mardi 6 décembre 2016

Laravel Routing Multi level users with middleware

Hello i have 2 level users: 1 Super admin who is able to see and do everthing 2 TD which is able to only see stuff and not change anything

I made 2 middleware: 1 auth.superadmin and 1 auth.td

My routes:

Route::group(['middleware' => ['auth.superadmin']], function() {
Route::get('/users/{id}/destroy', 'UsersController@destroy');
Route::get('/searchuser', 'UsersController@searchuser');
Route::get('/users/create-worker', 'UsersController@getcreateworker');
Route::post('/users/post-create-worker', 'UsersController@postcreateworker');
Route::get('/users/create-agent', 'UsersController@getcreateagent');
Route::post('/users/post-create-agent', 'UsersController@postcreateagent');
Route::get('/users-optima', 'UsersController@indexoptima');
Route::resource('/users', 'UsersController');
Route::patch('/retours/{id}/postupdatefill','RetoursController@postupdatefill');
Route::get('/retours/{retourid}/addpart/{partid}','RetoursController@addpart');
Route::get('/retours/{retourid}/remove/{partid}','RetoursController@removepart');
Route::post('/retours/{retourid}/garantie','RetoursController@postonderdeelgarantie');
Route::get('/retours/{id}/updatefill/searchpart',   'RetoursController@searchpart');
Route::get('/searchpart', 'PartsController@searchpart');
Route::resource('/parts', 'PartsController');
});

Route::group(['middleware' => ['auth.td']], function() {
Route::get('/users/{id}/destroy', 'UsersController@destroy');
Route::get('/searchuser', 'UsersController@searchuser');

Route::resource('/users', 'UsersController',
    ['only' => ['index']]);

Route::patch('/retours/{id}/postupdatefill','RetoursController@postupdatefill');
Route::get('/retours/{retourid}/addpart/{partid}','RetoursController@addpart');
Route::get('/retours/{retourid}/remove/{partid}','RetoursController@removepart');
Route::post('/retours/{retourid}/garantie','RetoursController@postonderdeelgarantie');
Route::get('/retours/{id}/updatefill/searchpart', 'RetoursController@searchpart');
Route::get('/searchpart', 'PartsController@searchpart');
Route::resource('/parts', 'PartsController');
});

My middelware: superadmin

if (auth()->check() && auth()->user()->level == 1) {
        return $next($request);
    }
    return abort(404, 'no entry to this page');

TD

if (auth()->check() && auth()->user()->level == 2) {
            return $next($request);
        }
        return abort(404, 'no entry to this page');

I tried beginning with /Users. TD can only see the index at /Users.

When i do it this way the auth.superadmin cannot see index@/users...

enter image description here

Am i doing it wrong?

Any help is appreciated.



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)