where('user_id', \Auth::user()->id);
        });
    }

    public function scopeOrStaffPermission($query) {
        return $query->orWhere(function($subQuery) {
            $subQuery->whereHas('client.clientUser', function($subSubQuery) {
                // events client has authed user.
                $subSubQuery->where('user_id', \Auth::user()->id)
                    ->whereHas('role', function($role) {
                        $role->where('staff', 1);
                    });
            })->whereHas('sessions', function($subSubQuery) {
                // where session is open to staff
                $subSubQuery->where('open_staff', 1);
            });
        });
    }

However, the "or" part of these query scopes aren't sticking. If my user doesn't match the "orStaffPermission" scope, but matches the others, they get no results. If I copy the contents of this scope onto the parent scope, all works as expected.

Any thoughts on how I can solve this issue?

taijuten left a reply on How To Install Laravel Homestead For Windows ?

Homestead still works on windows, with Virtualbox / vagrant.

If you come across a specific issue, then we can help.

taijuten left a reply on Create User Form Edit

It sounds like there are a fair few gaps in your knowledge of how to use Laravel. I'd recommend checking out some of the videos on this site: https://laracasts.com/series/laravel-5-from-scratch in particular.

To get you going in the right direction: You'll be modifying your view (the form).

However, to truly understand what's happening, and how to do other bits, I recommend watching that series.

taijuten left a reply on Guzzle Error With Jeffreys Example

Check out http://docs.guzzlephp.org/en/latest/quickstart.html#creating-a-client

The URI you're passing into client should be within an array, with a base_uri key

taijuten left a reply on Between One To Many Or Polymorphic Relationship

It really depends on your use-case.

As a rule for polymorphic, if your resource (posts, in this case) shares the same structure but can be attached to many other resources, then use polymorphic.

If the structure of the post is going to differ between group posts and user posts, then keep them separate.

taijuten left a reply on A Simple Route Is Redirected To /public Folder

It sounds like you haven't got your site mounted to the /public directory.

How are you hosting? On IIS / Apache / Nginx?

taijuten left a reply on Eloquent's BelongsTo, HasOne Etc

has means that the other model contains the reference key.

belongs means that this model has the reference key.

The only exception to this is the belongsToMany which means there is a link table. Both models would have a belongsToMany in most cases.

taijuten left a reply on SQLSTATE[HY000]: General Error: 1215 Cannot Add Foreign Key Constraint

Do you have any existing records where the value for the rows you're adding the foreign key to, are blank?

Alternatively, using mysql command line, run show engine innodb status;

Then look for the LATEST FOREIGN KEY ERROR

taijuten left a reply on Please Fix Bootstrap Navbar For Tablet

Laravel uses the bootstrap navbar in the standard template it is boxed with. Check the documents here:

https://getbootstrap.com/examples/navbar/

18 Mar
3 years ago

taijuten left a reply on Strange Disappearing Variable In ExceptionHandler

You're correct... thank you @premsaurav

No idea how I missed that!

taijuten started a new conversation Strange Disappearing Variable In ExceptionHandler

I have some strange behaviour, when deliberately triggering an exception, that I hope you guys can help me debug.

Triggering a methodNotAllowedHttpException gives me the following error:

ErrorException in Handler.php line 116:
Undefined variable: response

The code in question is as follows, within my Handler.php

The line number corresponds to the last line within the method, the return.

/**
     * Render an exception into an HTTP response.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Exception  $e
     * @return \Illuminate\Http\Response
     */
    public function render($request, Exception $e)
    {
        if ($this->isHttpException($e))
        {
            if ($e instanceof ModelNotFoundException || $e instanceof NotFoundHttpException)
            {
                $message = ($e->getMessage() == '') ? 'One or more resource was not found' : $e->getMessage();
                $response = $this->errorNotFound($message);
            }
            elseif ($e instanceof UnauthorizedHttpException)
            {
                $message = ($e->getMessage() == '') ? 'You don\'t have access to this resource' : $e->getMessage();
                $response = $this->errorUnauthorised($message);
            }
            elseif ($e instanceof AccessDeniedHttpException)
            {
                $message = ($e->getMessage() == '') ? 'Forbidden' : $e->getMessage();
                $response = $this->errorForbidden($message);
            }
            elseif ($e instanceof FatalErrorException)
            {
                $message = ($e->getMessage() == '') ? 'Internal Error' : $e->getMessage();
                $response = $this->errorInternalError($message);
            }
            elseif ($e instanceof ConflictHttpException)
            {
                $message = ($e->getMessage() == '') ? 'Request unprocessable due to a conflict' : $e->getMessage();
                $response = $this->errorConflict($message);
            }
            elseif ($e instanceof BadRequestHttpException)
            {
                $message = ($e->getMessage() == '') ? 'Your request was unprocessable - wrong arguments' : $e->getMessage();
                $response = $this->errorWrongArgs($message);
            }
            elseif ($e instanceof NotAcceptableHttpException)
            {
                $message = ($e->getMessage() == '') ? 'Your request held invalid or incomplete data' : $e->getMessage();
                $response = $this->errorValidation($message);
            }
        }
        elseif ($e instanceof \Tymon\JWTAuth\Exceptions\TokenExpiredException) {
            $message = ($e->getMessage() == '') ? 'Token Expired' : $e->getMessage();
            $response = $this->errorUnauthorised($message);
        }
        elseif ($e instanceof \Tymon\JWTAuth\Exceptions\TokenInvalidException) {
            $message = ($e->getMessage() == '') ? 'Token Invalid' : $e->getMessage();
            $response = $this->errorUnauthorised($message);
        }
        else
        {
            $response = parent::render($request, $e);
        }
        
