Ufdjrw

Multi wire circuit or 2 separate 120V 20A dedicated circuits?

An Undercover Army

How do I align tablenotes in a threeparttable

Too soon for a plot twist?

Trigger on Custom Object Share

Create chunks from an array

Professor forcing me to attend a conference, I can't afford even with 50% funding

After Brexit, will the EU recognize British passports that are valid for more than ten years?

How spaceships determine each other's mass in space?

School performs periodic password audits. Is my password compromised?

Precision notation for voltmeters

Draw this image in the TIKZ package

I've given my players a lot of magic items. Is it reasonable for me to give them harder encounters?

Is there a math expression equivalent to the conditional ternary operator?

I am the person who abides by rules but breaks the rules . Who am I

If nine coins are tossed, what is the probability that the number of heads is even?

Why restrict private health insurance?

How does a sound wave propagate?

What exactly is the meaning of "fine wine"?

std::string vs const std::string& vs std::string_view

Does an unused member variable take up memory?

Tabular environment - text vertically positions itself by bottom of tikz picture in adjacent cell

Help! My Character is too much for her story!

Can Witch Sight see through Mirror Image?

Is It Possible to Apply Laravel Policy to Both Routes and Custom Function?

1

I have Location Policy and one api and one custom helper for both i want to use same policy,

Here is example :

1. Routes/API to read location record :

 Route::group(['middleware' => 'policy:view,location'], function () 
 // Read location
 Route::post('/locations/location_id', [
 'uses' => 'LocationApiController@read'
 ]);
 );

2. Custom Function/Helper to read location record

LocationHelper.php

/**
 * Class LocationHelper.
 */
class LocationHelper

 /** @var LocationRepositoryInterface */
 private $locationRepo;

 /**
 * ReminderHelper constructor.
 */
 public function __construct()
 
 $this->locationRepo = App::make(LocationRepositoryInterface::class);
 

 /**
 * @param int $locationId
 */
 public function readLocation($locationId)
 
 $this->locationRepo->read($locationId);
 

Problem is :

While calling location read route/api policy will apply, and while calling read funtion from LocationHelper.php it will not apply

What i want is apply same policy for both.

Is there any way to do this ??

laravel policy

share|improve this question

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

New contributor

Vishal Ribdiya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

1

I have Location Policy and one api and one custom helper for both i want to use same policy,

Here is example :

1. Routes/API to read location record :

 Route::group(['middleware' => 'policy:view,location'], function () 
 // Read location
 Route::post('/locations/location_id', [
 'uses' => 'LocationApiController@read'
 ]);
 );

2. Custom Function/Helper to read location record

LocationHelper.php

/**
 * Class LocationHelper.
 */
class LocationHelper

 /** @var LocationRepositoryInterface */
 private $locationRepo;

 /**
 * ReminderHelper constructor.
 */
 public function __construct()
 
 $this->locationRepo = App::make(LocationRepositoryInterface::class);
 

 /**
 * @param int $locationId
 */
 public function readLocation($locationId)
 
 $this->locationRepo->read($locationId);
 

Problem is :

While calling location read route/api policy will apply, and while calling read funtion from LocationHelper.php it will not apply

What i want is apply same policy for both.

Is there any way to do this ??

laravel policy

share|improve this question

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

New contributor

Vishal Ribdiya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

I have Location Policy and one api and one custom helper for both i want to use same policy,

Here is example :

1. Routes/API to read location record :

 Route::group(['middleware' => 'policy:view,location'], function () 
 // Read location
 Route::post('/locations/location_id', [
 'uses' => 'LocationApiController@read'
 ]);
 );

2. Custom Function/Helper to read location record

LocationHelper.php

/**
 * Class LocationHelper.
 */
class LocationHelper

 /** @var LocationRepositoryInterface */
 private $locationRepo;

 /**
 * ReminderHelper constructor.
 */
 public function __construct()
 
 $this->locationRepo = App::make(LocationRepositoryInterface::class);
 

 /**
 * @param int $locationId
 */
 public function readLocation($locationId)
 
 $this->locationRepo->read($locationId);
 

Problem is :

While calling location read route/api policy will apply, and while calling read funtion from LocationHelper.php it will not apply

What i want is apply same policy for both.

