tamrat
2020-11-29 17:19:02
Yes. Just define gates or use a model policy. Using gates, you can do something like (using a Post model as an example):
Gate::define('edit-post', function (User $user, Post $post) {
return $user->role->name == 'admin' || $user->id == $post->user_id;
});
Gate::define('delete-post', function (User $user, Post $post) {
return $user->role->name == 'admin';
});
And use it in your .blade.php files using the @can blade directives.
@can('edit-post')
// show an edit button
@endcan
@can('delete-post')
// show a delete button
@endcan
Here we are basically creating two controls for editing and deleting a post. To edit a post (or rather see the edit button), you either have to be an admin or the user must have created the post. To delete it, you have to be an admin.
References: Laravel Documentation on Authorization
热门帖子
热门github
6
Thanks for your answer, i'd already used gates but i was using the incorrect method, but now i read the documentation what you say is what i was lookin for.