        app('Asm89\Stack\CorsService')->addActualRequestHeaders($response, $request);

        return $response;
    }

I can't possibly see how I could end up without a response.

Any thoughts?

Thanks very much in advance!

16 Nov
3 years ago

taijuten left a reply on Homestead. Incorrect Mapping.

@twist900 Your folder should be as such:

folders:
        - map: "/home/georgy/Code"
          to: "/home/vagrant"

sites:
    - map: "questionapp.dev"
      to: "/home/vagrant/questionapp/public"

You'll need to do a provision to do this.

07 Nov
3 years ago

taijuten left a reply on Multiple SSLs On One Forge (digitalocean) Droplet

HTTP2 appears to be working.

I reissued the certificate from the host.

I'm starting to think it was an issue with the certificate itself, and perhaps at some point I accidentally got the certs mixed up, and applied the Site 1 certificate to Site 2. Not sure if this could cause the issue, but it might make sense.

taijuten left a reply on Multiple SSLs On One Forge (digitalocean) Droplet

@bashy please ignore :) now seems to be fixed. Started again, reissuing ticket.

Nginx then bitched at me for having the server name in the listen directive, so I removed it, now it appears to work!

Thanks for your help :)

taijuten left a reply on Multiple SSLs On One Forge (digitalocean) Droplet

@bashy

I've turned off http\2 now. I don't have any default_server

This is the result of my cURL request

* Rebuilt URL to: https://api.sb.zerojargon.com/
* Hostname was NOT found in DNS cache
*   Trying 46.101.24.124...
* Connected to api.sb.zerojargon.com (46.101.24.124) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: OU=Domain Control Validated; OU=PositiveSSL; CN=events.zerojargon.com
*    start date: 2015-11-07 00:00:00 GMT
*    expire date: 2016-11-06 23:59:59 GMT
*    subjectAltName does not match api.sb.zerojargon.com
* SSL: no alternative certificate subject name matches target host name 'api.sb.zerojargon.com'
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
curl: (51) SSL: no alternative certificate subject name matches target host name 'api.sb.zerojargon.com'
forge@zj-dev:/etc/nginx/sites-available$ 

taijuten left a reply on Multiple SSLs On One Forge (digitalocean) Droplet

@bashy I just checked, and my NGINX does support SNI.

I've scanned through my nginx config files, but can't see anything to cause an issue. I'll copy them here:

Site 1 (works)

server {
    listen 80;
    server_name events.zerojargon.com;
    return 301 https://events.zerojargon.com$request_uri;
}

server {
    listen 443 ssl http2 events.zerojargon.com;
    listen [::]:443 ssl http2 events.zerojargon.com;
    server_name events.zerojargon.com;
    root /home/forge/events.zerojargon.com/current/dist;
    

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/events.zerojargon.com/15312/server.crt;
    ssl_certificate_key /etc/nginx/ssl/events.zerojargon.com/15312/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 180m;
    
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
    ssl_dhparam /etc/nginx/cert/dhparam.pem;
    
    add_header Strict-Transport-Security "max-age=31536000" always;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/events.zerojargon.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_param PHP_VALUE "newrelic.appname=events.zerojargon.com";
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

Site 2 (this redirects to content of site 1)

server {
    listen 80;
    server_name api.sb.zerojargon.com;
    return 301 https://api.sb.zerojargon.com$request_uri;
}

server {
    listen 443 ssl http2 api.sb.zerojargon.com;
    listen [::]:443 ssl http2 api.sb.zerojargon.com;
    server_name api.sb.zerojargon.com;
    root /home/forge/api.sb.zerojargon.com/current/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/api.sb.zerojargon.com/15314/server.crt;
    ssl_certificate_key /etc/nginx/ssl/api.sb.zerojargon.com/15314/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 180m;
    
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
    ssl_dhparam /etc/nginx/cert/dhparam.pem;
    
    add_header Strict-Transport-Security "max-age=31536000" always;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/api.sb.zerojargon.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_param PHP_VALUE "newrelic.appname=api.sb.zerojargon.com";
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

taijuten left a reply on Multiple SSLs On One Forge (digitalocean) Droplet

Thanks @bashy :) Will have a look into. Hope you're well!

taijuten left a reply on Pros And Cons Of Most Favoured PHP Frameworks

The writing style of the author makes me really doubt any credibility.

