dourong4031 2018-02-05 23:14
浏览 21

laravel 5.4 - 如何防止一个人的角色能够访问另一个角​​色的属性?

I have an inventory app that has three different roles, namely operator, admin, and super admin.

the problem is when I enter with one of the roles, I can access the menu belongs to another role by writing the link from the menu in the browser's link bar.

example

in the admin page there is a backup and restore menu, link: /admin/backupAndRestore

then I log in as an operator

in the operator page there is only the item borrowing and return item menu, but if I write a link of the admin backup and restore menu in the browser's link bar like localhost: 8000/admin/backupAndRestore I can access the page.

I want to make it like a user who has logged in can not access the register or login page and redirected to the home page, what should I do?

  • 写回答

1条回答 默认 最新

  • dongweihuan8610 2018-02-05 23:49
    关注

    The functionality you are looking for is known as authorization in the Laravel framework. Since you can technically implement user roles in many different ways, it is not realistic to post a code example for you here. Instead, I recommend you read the entire documentation page on authorization and then devise an implementation that works for your setup. It is most likely that you will want to build your logic using Policies, which are classes that organize authorization logic around a particular model.

    评论

报告相同问题?

悬赏问题

  • ¥15 基于卷积神经网络的声纹识别
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?
  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 CSAPPattacklab
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图
  • ¥15 stm32开发clion时遇到的编译问题