【发布时间】:2019-01-25 16:57:47
【问题描述】:
我创建了一个名为 LetterPolicy 的策略,这是代码
namespace App\Policies;
use App\Letter;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class LetterPolicy
{
use HandlesAuthorization;
/**
* Create a new policy instance.
*
* @return void
*/
public function __construct()
{
//
}
public function update(User $user, Letter $letter)
{
return($user->id === $letter->user_id || $user->role_id===1 ) ;
}
}
这是authserviceprovider
namespace App\Providers;
use App\Letter;
use App\Policies\LetterPolicy;
use App\Policies\UserPolicy;
use App\User;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
User::class => UserPolicy::class,
Letter::class => LetterPolicy::class,
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
//
}
}
在下面的代码中我检查用户
class LetterController extends Controller
{
protected $user;
public function __construct()
{
$this->middleware(function ($request, $next){
$this->user = Auth::user();
return $next($request);
});
}
public function edit(Letter $letter)
{
if($this->user->can('update', $letter)){
//edit
}
else
abort('403', 'Access Denied');
}
代码在 localhost 中运行良好,但在远程服务器上它报告 access denied 错误。我在服务器上部署站点后创建了此策略,因此我使用代码创建了一个路由 /clear-cache
Route::get('/clear-cache', function() {
$exitCode = \Illuminate\Support\Facades\Artisan::call('cache:clear');
});
创建策略后清除缓存。但它仍然报告403 错误。有什么问题?
【问题讨论】:
-
检查策略类文件的权限并尝试运行 composer dump-autoload
-
@SyedFaisal 如何在服务器上运行作曲家?
-
你有 ssh 访问服务器的权限吗??
-
是的,我可以访问
-
用户真的可以编辑信件吗?也许您的数据有误,而政策运作正确?
标签: php laravel laravel-5 laravel-authorization