ErikRobles
2 months ago
496
3
Laravel

Unable to delete record as authenticated user (vendor)

Posted 2 months ago by ErikRobles

I have a role_as vendor and want to delete one of the authenticated user's records. I get redirected to the admin home (which I am not authorized to view which is correct) and the record does not get deleted. I have tried Policies and middleware but unable to get this to work. In my destroy function, I have:

public function destroy($id)
    {

        $empresa = Empresa::find($id);
        $this->authorizeResource(Empresa::class, 'delete', $empresa);
        if ($empresa != null) {
            $empresa->delete();
            return redirect('/vendor-empresas')->with('status', 'Empresa Borrado Exitosamente.');
            // return redirect()->to('/vendor-empresas')->with('status', 'Empresa Borrado Exitosamente.');
        } else {
            return redirect('/vendor-empresas')->with('status', 'ID Equivocado! La empresa no fue borrado.');
        }
    }

My index.blade.php delete form:

 <form action="vendor-empresas/{vendor_empresa}" method="POST" id="deleteForm">
        {{ csrf_field() }}
        @method('delete')
      <div class="modal-body mx-3">
        <input type="hidden" name="_method" value="DELETE">
        <div class="text-center">
            <i class="fas fa-exclamation-triangle mb-4" style="color: #ffc107; font-size: 32px;"></i>
        </div>
            <h3 class="text-center text-uppercase">¿Estás Seguro/a?
        </h3>
      </div>
      <div class="modal-footer d-flex justify-content-center">
        <button class="btn btn-primary" data-dismiss="modal">Cancelar</button>
        <button type="submit" class="btn btn-danger">Sí, Borralo!</button>

      </div>
    </form>

AuthServiceProvider:

protected $policies = [
        'App\Empresa' => 'App\Policies\EmpresaPolicy',
    ];

Admin Middleware:

public function handle($request, Closure $next)
    {
        if (Auth::user()->role_as == 'admin') {
            return $next($request);
        } else {
            return redirect('/home')->with('status', 'You are not permitted to access the  Admin dashboard.');
        }
    }

the VendorMiddleware

 public function handle($request, Closure $next)
    {
        if (Auth::user()->role_as == 'vendor') {
            if (Auth::check() && Auth::user()->isBanned) {
                $banned = Auth::user()->isBanned == "1";
                Auth::logout();

                if ($banned == 1) {
                    $message = 'Your account has been Banned. Please contact the administrator.';
                }
                return redirect()->route('login')->with('status', $message)->withErrors(['email' => 'Your account has been Banned. Please contact the administrator.']);
            }
            return $next($request);
        } else {
            return redirect('/home')->with('status', 'You are not permitted to access the vendor dashboard, OK?');
        }
    }
}

I am able to view, create and edit but not delete. I am unsure what I am doing wrong as I am new to Laravel. Thank you in advance for any help you can provide.

Please sign in or create an account to participate in this conversation.