universal middleware to controll content according to roles

i want to do things like if you are admin and you look at user profile for you there will be option to ban that user or in chat room admin will have option to delete message of any user

i can make middleware like this

if($role == 'member'){
    return redirect('/people/profile/{id}');
 } else {
    return redirect('/people/profile/{id}')->with(['access' => 'admin']);
}

but this is solution only for one view so i need unique middleware for every view otherwise i can make role check in each view both options are bad

so exist any option how to make universal middleware for this ?

something what do same thing as this

if($role == 'member'){
    return $next($request);
 } else {
    return $next($request);->with(['access' => 'admin']);
}

bobbybouwmann

8 years ago

Best Answer

Level 88

I don't think a middleware is the way to go. It sounds more like you need a role/permissions based system. Laravel has this build in using Gate classes.

Documentation: https://laravel.com/docs/5.5/authorization

You can also do a conditional check in your view and/or controller right?

// view
@if (auth()->user()->role == 'member')
    // Button to ban user
@endif

This is a basic example though. If you want to do more with Authorization you can create your own authorization rules. Check the documentation for more info! If you have questions let me know ;)

Please or to participate in this conversation.