Level 50
Use three backticks (```) to format your code blocks.
For example:
```
my code
```
Gets rendered like this:
my code
1 like
May 29, 2024
11
Level 1
403 USER DOES NOT HAVE THE RIGHT ROLES. Spatie/breeze Laravel
hi all, im still fighting with permission role issue, i just follow tutorial cuz im beginner for coding, may someone tell me why its shows 403 after i add
Route::group(['middleware' => ['role:super-admin|admin']], function() {
at web.php and add
function __construct()
{
$this->middleware(['permission:view role|create role|update role|delete role'], ['only' => ['index', 'show']]);
$this->middleware(['permission:create role'], ['only' => ['create', 'store']]);
$this->middleware(['permission:update role'], ['only' => ['edit', 'update']]);
$this->middleware(['permission:delete role'], ['only' => ['destroy']]);
}
to user role n permission controller ?
Level 1
@JussiMannisto got it thanks
Level 80
@andriw Well what does your role and permission middleware classes look like?
Level 1
@martinbean PermissionController
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Spatie\Permission\Models\Permission;
class PermissionController extends Controller
{
function __construct()
{
$this->middleware(['permission:view permission|create permission|update permission|delete permission'], ['only' => ['index', 'show']]);
$this->middleware(['permission:create permission'], ['only' => ['create', 'store']]);
$this->middleware(['permission:update permission'], ['only' => ['edit', 'update']]);
$this->middleware(['permission:delete permission'], ['only' => ['destroy']]);
}
public function index()
{
$permissions = Permission::get();
return view('role-permission.permission.index', [
'permissions' => $permissions
]);
}
public function create()
{
return view('role-permission.permission.create');
}
public function store(Request $request)
{
$request->validate([
'name' => [
'required',
'string',
'unique:permissions,name'
]
]);
Permission::create([
'name' => $request->name
]);
return redirect('permissions')->with('status', 'Permissions Created Successfully');
}
public function edit(Permission $permission)
{
return view('role-permission.permission.edit',[
'permission' => $permission
]);
}
public function update(Request $request, Permission $permission)
{
$request->validate([
'name' => [
'required',
'string',
'unique:permissions,name,'.$permission->id
]
]);
$permission->update([
'name' => $request->name
]);
return redirect('permissions')->with('status', 'Permissions Updated Successfully');
}
public function destroy($permissionId)
{
$permission = Permission::find($permissionId);
$permission->delete();
return redirect('permissions')->with('status','Permission Deleted Successfully');
}
}
RoleController
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class RoleController extends Controller
{
function __construct()
{
$this->middleware(['permission:view role|create role|update role|delete role'], ['only' => ['index', 'show']]);
$this->middleware(['permission:create role'], ['only' => ['create', 'store']]);
$this->middleware(['permission:update role'], ['only' => ['edit', 'update']]);
$this->middleware(['permission:delete role'], ['only' => ['destroy']]);
}
public function index()
{
$roles = Role::get();
return view('role-permission.role.index', [
'roles' => $roles
]);
}
public function create()
{
return view('role-permission.role.create');
}
public function store(Request $request)
{
$request->validate([
'name' => [
'required',
'string',
'unique:roles,name'
]
]);
Role::create([
'name' => $request->name
]);
return redirect('roles')->with('status', 'Roles Created Successfully');
}
public function edit(Role $role)
{
return view('role-permission.role.edit',[
'role' => $role
]);
}
public function update(Request $request, Role $role)
{
$request->validate([
'name' => [
'required',
'string',
'unique:roles,name,'.$role->id
]
]);
$role->update([
'name' => $request->name
]);
return redirect('roles')->with('status', 'Roles Updated Successfully');
}
public function destroy($roleId)
{
$role = Role::find($roleId);
$role->delete();
return redirect('roles')->with('status','Permission Deleted Successfully');
}
public function addPermissionToRole($roleId)
{
$permissions = Permission::get();
$role = Role::findOrFail($roleId);
$rolePermissions = DB::table('role_has_permissions')
->where('role_has_permissions.role_id', $role->id)
->pluck('role_has_permissions.permission_id','role_has_permissions.permission_id')
->all();
return view('role-permission.role.add-permissions',[
'role' => $role,
'permissions' => $permissions,
'rolePermissions' => $rolePermissions
]);
}
public function givePermissionToRole(Request $request, $roleId)
{
$request->validate([
'permission' => 'required'
]);
$role = Role::findOrFail($roleId);
$role->syncPermissions($request->permission);
return redirect()->back()->with('Izin telah diberikan');
}
}
AuthServiceProvider
<?php
namespace App\Providers;
// use Illuminate\Support\Facades\Gate;
use App\Models\User;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
class AuthServiceProvider extends ServiceProvider
{
/**
* The model to policy mappings for the application.
*
* @var array<class-string, class-string>
*/
protected $policies = [
//
];
/**
* Register any authentication / authorization services.
*/
public function boot(): void
{
//
}
}
Level 80
@andriw Now how about showing your role and permission middleware like I asked…?
