mercredi 28 octobre 2015

grant permission to a new role in Laravel 5

We are developing a laravel application, the application has an admin part which is only accessible to the admin users in routes file we have:

 Route::group(['middleware' => 'admin', 'prefix' => 'admin', 'namespace'
              => 'Admin'] , function() {
       Route::get('oldAdminUrl', 'oldControllwe@handle');

  }

The middleware file's handle function is like

public function handle($request, Closure $next)
{       
   if ($this->admin->guest())
    {
        //some code here
    }

    return $next($request);
}

ad the $this->Admin refers to Model called adminModel with the following attribute

 protected $table = 'admin'

Now we need to add a new url to the group of admin urls let's call it newAdminUrl it should be accessabile for both the admin users and also a new group of users let's call them editors

is it a good practice to put that url outside the admin group and assign it a new middleware let's call it editorsMiddleware in additon to admin middleware to check if the user who wants to access the newAdminUrl is either in editor group or admin group and the editors be stored in another table

 Route::group(['middleware' => ['admin','editors], 'prefix' => 'admin',      
     'namespace' => 'Admin'] , function() {
         Route::get('newAdminUrl', 'newControllwe@handle');

   }

The EditorModel which is used inside the editorMiddleware has this attribute:

     protected $table = 'editor'

The Question: what is the right or even good approach to implement it? or anyone has any better idea or suggestion?



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire