Laravel 5 Authorization using controller and middleware -
i'm trying make authorization using policy , middleware. wrote model called absence, policy called routepolicy, registered in authserviceprovider.
i wrote route (i'm using dingo / suppose if i've been using route::get have been same):
$dingoapi->get('absence/{user}','absencecontroller@index')->middleware('can:view,user'); it turns out right policy never called, seems laravel isn't able make link absencepolicy.
what going wrong?
here code excerpts of relevant classes:
class absencepolicy { use handlesauthorization; protected function authorize($user) { return auth::user() == $user.id; } /** * determine whether user can view absence. * * @param \app\user $user * @param \app\absence $absence * @return mixed */ public function view(user $user, absence $absence) { // return authorize($user); } ... authserviceprovider
class authserviceprovider extends serviceprovider { /** * policy mappings application. * * @var array */ protected $policies = [ 'app\model' => 'app\policies\modelpolicy', 'app\absence' => 'app\policies\absencepolicy', 'app\user' => 'app\policies\absencepolicy', ]; /** * register authentication / authorization services. * * @return void */ public function boot() { $this->registerpolicies(); ....
Comments
Post a Comment