Ask a question

Popular technologies


Latest questions:

632 sql - Reverse the array in php
739 php - Convert long numbers to short and compact
280 php - Codeigniter 4 validation error callback_check_password is not working
346 laravel - How to calculate hour two date difference in php?
787 php - Symfony project shows directory listing index instead of index page
17 php - Test Imagick Image
765 wordpress - I am getting issues with my single Post navigation in single.php with previous_post_link() and next_post_link() is not working with post type "post"
328 PHP bcrypt to PYTHON bycrypt not giving same values
862 php - How to fix error Query array failed: 1064
907 php - What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
  1. Home
  2. php - Make multiple user types access the same Route using Laravel 9 middleware
145 votes
1 answers

php - Make multiple user types access the same Route using Laravel 9 middleware

mangohost Get the solution ↓↓↓

I followed this site on how to create user types and restrict page access. Everything works as expected, but I wanted the admin to also have access to the users pages. The app has several hierarchical levels and I don't want to have to repeat the same Route several times, how can I do that?

Im using this: (short version)

routes/web.php

...
Route::middleware(['auth', 'user-access:usr'])->group(function () {
    Route::get('/', function () {
        return view('pages.activityHome');
    });
});

Route::middleware(['auth', 'user-access:adm'])->group(function () {
    Route::get('activity/{id}/edit', [App\Http\Controllers\activityController::class, 'editActivity'])->name('edit.activity');
});

Models/User.php

...
protected function type(): Attribute
    {
        return new Attribute(
            get: fn ($value) =>  ["usr", "adm"][(int) $value],
        );
    }

Http/Middleware/UserAccess.php

...
public function handle(Request $request, Closure $next, $userType)
    {
        if(auth()->user()->type == $userType){
            return $next($request);
        }
          
        // return response()->view('errors.check-permission'); 
    }

Http/Kernel.php

...
protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'signed' => \App\Http\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'user-access' => \App\Http\Middleware\UserAccess::class,
    ];

This way the adm doesn't have access to /, but he should, how can I do it?

I tried how to place more elements in the array and put several groups separated by a comma, but it doesn't work.

Like this:['auth', 'user-access:usr', 'user-access:adm'],['auth', 'user-access:usr,adm']

708
votes

Answer

Solution:

I tried a different way and it worked.

Http/Middleware/UserAccess.php

...
public function handle(Request $request, Closure $next, $userType)
{
    if(in_array(auth()->user()->type, explode('.', $userType))){
        return $next($request);
    }

    return response()->json(['You do not have permission to access for this page.']);
}

routes/web.php

...
Route::middleware(['auth', 'user-access:usr.adm'])->group(function () {
    Route::get('/', function () {
        return view('pages.activityHome');
    });
});

I'm basically checking to see if any of the user types are in the array.

Source

Share

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

515 php - Make multiple user types access the same Route using Laravel 9 middleware
550 php - How to fix Connection failed: Access denied for user 'webroot'@'localhost' (using password: YES)
883 "laravel" Parse error: syntax error, unexpected '|', expecting variable (T_VARIABLE) in vendor/nunomaduro/termwind/src/Functions.php on line 17
398 php - Why I get error `Error uploading file 'filename'`
797 php - Laravel HasManyThrough nor BelongsToMany doesn't work in my case. Is it database structure problem?
808 php - Symfony /sitemap.xml route inaccessible
849 php - Validating route parameters to be greater than zero in Laravel
775 linux - PHP-FPM Exporter Binary can not access php unix socket
802 php - Retrieving Role and Permission from Authenticated User Laravel Breeze + React + inertia + Spatie Permission
920 php - Laravel - multiple controllers in single view

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.




About the technologies asked in this question

PHP

PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites. The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/


Laravel

Laravel is a free open source PHP framework that came out in 2011. Since then, it has been able to become the framework of choice for web developers. One of the main reasons for this is that Laravel makes it easier, faster, and safer to develop complex web applications than any other framework.
https://laravel.com/

Welcome to webdevask.com

Welcome to webdevask.com

Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.

Get answers to specific questions

Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.

Help Others Solve Their Issues

Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.