Level 1
@martinbean im sorry but i dont understand which file, can u tell me whats name for the file u mean ?, im using spatie/breeze
Level 1
u mean Kernel.php ?
protected $middlewareAliases = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
'signed' => \App\Http\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'role' => \Spatie\Permission\Middleware\RoleMiddleware::class,
'permission' => \Spatie\Permission\Middleware\PermissionMiddleware::class,
'role_or_permission' => \Spatie\Permission\Middleware\RoleOrPermissionMiddleware::class,
];
Level 51
@andriw You should have a file within the middleware directory that is handling your permission checks
Level 1
@JaredB ahh this is right ? PermissionMiddleware " error undefined method canAny "
<?php
namespace Spatie\Permission\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Exceptions\UnauthorizedException;
use Spatie\Permission\Guard;
class PermissionMiddleware
{
public function handle($request, Closure $next, $permission, $guard = null)
{
$authGuard = Auth::guard($guard);
$user = $authGuard->user();
// For machine-to-machine Passport clients
if (! $user && $request->bearerToken() && config('permission.use_passport_client_credentials')) {
$user = Guard::getPassportClient($guard);
}
if (! $user) {
throw UnauthorizedException::notLoggedIn();
}
if (! method_exists($user, 'hasAnyPermission')) {
throw UnauthorizedException::missingTraitHasRoles($user);
}
$permissions = is_array($permission)
? $permission
: explode('|', $permission);
if (! $user->canAny($permissions)) {
throw UnauthorizedException::forPermissions($permissions);
}
return $next($request);
}
/**
* Specify the permission and guard for the middleware.
*
* @param array|string $permission
* @param string|null $guard
* @return string
*/
public static function using($permission, $guard = null)
{
$permissionString = is_string($permission) ? $permission : implode('|', $permission);
$args = is_null($guard) ? $permissionString : "$permissionString,$guard";
return static::class.':'.$args;
}
}
RoleMiddleware " error undefined method hasAnyRole"
<?php
namespace Spatie\Permission\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Exceptions\UnauthorizedException;
use Spatie\Permission\Guard;
class RoleMiddleware
{
public function handle($request, Closure $next, $role, $guard = null)
{
$authGuard = Auth::guard($guard);
$user = $authGuard->user();
// For machine-to-machine Passport clients
if (! $user && $request->bearerToken() && config('permission.use_passport_client_credentials')) {
$user = Guard::getPassportClient($guard);
}
if (! $user) {
throw UnauthorizedException::notLoggedIn();
}
if (! method_exists($user, 'hasAnyRole')) {
throw UnauthorizedException::missingTraitHasRoles($user);
}
$roles = is_array($role)
? $role
: explode('|', $role);
if (! $user->hasAnyRole($roles)) {
throw UnauthorizedException::forRoles($roles);
}
return $next($request);
}
/**
* Specify the role and guard for the middleware.
*
* @param array|string $role
* @param string|null $guard
* @return string
*/
public static function using($role, $guard = null)
{
$roleString = is_string($role) ? $role : implode('|', $role);
$args = is_null($guard) ? $roleString : "$roleString,$guard";
return static::class.':'.$args;
}
}
and RoleOrPermissionMiddleware " error undefined method canAny & hasAnyRole "
<?php
namespace Spatie\Permission\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Exceptions\UnauthorizedException;
use Spatie\Permission\Guard;
class RoleOrPermissionMiddleware
{
public function handle($request, Closure $next, $roleOrPermission, $guard = null)
{
$authGuard = Auth::guard($guard);
$user = $authGuard->user();
// For machine-to-machine Passport clients
if (! $user && $request->bearerToken() && config('permission.use_passport_client_credentials')) {
$user = Guard::getPassportClient($guard);
}
if (! $user) {
throw UnauthorizedException::notLoggedIn();
}
if (! method_exists($user, 'hasAnyRole') || ! method_exists($user, 'hasAnyPermission')) {
throw UnauthorizedException::missingTraitHasRoles($user);
}
$rolesOrPermissions = is_array($roleOrPermission)
? $roleOrPermission
: explode('|', $roleOrPermission);
if (! $user->canAny($rolesOrPermissions) && ! $user->hasAnyRole($rolesOrPermissions)) {
throw UnauthorizedException::forRolesOrPermissions($rolesOrPermissions);
}
return $next($request);
}
/**
* Specify the role or permission and guard for the middleware.
*
* @param array|string $roleOrPermission
* @param string|null $guard
* @return string
*/
public static function using($roleOrPermission, $guard = null)
{
$roleOrPermissionString = is_string($roleOrPermission) ? $roleOrPermission : implode('|', $roleOrPermission);
$args = is_null($guard) ? $roleOrPermissionString : "$roleOrPermissionString,$guard";
return static::class.':'.$args;
}
}
Level 75
@andriw in the 30 days to learn laravel course, @jeffreyway covers using permissions.
Level 50
@andriw If you get undefined method errors, then your User model doesn't have the necessary traits.
The canAny method is from the Authorizable trait. By default, Laravel's User model extends a class which uses that trait. So you must have modified the User model if you're getting this error.
The hasAnyRole method is from the spatie/laravel-permission package. To use the package, read its instructions.
Please or to participate in this conversation.