Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[5.2] Create Authorize middleware and AuthorizesResources trait #12913

Merged
merged 5 commits into from
Apr 1, 2016
Merged

[5.2] Create Authorize middleware and AuthorizesResources trait #12913

merged 5 commits into from
Apr 1, 2016
+366 −0

Conversation

JosephSilber
Copy link
Contributor

1. A new Authorize middleware

Can be used with a simple ability:

Route::group(['middleware' => 'can:access-dashboard'], function () {
    // Dashboard routes...
});

Can be used on a single model:

Route::get('users/{user}', 'UserController@show')->middleware('can:view,user');

It will pull the $user model from the route.

Finally, it can be used on a model type:

Route::get('users', 'UserController@index')->middleware('can:view,'.User::class);

2. A new AuthorizesResources trait

class UsersController extends Controller
{
    public function __construct()
    {
        $this->authorizeResource('user', User::class);
    }
}

Will automatically add the correct middleware to authorize any request for the resource.

GrahamCampbell
GrahamCampbell reviewed Mar 29, 2016
View reviewed changes
src/Illuminate/Foundation/Auth/AuthorizesResources.php
* @param string $name
* @param string $model
* @param array $options
* @param \Illuminate\Http\Request $request
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing |null

@JosephSilber JosephSilber force-pushed the authorizes-resources branch 2 times, most recently from 6e89bbd to 273f32f Compare March 30, 2016 01:18
@JosephSilber JosephSilber changed the title [5.2] Create AuthorizesResources trait [5.2] Create Authorize middleware and AuthorizesResources trait Mar 30, 2016
@JosephSilber JosephSilber force-pushed the authorizes-resources branch from be1532d to 9d47f39 Compare March 30, 2016 01:50
This was referenced Mar 30, 2016
Merged
Closed
@JosephSilber JosephSilber force-pushed the authorizes-resources branch from 9d47f39 to abdd9e0 Compare March 30, 2016 02:04
mark86092
mark86092 reviewed Mar 30, 2016
View reviewed changes
src/Illuminate/Auth/Access/Middleware/Authorize.php
*/
public function handle($request, Closure $next, $ability, $model = null)
{
$this->gate->authorize($ability, $this->getGateArguments($model));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

getGateArguments($request, $model), missing $request ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mark86092 thanks for catching that!

Just goes to show that you always need tests. So I now wrote a test for the middleware too (it was originally in the laravel/laravel repo, which has no tests).

@JosephSilber JosephSilber force-pushed the authorizes-resources branch from abdd9e0 to 541d2b2 Compare March 30, 2016 13:27
@JosephSilber JosephSilber force-pushed the authorizes-resources branch from 541d2b2 to b9ce61c Compare March 30, 2016 14:21
@JosephSilber JosephSilber force-pushed the authorizes-resources branch from b9ce61c to 6549156 Compare March 30, 2016 14:45
@taylorotwell taylorotwell merged commit 65907a6 into laravel:5.2 Apr 1, 2016
@JosephSilber JosephSilber deleted the authorizes-resources branch April 3, 2016 15:23
@JosephSilber JosephSilber restored the authorizes-resources branch April 3, 2016 15:27
@JosephSilber JosephSilber deleted the authorizes-resources branch April 11, 2016 14:29
This was referenced Apr 11, 2016
Closed
Closed
JosephSilber added a commit to JosephSilber/bouncer that referenced this pull request Apr 17, 2016
@JosephSilber
Remove the Authorize middleware and AuthorizesResources trait
0c2ceaa 
They've been merged into Laravel:
laravel/framework#12913

For Laravel 5.1, here's some more information:
#82
@kunhalil kunhalil mentioned this pull request Jun 17, 2016
Closed
victoroloyede added a commit to victoroloyede/Bouncer that referenced this pull request Jun 15, 2022
@victoroloyede
Remove the Authorize middleware and AuthorizesResources trait
c7d4ca5 
They've been merged into Laravel:
laravel/framework#12913

For Laravel 5.1, here's some more information:
JosephSilber/bouncer#82
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@JosephSilber @martinbean @mark86092 @GrahamCampbell @taylorotwell