Policy的授权不通过


PostPolicy:

public function update(User $user, Post $post)
{
return $user->id=== $post->user_id;
}

//删除
public function delete(User $user, Post $post)
{
return $user->id=== $post->user_id;
}
Auth:
protected $policies = [
//'App\Model' => 'App\Policies\ModelPolicy',
'App\Post' => 'App\Policies\PostPolicy',
];
控制器:
//编辑逻辑
public function update(Post $post)
{
//验证
$this->validate(\request(),[
'title'=>'required|string|max:100|min:5',
'content'=>'required|string|min:10'
]);


$this->authorize('update', $post);//策略类认证

//逻辑
$post->title= \request('title');
$post->content= \request('content');
$post->save();

//渲染
return view('post/show',compact('post'));

}
结果:


Symfony \ Component \ HttpKernel \ Exception \AccessDeniedHttpException
This action is unauthorized.

Vote Vote Cancel Collect Collect Cancel

<< 上一篇: laravel 批量插入和in查询速度很慢怎么解决

>> 下一篇: 这种SQL该怎么写ORM查询构造器?