国产av日韩一区二区三区精品,成人性爱视频在线观看,国产,欧美,日韩,一区,www.成色av久久成人,2222eeee成人天堂

Policy和Gate結(jié)合起來使用就行，不復(fù)雜。Policy的注冊在AuthServiceProvider里，如注冊一個AccountPolicy::class => Account::class，就表示當(dāng)前User是否有權(quán)限對Account這個ModelAdd, delete, modify and check.

In AccountPolicy針對增刪改查操作寫上授權(quán)邏輯，如針對Delete操作寫上$user->id === $account->user_idauthorization logic.

How to trigger this authorization logic? Can be used Model Event觸發(fā)，如在EventServiceProvider::boot()ri

Event::listen('eloquent.deleting: *', function (Model $model) {
    if(Gate::denies('delete', $object)) {
        throw new ForbiddenHttpException("You donot have permission delete {get_class($model)}.");
    }
})

Gate與Policy的關(guān)系類似于Route與Controller的關(guān)系。

After the email help from foreign stackoverflow master Amit Gupta, it is now solved.
Step 1: First register the policy, and establish the connection relationship between the Model and the policy in AuthServiceProvider.php under the Providers folder, as follows:

protected $policies = [
        \App\Models\Role::class => \App\Policies\RolePolicy::class,
        \App\Models\Permission::class => \App\Policies\PermissionPolicy::class,
    ];

The second step is to create a new PermissionPolicy through the php artisan make:policy command, and write the relevant permission control into the two policies through functions, as shown below:

class PermissionPolicy
{
public function before($user, $ability) {
        if ($user->hasRole('admin')) {
            return true;
        }
    }
    
public function create(\App\Models\User $user, \App\Models\Permission $permission)
    {
        return $user->hasPermission('permission.create');
    }
}

The last step is to use the related functions set by this policy in the controller, as follows:

class PermissionController extends Controller {
    public function create() {
        $this->authorize('create', new \App\Models\Permission);
        return view('permissions.create');
    }
}