Laravel 控制器中的权限
Permission in Laravel controller
if ($request->ajax()) {
$data = User::latest()->get();
return Datatables::of($data)
->addIndexColumn()
->addColumn('FullName', function($row){
$name = $row->fname.' '.$row->lname;
return $name;
})
->addColumn('action', function($row){
//@can('user-show')
$btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups">
<div class="btn-group" role="group">
<a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm">
<span class="icon-size-fullscreen"></span>
Show
</a>';
//@endcan
//@can('user-edit')
$btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()">
<span class="icon-pencil"></span>
</a>';
//@endcan
$btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm">
<span class="icon-trash"></span>
</a>
</div>
</div>';
return $btn;
})
->rawColumns(['FullName'])
->rawColumns(['action'])
->escapeColumns([])
->make(true);
}
你好,我想在 Controller 数据表 Yajra 中使用 @can('user-create') ,这样用户就看不到他无权访问的按钮。
我可以在 blade 中完成,但不能在控制器中完成。
我想检查角色是否有权以这种方式执行任务。
否则我的代码 运行 很好,只是这让人厌烦。
如果你使用spatie权限插件,你可以在你的控制器中使用$user->can('permission')。
这里:
if ($request->ajax()) {
$data = User::latest()->get();
// get logged user
$user = auth()->user();
return Datatables::of($data)
->addIndexColumn()
->addColumn('FullName', function($row){
$name = $row->fname.' '.$row->lname;
return $name;
})
->addColumn('action', function($row) use ($user) {
$btn = '';
if ($user->can('user-show') {
$btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups"><div class="btn-group" role="group">
<a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm"><span class="icon-size-fullscreen"></span> Show</a>';
}
if ($user->can('user-edit') {
$btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()"><span class="icon-pencil"></span></a>';
}
$btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm"><span class="icon-trash"></span></a> </div></div>';
return $btn;
})
->rawColumns(['FullName'])
->rawColumns(['action'])
->escapeColumns([])
->make(true);
}
您可以通过两种方式完成:
- 正在控制器中检查权限
例如。 :
if ($request->ajax()) {
$data = User::latest()->get();
// get logged user
$user = auth()->user();
return Datatables::of($data)
->addColumn('action', function($row) use ($user) {
$btn = '';
if ($user->can('user-show') {
$btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups"><div class="btn-group" role="group">
<a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm"><span class="icon-size-fullscreen"></span> Show</a>';
}
if ($user->can('user-edit') {
$btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()"><span class="icon-pencil"></span></a>';
}
$btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm"><span class="icon-trash"></span></a> </div></div>';
return $btn;
})
->rawColumns(['action'])
->make(true);
}
或另一种方式
if ($request->ajax()) {
$data = User::latest()->get();
return Datatables::of($data)
->addIndexColumn()
->addColumn('FullName', function($row){
$name = $row->fname.' '.$row->lname;
return $name;
})
->addColumn('actions', 'path.actions')
->rawColumns(['FullName'])
->escapeColumns([])
->make(true);
}
你的 blade 文件就像
@can('user-edit')
Your code
@endcan
if ($request->ajax()) {
$data = User::latest()->get();
return Datatables::of($data)
->addIndexColumn()
->addColumn('FullName', function($row){
$name = $row->fname.' '.$row->lname;
return $name;
})
->addColumn('action', function($row){
//@can('user-show')
$btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups">
<div class="btn-group" role="group">
<a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm">
<span class="icon-size-fullscreen"></span>
Show
</a>';
//@endcan
//@can('user-edit')
$btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()">
<span class="icon-pencil"></span>
</a>';
//@endcan
$btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm">
<span class="icon-trash"></span>
</a>
</div>
</div>';
return $btn;
})
->rawColumns(['FullName'])
->rawColumns(['action'])
->escapeColumns([])
->make(true);
}
你好,我想在 Controller 数据表 Yajra 中使用 @can('user-create') ,这样用户就看不到他无权访问的按钮。 我可以在 blade 中完成,但不能在控制器中完成。 我想检查角色是否有权以这种方式执行任务。 否则我的代码 运行 很好,只是这让人厌烦。
如果你使用spatie权限插件,你可以在你的控制器中使用$user->can('permission')。
这里:
if ($request->ajax()) {
$data = User::latest()->get();
// get logged user
$user = auth()->user();
return Datatables::of($data)
->addIndexColumn()
->addColumn('FullName', function($row){
$name = $row->fname.' '.$row->lname;
return $name;
})
->addColumn('action', function($row) use ($user) {
$btn = '';
if ($user->can('user-show') {
$btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups"><div class="btn-group" role="group">
<a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm"><span class="icon-size-fullscreen"></span> Show</a>';
}
if ($user->can('user-edit') {
$btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()"><span class="icon-pencil"></span></a>';
}
$btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm"><span class="icon-trash"></span></a> </div></div>';
return $btn;
})
->rawColumns(['FullName'])
->rawColumns(['action'])
->escapeColumns([])
->make(true);
}
您可以通过两种方式完成:
- 正在控制器中检查权限
例如。 :
if ($request->ajax()) {
$data = User::latest()->get();
// get logged user
$user = auth()->user();
return Datatables::of($data)
->addColumn('action', function($row) use ($user) {
$btn = '';
if ($user->can('user-show') {
$btn = '<div class="btn-toolbar" role="toolbar" aria-label="Toolbar with button groups"><div class="btn-group" role="group">
<a href="'.route("users.showrole",$row->id).'" data-toggle="tooltip" title="Show" class="btn btn-default btn-flat btn-sm"><span class="icon-size-fullscreen"></span> Show</a>';
}
if ($user->can('user-edit') {
$btn = $btn.'<a href="'.route("users.editrole",$row->id).'" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" class="edit btn btn-primary btn-flat btn-sm CategoryEdit" onclick="CategoryEdit()"><span class="icon-pencil"></span></a>';
}
$btn = $btn.'<a href="javascript:void(0)" data-toggle="tooltip" id="'.$row->id.'" title="Edit" data-id="'.$row->id.'" onclick="DeleteRole('.$row->id.')" class="btn btn-flat btn-danger btn-sm"><span class="icon-trash"></span></a> </div></div>';
return $btn;
})
->rawColumns(['action'])
->make(true);
}
或另一种方式
if ($request->ajax()) {
$data = User::latest()->get();
return Datatables::of($data)
->addIndexColumn()
->addColumn('FullName', function($row){
$name = $row->fname.' '.$row->lname;
return $name;
})
->addColumn('actions', 'path.actions')
->rawColumns(['FullName'])
->escapeColumns([])
->make(true);
}
你的 blade 文件就像
@can('user-edit')
Your code
@endcan