gpt4 book ai didi

php - 仅“授权”资源的特定路由

转载 作者:行者123 更新时间:2023-12-04 15:57:37 24 4
gpt4 key购买 nike

有这个方法authorizeResource()它将特定策略应用于所有路由(索引路由除外)。有没有办法仅在特定路由上应用策略,类似于此功能:

Route::resource('photo', 'PhotoController', ['only' => [
'index', 'show'
]]);

最佳答案

尽管@JeffPucket 在 his answer 中指出, only选项对我不起作用。我正在运行 Laravel 5.5 起作用的是逆逻辑:

public function __construct()
{
$this->authorizeResource(Photo::class, null, [
'except' => [ 'index', 'show' ],
]);
}

请注意,您应该将操作( Controller 的方法)传递给该选项 不要想要应用您的保单。在这种情况下, indexshow将绕过授权中间件。

只是为了比较,这里是 php artisan route:list 的结果使用每个选项时:

仅限
+--------+-----------+------------------------+-----------------+------------------------------------------------+--------------------------------------------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+-----------+------------------------+-----------------+------------------------------------------------+--------------------------------------------------+
| | POST | comment | comment.store | App\Http\Controllers\CommentController@store | web,auth,can:create,App\Http\Controllers\Comment |
| | GET|HEAD | comment | comment.index | App\Http\Controllers\CommentController@index | web,auth,can:view,App\Http\Controllers\Comment |
| | GET|HEAD | comment/create | comment.create | App\Http\Controllers\CommentController@create | web,auth,can:create,App\Http\Controllers\Comment |
| | GET|HEAD | comment/{comment} | comment.show | App\Http\Controllers\CommentController@show | web,auth,can:view,comment |
| | PUT|PATCH | comment/{comment} | comment.update | App\Http\Controllers\CommentController@update | web,auth,can:update,comment |
| | DELETE | comment/{comment} | comment.destroy | App\Http\Controllers\CommentController@destroy | web,auth,can:delete,comment |
| | GET|HEAD | comment/{comment}/edit | comment.edit | App\Http\Controllers\CommentController@edit | web,auth,can:update,comment |
+--------+-----------+------------------------+-----------------+------------------------------------------------+--------------------------------------------------+

除了
+--------+-----------+------------------------+-----------------+------------------------------------------------+--------------------------------------------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+-----------+------------------------+-----------------+------------------------------------------------+--------------------------------------------------+
| | POST | comment | comment.store | App\Http\Controllers\CommentController@store | web,auth,can:create,App\Http\Controllers\Comment |
| | GET|HEAD | comment | comment.index | App\Http\Controllers\CommentController@index | web,auth |
| | GET|HEAD | comment/create | comment.create | App\Http\Controllers\CommentController@create | web,auth,can:create,App\Http\Controllers\Comment |
| | GET|HEAD | comment/{comment} | comment.show | App\Http\Controllers\CommentController@show | web,auth |
| | PUT|PATCH | comment/{comment} | comment.update | App\Http\Controllers\CommentController@update | web,auth,can:update,comment |
| | DELETE | comment/{comment} | comment.destroy | App\Http\Controllers\CommentController@destroy | web,auth,can:delete,comment |
| | GET|HEAD | comment/{comment}/edit | comment.edit | App\Http\Controllers\CommentController@edit | web,auth,can:update,comment |
+--------+-----------+------------------------+-----------------+------------------------------------------------+--------------------------------------------------+

如上所示,中间件仅在使用 except 时应用于特定路由.

也许这是框架中的一个错误。但很难确认这一点,因为这个选项似乎没有记录在案。甚至详细信息 authorizeResource()方法不存在。

关于php - 仅“授权”资源的特定路由,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44524073/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com