mardi 17 avril 2018

UserPolicy always rejects authorization

I have made a UserPolicy in Laravel, and am trying to use the $this->authorize(User::class) in the controller, however, it always returns 403 error when I visit the UserController@index, this problem isn't present if I remove the $this->authorize(User::class) from UserController

app/Providers/AuthServiceProvider.php

namespace App\Providers;

use App\Transaction;
use App\Policies\UserPolicy;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        User::class => UserPolicy::class
    ];

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();

        //
    }
}

app/Policies/UserPolicy.php

namespace App\Policies;

use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    /**
     * Determine whether the user can index users.
     *
     * @param  \App\User  $model
     * @return mixed
     */
    public function index(User $user)
    {
        return true;
    }
}

app/Controllers/UserController.php

namespace App\Http\Controllers;

use App\User;
use Illuminate\Http\Request;

class UserController extends Controller
{
    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function index()
    {
        $this->authorize(User::class);
        $users = User::all();
        return view('users.index', compact('users'));
    }
}


via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)