  • "hard to modify codes"
  • "no lags"

There are also no real examples, or version references.

taijuten started a new conversation Multiple SSLs On One Forge (digitalocean) Droplet

So I'm led to believe that you can have more than one SSL on a single droplet, however I'm having some trouble achieving this.

I've added two separate SSL certificates via forge, and have set up my nginx configs appropriately.

The first one worked a treat, and I have no problems with it. However, when I try to view https on the other domain, I get a privacy warning. If I accept this warning, it loads the content of the domain with the first SSL certificate.

Any ideas, or any other info I can provide to try and diagnose this?

20 Sep
3 years ago

taijuten left a reply on Near Me?

I'm between @mstnorris and @bashy - Hastings, East Sussex :)

11 Sep
4 years ago

taijuten left a reply on Cloning Auth Layer

@meeshka Sorry, been away for the evening.

More like this (this is from a project of mine, so adapt to your needs).

// these are "unprotected" routes
Route::post('users', 'UserController@store');
Route::post('token', 'UserController@authenticate');

// these routes in here will require the middleware to run
Route::group(['middleware' => 'checkToken'], function() {
    Route::get('users/{users}', 'UserController@show');
}

taijuten left a reply on Cloning Auth Layer

You can secure controllers with the middleware on constructor, no problem.

However, I find more often than not, that I need to control more granularly. In this case, I put all routes that require authentication in a route group. Not only does this mean your constructor code isn't repeated, but also allows you to have your routes for authenticating and registering a user outside the middleware, whilst the rest of the controller within the middleware.

taijuten left a reply on Cloning Auth Layer

I'd probably deal with this using sessions.

Give an input box for superadmins, where they can put in the username of the person they wish to impersonate.

Your Authorization policies could then check for a user in the session, if the original user is a superadmin.

However, as @ohffs mentioned above, I'd recommend against doing this, particularly if the website is going to be used by the public at all. That's because certain information, most users would like to think only they can access. This is stuff such as payment history, personal information etc. Although this data is available to anyone who can access your database directly, opening it up to other "untracked" users on your actual site can be a little iffy.

taijuten left a reply on I Need To Retrieve Data From An External Api

Depends on where you're going to use it.

Could be as simple as using

parse_json();

taijuten left a reply on Laravel 5 - How Can We Access Image From Storage

Alternatively, have a look at https://github.com/thephpleague/glide

By default, this will render images from your storage, and allow you to do all sorts of things with it such as cropping, color correction etc.

taijuten left a reply on Cloning Auth Layer

Using Authorization, you can create policies to handle this. e.g.

Your PaymentController might have:

// to update payment info
public function update(Payment $payment) {
    if(Gate::allows('update', $payment) {
        // your code to update the info here
    }
}

Your PaymentPolicy can then have a method for each "action"

class PaymentPolicy {
    public function update($user, $payment) {
        // check user is of the right type to do this
    }
}

The same principles can be applied for all of your actions.

taijuten left a reply on Cloning Auth Layer

If you use Laravel's authorization: http://laravel.com/docs/5.1/authorization

Then you can have a superUser check, to see if a user is a superUser. Programmaticaly, there's no reason that a user couldn't turn this on and off. E.g. switch to an "Admin Mode" if they are able.

taijuten left a reply on Laravel Routes

Please can you further explain what your actual question is.

If you have 100 tables, perhaps your database structure could be improved? Also, I'm not sure how you would expect to deal with this otherwise. Using vanilla PHP you would still have to have different pages for dealing with each resource.

taijuten left a reply on Cloning Auth Layer

You should only ever need one type of authentication for your application.

Why do you not like the thought of differentiating users by role? There is no difference in security between the two ways.

10 Sep
4 years ago

taijuten left a reply on Hide Important Files Like .env

It's not done in your htaccess.

What's your hosting environment? Ubuntu / Windows? Do you have SSH access, or a control panel style of things?

09 Sep
4 years ago

taijuten left a reply on Hide Important Files Like .env

As mentioned in the other post, this is why you point your site root to /public, not your Laravel root.

taijuten left a reply on Authorisation: Making Policies For Actions On Other Users

@xtremer360 I put the solution at top of my original post, and adjusted the code to working :)

taijuten left a reply on Authorisation: Making Policies For Actions On Other Users

Solved, spotted my error as soon as posted (sorry guys, my bad code)

taijuten started a new conversation Authorisation: Making Policies For Actions On Other Users

Edit: holy crap, caught out by a single equal instead of double. Been a while since that last happened!

Using the new Authorization methods in Laravel 5.1.11, I'm having some issues when performing operations on other users.

Here's the Show method on my UserController

public function show(User $user, Request $request)
{
    if(Gate::allows('show', $user)) {
        return $this->respondWithItem($user, new UserTransformer);
    }
    return $this->errorUnauthorised("You are not authorised to view this user's details");
}

And the test policy I've created:

public function show(User $user, User $focalUser) {
    return ($user->id == $focalUser->id);
}

However, this always returns true, as both $user and $focalUser become the authenticated user, instead of the user being passed through from the controller.

Any ideas on how to get around this?