I have a model that I want to allow normal users to edit the main fields in the model (name,telephone etc) on the same model I have a status field.
I have added it to:
protected $guarded = ['id','status','formType'];
I only want the Admin user to be able to update that field, so i only display the status field on the form when the user is an admin.
then in my controller I check if the user is an admin then then set the status like this:
if (Auth::check())
$user = Auth::user();
if ($user->is_admin()) {
$venue->status = $request->input('status');
}
This seems quite messy. is there a better way of protecting from update except for an admin.
thanks
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire