我创建了4个中间件:1个用于检查用户是否是其中一个管理员(role_id!='4'),1个用于超级管理员(role_id == 1),1个用于普通管理员(role_id == 2),1个用于编辑器管理员(role_id == 3)
我的用户表有一个 role_id 列 .
检查用户的中间件是其中一个管理员 . 但其他中间件总是返回错误 .
我的路线
Route::group(['middleware'=>'admin'],function(){
Route::get('/backlogout','backend\BackloginController@getLogout')->name('back-logout');
Route::get('/dashboard','BackendController@index')->name('backend');
Route::group(['prefix' => 'categories', 'middleware' => ['superadmin', 'ad','editor']], function () {
Route::get('/index', ['as' => 'back.categories.index', 'uses' => 'backend\CategoriesController@index']);
Route::any('/store', ['as' => 'back.categories.store', 'uses' => 'backend\CategoriesController@store']);
Route::any('/create', ['as' => 'back.categories.create', 'uses' => 'backend\CategoriesController@create']);
Route::any('/edit/{id}', ['as' => 'back.categories.edit', 'uses' => 'backend\CategoriesController@edit']);
Route::any('/update/{id}', ['as' => 'back.categories.update', 'uses' => 'backend\CategoriesController@update']);
Route::any('/destroy/{id}', ['as' => 'back.categories.destroy', 'uses' => 'backend\CategoriesController@destroy']);
});
Route::group(['prefix' => 'products','middleware' => ['superadmin','editor']], function () {
Route::get('/index', ['as' => 'back.products.index', 'uses' => 'backend\ProductsController@index']);
Route::any('/store', ['as' => 'back.products.store', 'uses' => 'backend\ProductsController@store']);
Route::any('/create', ['as' => 'back.products.create', 'uses' => 'backend\ProductsController@create']);
Route::any('/edit/{id}', ['as' => 'back.products.edit', 'uses' => 'backend\ProductsController@edit']);
Route::any('/update/{id}', ['as' => 'back.products.update', 'uses' => 'backend\ProductsController@update']);
Route::any('/imgview/{id}', ['as' => 'back.products.imgview', 'uses' => 'backend\ProductsController@imgview']);
Route::any('/updateimg/{id}', ['as' => 'back.products.updateimg', 'uses' => 'backend\ProductsController@updateImg']);
Route::any('/destroy/{id}', ['as' => 'back.products.destroy', 'uses' => 'backend\ProductsController@destroy']);
});
Route::group(['prefix' => 'users','middleware' => ['superadmin', 'ad']], function () {
Route::get('/index', ['as' => 'back.users.index', 'uses' => 'backend\UsersController@index']);
Route::any('/store', ['as' => 'back.users.store', 'uses' => 'backend\UsersController@store']);
Route::any('/create', ['as' => 'back.users.create', 'uses' => 'backend\UsersController@create']);
Route::any('/edit/{id}', ['as' => 'back.users.edit', 'uses' => 'backend\UsersController@edit']);
Route::any('/update/{id}', ['as' => 'back.users.update', 'uses' => 'backend\UsersController@update']);
Route::any('/destroy/{id}', ['as' => 'back.users.destroy', 'uses' => 'backend\UsersController@destroy']);
});
});
我的kernel.php
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'admin'=>\App\Http\Middleware\CheckAdmin::class,
'superadmin'=>\App\Http\Middleware\CheckSuperAdmin::class,
'ad'=>\App\Http\Middleware\CheckAd::class,
'editor'=>\App\Http\Middleware\CheckEditor::class,
];
我的checkadmin(检查用户是否是管理员之一)middlware这个工作
class CheckAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id !='4'){
return $next($request);
}
return redirect()->route('backend-login');
}
}
我的checksuperadmin中间件
class CheckSuperAdmin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id =='1'){
return $next($request);
}
Session::flash('notsuper','only super admin can access this page');
return redirect()->route('backend');
}
}
我的checkad(检查正常管理员)middlware
class CheckAd
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id =='2'){
return $next($request);
}
Session::flash('notadmin','only admin can access this page');
return redirect()->route('backend');
}
}
我的托管中间件
class CheckEditor
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(Auth::check() && Auth::user()->role_id =='3'){
return $next($request);
}
Session::flash('noteditor','only editor can access this page');
return redirect()->route('backend');
}
}
我不知道为什么,但所有的checkuperadmin,checkadm,checkeditor总是返回false
2 回答
您正在将多个midlleware应用于所有路线组 . 在这种情况下,只有当用户满足所有这些要求时,Laravel才会授予您访问权限 . 尝试做这样的事情:
在您的路由组中使用单个中间件:对于“编辑器”更高的访问级别:
......等其他访问级别 . 仅当您希望仅授予此访问权限时,才在角色中间件上使用
==从第一组中删除中间件 .