0
我有一個相當簡單的ACL系統設置。過濾器檢查用戶是否有權訪問路由的用戶組的一部分,或者用戶是否有權訪問該路由。它適用於單獨的路線和一般的資源工作。不過,我希望有些用戶能夠訪問資源路由的特定方法,但不是全部。例如,user1是admin組的一部分,並且始終可以訪問管理資源路由,但user2不是admin用戶組的一部分,我想讓他訪問資源admin/create。我怎麼可以去這Laravel 4我的設置如何在我的ACL中設置aLaravel 4資源路由的特定方法
數據庫
Routes:
id
route
created_by
last_editted_by
created
updated
deleted_at
acl (table it looks at to see if user has access)
id
routes_id
user_id
group_id
created
updated
deleted_at
Filter
if (Auth::check()){
$route = Request::segment(1);
$user_id = Auth::user()->id;
$acl_count = Acls::join('routes','routes.id','=','acl.routes_id')
->where('routes.route','=',$route)
->Where(function($in_parenthesis) use($user_id){
$in_parenthesis->whereIn('acl.group_id',function($where_in) use($user_id){
$where_in->select('group_id')
->from('user_group_junction')
->where('user_id','=',$user_id);
})
->orWhere('acl.user_id','=',$user_id);
})
->count();
if($acl_count < 1){
return Redirect::to('/');
}
}else{
return Redirect::to('/');
}
Routes
Route::get('/','[email protected]');
Route::get('login','[email protected]');
Route::post('authenticate','[email protected]');
Route::get('logout','[email protected]');
Route::group(array('before'=>'auth'),function(){
Route::group(array('before'=>'user_permission'),function(){
Route::get('protected','[email protected]');
Route::resource('sources', 'SourcesController');
Route::resource('admins', 'AdminsController');
});
});
什麼是acl? – edi9999
acl:訪問控制列表 – JoeyD473