Is there any way to do this ??

laravel policy

share|improve this question

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

New contributor

Vishal Ribdiya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

 Route::group(['middleware' => 'policy:view,location'], function () 
 // Read location
 Route::post('/locations/location_id', [
 'uses' => 'LocationApiController@read'
 ]);
 );

/**
 * Class LocationHelper.
 */
class LocationHelper

 /** @var LocationRepositoryInterface */
 private $locationRepo;

 /**
 * ReminderHelper constructor.
 */
 public function __construct()
 
 $this->locationRepo = App::make(LocationRepositoryInterface::class);
 

 /**
 * @param int $locationId
 */
 public function readLocation($locationId)
 
 $this->locationRepo->read($locationId);
 

share|improve this question

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

New contributor

Vishal Ribdiya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

New contributor

Vishal Ribdiya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

New contributor

Vishal Ribdiya is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 2 days ago

Vishal RibdiyaVishal Ribdiya

576

1 Answer
1

active

oldest

votes

1

You can call the policy manually, after retrieving the user. For example:

$allowed = Auth::user()->can('view', Location::firstOrFail($locationId));

Return a 403 if when the user is not allowed to view the resource, like this:

abort_unless($allowed, 403); 

share|improve this answer

edited 2 days ago

answered 2 days ago

piscatorpiscator

2,96421023

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Thanks for your time, But Any other unified solution ?
  
  – Vishal Ribdiya
  2 days ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  You could create some abstraction of your own and try to add this check in the LocationRepository, e.g. let it implement a custom PolicyInterface, but I really don't think it will make things much easier. Laravel does not offer authorization checks for custom helper methods out of the box.
  
  – piscator
  2 days ago
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

Vishal Ribdiya is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55022982%2fis-it-possible-to-apply-laravel-policy-to-both-routes-and-custom-function%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

1

You can call the policy manually, after retrieving the user. For example:

$allowed = Auth::user()->can('view', Location::firstOrFail($locationId));

Return a 403 if when the user is not allowed to view the resource, like this:

abort_unless($allowed, 403); 

share|improve this answer

edited 2 days ago

answered 2 days ago

piscatorpiscator

2,96421023

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Thanks for your time, But Any other unified solution ?
  
  – Vishal Ribdiya
  2 days ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  You could create some abstraction of your own and try to add this check in the LocationRepository, e.g. let it implement a custom PolicyInterface, but I really don't think it will make things much easier. Laravel does not offer authorization checks for custom helper methods out of the box.
  
  – piscator
  2 days ago
  

  
  
  
  

add a comment | 

1

You can call the policy manually, after retrieving the user. For example:

$allowed = Auth::user()->can('view', Location::firstOrFail($locationId));

Return a 403 if when the user is not allowed to view the resource, like this:

abort_unless($allowed, 403); 

share|improve this answer

edited 2 days ago

answered 2 days ago

piscatorpiscator

2,96421023

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Thanks for your time, But Any other unified solution ?
  
  – Vishal Ribdiya
  2 days ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  You could create some abstraction of your own and try to add this check in the LocationRepository, e.g. let it implement a custom PolicyInterface, but I really don't think it will make things much easier. Laravel does not offer authorization checks for custom helper methods out of the box.
  
  – piscator
  2 days ago
  

  
  
  
  

add a comment | 

You can call the policy manually, after retrieving the user. For example:

$allowed = Auth::user()->can('view', Location::firstOrFail($locationId));

Return a 403 if when the user is not allowed to view the resource, like this:

abort_unless($allowed, 403); 

share|improve this answer

edited 2 days ago

answered 2 days ago

piscatorpiscator

2,96421023

$allowed = Auth::user()->can('view', Location::firstOrFail($locationId));

abort_unless($allowed, 403); 

share|improve this answer

edited 2 days ago

answered 2 days ago

piscatorpiscator

2,96421023

answered 2 days ago

piscatorpiscator

2,96421023

answered 2 days ago

piscatorpiscator

2,96421023