/** * Register any application authentication / authorization services. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function boot() { $this->registerPolicies(); //GateContract $gate \Gate::define('update-widget-item', 'App\\Http\\Controllers\\UserController@ability'); \Gate::define('edit-question', function ($user, $question) { return $user->id === $question->author_id; }); //[0]['id'] }
function test_checks_for_access_using_the_access_handler_and_the_gate() { Auth::loginUsingId(1); Gate::define('update-post', function ($user, Post $post) { return $post->id === 1; }); Gate::define('delete-post', function ($user) { return false; }); // Having $items = array('view-post' => [], 'edit-post' => ['allows' => ['update-post', ':post']], 'review-post' => ['denies' => ['update-post', ':post']], 'delete-post' => ['allows' => 'delete-post']); // Expect $this->assertTemplate('menus/access-handler', Menu::make($items)->setParam('post', new Post(1))->render()); }
<?php // composer global require "laravel/lumen-installer" // lumen new project_name // .env APP_ENV APP_DEBUG DB_* // bootstrap/app.php AuthServiceProvider, $app->withFacades(), $app->routeMiddleware(), $app->withEloquent() // ExampleEvent ExampleListener EventServiceProvider // ExampleTest.php phpunit // database/factories/ModelFactory.php Gate::define('update-post', function ($user, $post) { return $user->id === $post->user_id; }); $this->app['auth']->viaRequest('api', function ($request) { $user = Auth::user(); // Return User or null... }); if (Gate::allows('update-post', $post)) { // } if (Gate::denies('update-post', $post)) { abort(403); } $app->group(['middleware' => 'role:editor', 'namespace' => 'App\\Http\\Controllers\\Admin', 'prefix' => 'admin'], function () use($app) { $app->get('/', ['middleware' => 'auth', 'uses' => 'UserController@showProfile']); }); function update(Request $request, $id) { $this->validate($request, ['name' => 'required', 'email' => 'required|email|unique:users']); event(new ExampleEvent()); $name = $request->input('name', 'default_val'); $uri = $request->path();