Jump to content

maxudaskin

Members
  • Posts

    627
  • Joined

  • Last visited

Everything posted by maxudaskin

  1. <?php // FlightEntryController.php ... class FlightEntryController extends Controller { public function __construct() { $this->authorizeResource(FlightEntry::class); } /** * Display the specified resource. * * @param int $id * @return \Illuminate\Http\Response */ public function show(FlightEntry $flight) { dd($flight); } ... } // FlightEntryPolicy.php class FlightEntryPolicy { use HandlesAuthorization; ... /** * Determine whether the user can view the model. * * @param \App\Models\User $user * @param \App\Models\FlightEntry $flightEntry * @return \Illuminate\Auth\Access\Response|bool */ public function view(User $user, FlightEntry $flightEntry) { dd($user); if($user->hasPermissionTo('view flights not owned')) { // Spatie return Response::allow(); } if($user->id === $flightEntry->user_id) { return Response::allow(); } return Response::deny(null, 404); } ... } // AuthServiceProvider.php class AuthServiceProvider extends ServiceProvider { /** * The policy mappings for the application. * * @var array */ protected $policies = [ App\Models\FlightEntry::class => App\Policies\FlightEntryPolicy::class, ]; ... } // routes/web.php Route::resource('/flights', FlightEntryController::class)->middleware('auth'); With the policy not attached, everything works fine. When I attach the policy, index (viewAny) works, but show (view) does not. It throws a 403 and does not run the dd inside. I'm going crazy. Any suggestions?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.