Level 55
@Ranjeet where is that code, please paste your full routes.php file.
May 28, 2015
6
Level 2
Routing according to roles
In my database of "Users" table, there is "role" column with 'admin' and 'client' as "Enum" types in routes.php i want to allow access to edit page for admin only not client so in routes.php i use like this routes.php
Route::get('login',['midddleware'=>'guest','uses'=>'AccountController@Login']);
$router->get('view/product','GoodsController@addProduct');
$router->post('view/product','GoodsController@storeProduct');
$router->get('home','GoodsController@viewAllProduct');
if(Auth::user()->role=='admin')
{
$router->get('edit',array(
'as'=>'edit',
'uses'=>'GoodsController@edit'));
}else{}
$router->get('delete/{id}','GoodsController@delete');
Route::get('my/products' ,'GoodsController@myProducts');
Route::get('accept/{id}',array(
'as'=>'accept-product',
'uses'=>'GoodsController@updateProduct'));
i have added following part to check roles
if(Auth::user()->role=='admin')
{
$router->get('edit',array(
'as'=>'edit',
'uses'=>'GoodsController@edit'));
}else{}
I have checked user is admin or not before redirecting to edit page but this is not working .How to route this?
Level 2
@mstnorris i have mentioned routes.php code above
Level 55
Check out https://laracasts.com/discuss/channels/laravel/auth-login-by-role that I answered yesterday. It contains everything you need to get going.
You should use Middleware.
I have included a basic implementation and requires that you add an admin column to your users table. I'm not suggesting that this is the best way. I personally have set up Users, Roles, and Permissions but the example below will get you started.
- The following command creates new Middleware called Admin
php artisan make:middleware Admin
- This creates a file called Admin.php within the app/Http/Middleware directory that looks like
<?php namespace App\Http\Middleware;
use Closure;
class Admin {
public function handle($request, Closure $next)
{
if ( Auth::check() && Auth::user()->isAdmin() )
{
return $next($request);
}
return redirect('home');
}
}
- You then need to add the Admin Middleware to your app/Http/Kernel.php file
protected $routeMiddleware = [
'auth' => 'App\Http\Middleware\Authenticate',
'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
'guest' => 'App\Http\Middleware\RedirectIfAuthenticated',
'admin' => 'App\Http\Middleware\Admin', // this line right here
];
- Add the Admin Middleware to a route. (Within your routes.php file).
get('protected', ['middleware' => ['auth', 'admin'], function() {
return "this page requires that you be logged in and an Admin";
}]);
- Finally you need to add the isAdmin method we created above to your User model to check whether or not the user is an Admin.
public function isAdmin()
{
return $this->admin ? true : false; // this looks for an admin column in your users table
}
- This will do the trick. If you run into any problems, please post what you have tried and which step you got up to and I'll try my best to help.
3 likes
Level 2
@mstnorris yes, but in above case how can i do with middleware - help needed
Level 55
I think my post above is enough to do the trick ;)
Level 2
@mstnorris ok thanks
Please or to participate in this conversation.