如何将定义的权限分配给 Spatie/Laravel-permission 中的正确策略和控制器方法?
how do I assign the defined permissions to the right policies and controller methods in Spatie/Laravel-permission?
这似乎是一个简单的问题,但我无法在 Laravel 政策文档或 Spatie/Laravel-permission 文档中找到解决方案。
问题出在这里:
这就是我为 PermissionSeeder.php:
中的某些角色分配权限的方式
public function run()
{
// Reset cached roles and permissions
app()[PermissionRegistrar::class]->forgetCachedPermissions();
// create permissions
Permission::create(['name' => 'view own tickets']);
Permission::create(['name' => 'view all tickets']);
Permission::create(['name' => 'forward a ticket']);
Permission::create(['name' => 'close a ticket']);
Permission::create(['name' => 'write a ticket']);
Permission::create(['name' => 'assign permissions to roles']);
Permission::create(['name' => 'hide a ticket']);
// create roles and assign existing permissions
$role1 = Role::create(['name' => 'staff']);
$role1->givePermissionTo('view own tickets');
$role1->givePermissionTo('forward a ticket');
$role1->givePermissionTo('close a ticket');
$role1->givePermissionTo('write a ticket');
$role2 = Role::create(['name' => 'admin']);
$role2->givePermissionTo('view own tickets');
$role2->givePermissionTo('forward a ticket');
$role2->givePermissionTo('close a ticket');
$role2->givePermissionTo('write a ticket');
$role2->givePermissionTo('hide a ticket');
$role2->givePermissionTo('view all tickets');
$role3 = Role::create(['name' => 'Super-Admin']);
}
现在让我举例说明我的转发方法的控制器方法的外观:
class TicketController extends Controller
{
/**
* forward a ticket to another user.
*
* @param Request $request
* @return Response
*/
public function forwardTo(Request $request)
{
$ticket = TicketTitle::find($request->ticket_id);
$ticket->forwarded_to = $request->user_id;
$ticket->status = TicketTitle::STATUS_FORWARDED;
$ticket->save();
return \response($ticket, 200);
}
}
在执行该方法前需要先验证用户是否有转发工单的权限...请问如何操作?
如果我必须定义一个策略,给定我的方法名称和我的权限,应该调用什么策略?
我也检查了类似的问题,但其中 none 个有我正在寻找的答案。
您可以从 method: has Permission To Use 如下:
$user->hasPermissionTo('edit articles')
if(auth()->user()->hasPermissionTo('forward a ticket')){
$ticket->forwarded_to = $request->user_id;
};
试试这个one.commit 以解决更多问题
这似乎是一个简单的问题,但我无法在 Laravel 政策文档或 Spatie/Laravel-permission 文档中找到解决方案。
问题出在这里:
这就是我为 PermissionSeeder.php:
public function run()
{
// Reset cached roles and permissions
app()[PermissionRegistrar::class]->forgetCachedPermissions();
// create permissions
Permission::create(['name' => 'view own tickets']);
Permission::create(['name' => 'view all tickets']);
Permission::create(['name' => 'forward a ticket']);
Permission::create(['name' => 'close a ticket']);
Permission::create(['name' => 'write a ticket']);
Permission::create(['name' => 'assign permissions to roles']);
Permission::create(['name' => 'hide a ticket']);
// create roles and assign existing permissions
$role1 = Role::create(['name' => 'staff']);
$role1->givePermissionTo('view own tickets');
$role1->givePermissionTo('forward a ticket');
$role1->givePermissionTo('close a ticket');
$role1->givePermissionTo('write a ticket');
$role2 = Role::create(['name' => 'admin']);
$role2->givePermissionTo('view own tickets');
$role2->givePermissionTo('forward a ticket');
$role2->givePermissionTo('close a ticket');
$role2->givePermissionTo('write a ticket');
$role2->givePermissionTo('hide a ticket');
$role2->givePermissionTo('view all tickets');
$role3 = Role::create(['name' => 'Super-Admin']);
}
现在让我举例说明我的转发方法的控制器方法的外观:
class TicketController extends Controller
{
/**
* forward a ticket to another user.
*
* @param Request $request
* @return Response
*/
public function forwardTo(Request $request)
{
$ticket = TicketTitle::find($request->ticket_id);
$ticket->forwarded_to = $request->user_id;
$ticket->status = TicketTitle::STATUS_FORWARDED;
$ticket->save();
return \response($ticket, 200);
}
}
在执行该方法前需要先验证用户是否有转发工单的权限...请问如何操作?
如果我必须定义一个策略,给定我的方法名称和我的权限,应该调用什么策略?
我也检查了类似的问题,但其中 none 个有我正在寻找的答案。
您可以从 method: has Permission To Use 如下:
$user->hasPermissionTo('edit articles')
if(auth()->user()->hasPermissionTo('forward a ticket')){
$ticket->forwarded_to = $request->user_id;
};
试试这个one.commit 以解决更多问题