Ask a question

Popular technologies


Latest questions:

910 sql - Reverse the array in php
765 php - Convert long numbers to short and compact
506 php - Codeigniter 4 validation error callback_check_password is not working
831 laravel - How to calculate hour two date difference in php?
193 php - Symfony project shows directory listing index instead of index page
701 php - Test Imagick Image
93 wordpress - I am getting issues with my single Post navigation in single.php with previous_post_link() and next_post_link() is not working with post type "post"
862 PHP bcrypt to PYTHON bycrypt not giving same values
219 php - How to fix error Query array failed: 1064
308 php - What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
  1. Home
  2. php - Make multiple user types access the same Route using Laravel 9 middleware
273 votes
1 answers

php - Make multiple user types access the same Route using Laravel 9 middleware

mangohost Get the solution ↓↓↓

I followed this site on how to create user types and restrict page access. Everything works as expected, but I wanted the admin to also have access to the users pages. The app has several hierarchical levels and I don't want to have to repeat the same Route several times, how can I do that?

Im using this: (short version)

routes/web.php

...
Route::middleware(['auth', 'user-access:usr'])->group(function () {
    Route::get('/', function () {
        return view('pages.activityHome');
    });
});

Route::middleware(['auth', 'user-access:adm'])->group(function () {
    Route::get('activity/{id}/edit', [App\Http\Controllers\activityController::class, 'editActivity'])->name('edit.activity');
});

Models/User.php

...
protected function type(): Attribute
    {
        return new Attribute(
            get: fn ($value) =>  ["usr", "adm"][(int) $value],
        );
    }

Http/Middleware/UserAccess.php

...
public function handle(Request $request, Closure $next, $userType)
    {
        if(auth()->user()->type == $userType){
            return $next($request);
        }
          
        // return response()->view('errors.check-permission'); 
    }

Http/Kernel.php

...
protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'signed' => \App\Http\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
        'user-access' => \App\Http\Middleware\UserAccess::class,
    ];

This way the adm doesn't have access to /, but he should, how can I do it?

I tried how to place more elements in the array and put several groups separated by a comma, but it doesn't work.

Like this:['auth', 'user-access:usr', 'user-access:adm'],['auth', 'user-access:usr,adm']

322
votes

Answer

Solution:

I tried a different way and it worked.

Http/Middleware/UserAccess.php

...
public function handle(Request $request, Closure $next, $userType)
{
    if(in_array(auth()->user()->type, explode('.', $userType))){
        return $next($request);
    }

    return response()->json(['You do not have permission to access for this page.']);
}

routes/web.php

...
Route::middleware(['auth', 'user-access:usr.adm'])->group(function () {
    Route::get('/', function () {
        return view('pages.activityHome');
    });
});

I'm basically checking to see if any of the user types are in the array.

Source

Share

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

539 php - Make multiple user types access the same Route using Laravel 9 middleware
130 php - How to fix Connection failed: Access denied for user 'webroot'@'localhost' (using password: YES)
815 "laravel" Parse error: syntax error, unexpected '|', expecting variable (T_VARIABLE) in vendor/nunomaduro/termwind/src/Functions.php on line 17
810 php - Why I get error `Error uploading file 'filename'`
369 php - Laravel HasManyThrough nor BelongsToMany doesn't work in my case. Is it database structure problem?
129 php - Symfony /sitemap.xml route inaccessible
813 php - Validating route parameters to be greater than zero in Laravel
726 linux - PHP-FPM Exporter Binary can not access php unix socket
89 php - Retrieving Role and Permission from Authenticated User Laravel Breeze + React + inertia + Spatie Permission
878 php - Laravel - multiple controllers in single view

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.




About the technologies asked in this question

PHP

PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites. The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/


Laravel

Laravel is a free open source PHP framework that came out in 2011. Since then, it has been able to become the framework of choice for web developers. One of the main reasons for this is that Laravel makes it easier, faster, and safer to develop complex web applications than any other framework.
https://laravel.com/

Welcome to webdevask.com

Welcome to webdevask.com

Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.

Get answers to specific questions

Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.

Help Others Solve Their Issues

Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.