mercredi 24 janvier 2018

laravel policy authorize always false

I'm trying to allow users editing their own review in Laravel 5.5

AuthServiceProvider.php

<?php

namespace App\Providers;

use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use App\Model\Review;
use App\Policies\ReviewPolicy;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        'App\Model' => 'App\Policies\ModelPolicy',
        Review::class => ReviewPolicy::class,
    ];

ReviewPolicy.php

public function update(User $user, Review $review)
{
    return $user->id == $review->user_id;
}

ReviewController.php

public function update(Request $request, Review $review ,int $id)
{
    $request->validate([
        'content' => 'required|min:250',
        'score' => 'numeric|min:0|max:10',
    ]);

    $this->authorize('update', $review);

    $reviewsSave = Review::find($id);
    $reviewsSave->content = $request->input('content');
    $reviewsSave->score = $request->input('score');
    $reviewsSave->save();

    return redirect(url()->current());

}

I keep getting

Symfony \ Component \ HttpKernel \ Exception \ AccessDeniedHttpException This action is unauthorized.

When in fact it should be authorized

I am probably missing something but I can't find what.



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)