I want to add 'OR' condition with middleware on laravel routes for Role and Permission. Can anyone please help me here. Below is the code which I am trying currently through some internet research but it is not working.
Route::get('get-all-users', 'API\Admin\AdminController#get_all_users')->middleware(['role:admin' OR 'permission:view.all.users']);
In this scenario, you will need to change the DB structure a bit. Tables would look like:
Actions
Roles
Role_action_mapping => This will have foreign keys of both the above tables as a many to many relationship.
Now, every action should have a role assigned to it. So, the permission view.all.users will have an entry in the table with admin(or any desired role) assigned to it by it's side in Role_action_mapping.
So all you will have to do is have a single middleware say permission:view.all.users on the route and just check if the current role of the user has an entry with view.all.users in the Role_action_mapping table.
Related
I want to create simple SPA with admin-panel. I did panel and fronted part. Now I have two solutions way:
Use enum type of row in database: $table->enum('role', ['user', 'admin]);
Create another 'roles' table and insert there: 'user' and 'admin'
Which is the better way and why?
Always try to go for the simplest, clearest solution. As long a you only have 2 roles, admin and user, and a customer can only have one role, the first solution is much easier.
Defining a new table would give unwanted complexity, and also to ask for each user it's role from a different table could be timeconsuming.
Perhaps if you have more roles, and a user can have multiple roles, the second solution is more clear.
I have an api that I am implementing multi-tenant based on an additional column in the tables.
For this I created a trait that implements a
static::addGlobalScope() and static::creating().
I have a user_idXtenant_id table. In this table I store the accesses that the user has.
My Route looks like this:
Route::get('{tenant_id}/products', function ($tenant_id) {
return App\Products::where(['tenant_id' => $tenant_id])->get();
})->middleware('role_or_permission:admin|seller|get-products');
Route::get('products', function () {
return App\Products::get();
})->middleware('role_or_permission:admin|seller|get-products');
The idea is that in the first route it is verified if the user has access to tenant_id and if he has access, return only the products of that tenant_id (here Polices can be useful and solve the problem).
The second route, on the other hand, must return all products of all tenant_id that the user has access to. For this, I use static :: addGlobalScope() to set the tenants that the user has access to in this way:
$builder->whereIn('tenant_id', $tenants);
The question is how to check in GlobalScope if tenant_id was filled in the model. So, if it is present, I only check the permission and if it is not present I include the tenant_id that the user has access to.
I hope I have been able to adequately exemplify the problem.
Any help is most welcome.
Thank you!
I have three tables
Admins for admin,
Teachers for teacher,
students for student.
Each of these users have their own dashboard (AdminDash, TeacherDash, StudentDash). Now all I want to do is, each user are sent to their respective dashboard after login. Is it even possible to do so.
Also can this be done using single login form or do I need to create different login form for each case and different controllers to authenticate.
Edit:
Actually, here teachers and students fill different registration forms with different value so I don't want to store them in same table. And admins is for admin and superadmin who run the site. Also the dashboard they use after login are different.
I published a custom laravel for manage multi auth in one laravel project. In example branch I commit step by step for describe everything you most know. larasin
Also can this be done using single login form or do I need to create different login form for each case and different controllers to authenticate.
You can create a login form component an use it every where you want.
First extend your 3 tables with Authenticable like:
class User extends Authenticatable
Then in your config/auth, set up the providers like:
'teachers' => [
'driver' => 'eloquent',
'model' => App\Models\Teacher::class,
],
Then you should be able to auth::attempt your model instance.
Do let me know if this doesn't work, I am pretty new in Laravel also :) cheers!
p/s: I do think it is better to just use a user table with a "role" column, however I believe you probably have different columns needed for each of these user groups. But you can still use new tables such as "teacher_profiles","user_profiles" for those columns, and you can refer to different tables according to your role.
For example, if "teacher" role_id is 3, then if user role==3, you will refer to "teacher_profiles" table.
is it possible to set another table & column to store my remember tokens? I know that the framework tries to automatically find a remember_token column in my "users" model, but I want to store it separately from users. Is there a way to configure my default tokens table? Thank you
P.S - I'm using laravel 5
First, you need to create separate model for storing remember tokens and define a relationship on your User model like so
public function rememberToken() {
return $this->hasOne('RememberToken');
}
Then you need to override methods on your User model, originally defined in Authenticatable trait. Override getRememberToken() and setRememberToken() methods. You will also need to override getRememberTokenName() as it is used in where clause in EloquentUserProvider::retrieveByToken() see EloquentUserProvider line 60. In order for this to work properly you probably have to add global scope to your User model to join remember_tokens table on every query, and return 'remember_tokens.token' from getRememberTokenName() method.
Think twice as it seems more trouble than it is worth. Why would you want to store your tokens separately anyway?
I believe the way Laravel works uses a seperate column in the users table to store a single remember_me token. From my understanding it seems that logging out resets this token regardless of storing the token in a cookie (correct me if I'm wrong).
https://github.com/laravel/ideas/issues/971
If you log in with remember_me checked on your personal computer,
then again on your phone,
and maybe again with any other device,
then finally the act of signing out on any device using the remember_me token or not will reset this token in the DB.
If Laravel had a separate table, able to remember each device, it might solve the problem.
I have a many-to-many relationship, users and roles, which I have worked out just fine. However, I have another table I would like to relate as well, called leads. A user and that user's role can be assigned to a lead.
So for example, I've created a Role and let's call it 'Manager'. Now, when I am managing my Users, I'd need to be able to assign different users to different roles which will be a many-to-many relationship (a role can have many users, a user can have many roles). So I will assign the role of 'Manager' to User A.
Now, when I am modifying my leads, I'd like to be able to assign a role_user to my lead (In my example, I'd like to assign a user to that lead), but I'd first need to assign a role to that Lead (Manager), and then be able to assign a user that is of that role to that lead.
Currently, I've got a many-to-many relationship setup for users and roles, using the pivot table name role_user. I've then got a many-to-many relationship setup on that pivot table, role_user, and leads, using another pivot table named lead_role_user.
Models + Controller - http://paste.laravel.com/D6h
My error: Call to undefined method Illuminate\Database\Query\Builder::roles()
It feels as though I am making this much more difficult than it should be.