laravel 路由过滤器检查用户角色

问题描述

我正在 laravel 4 中构建一个 restful api，其中有具有不同类型权限的用户.我想根据用户角色(保存在数据库的用户表中)限制对不同路由的访问

I am building a restful api in laravel 4 where there are users with different types of permission. I want to restrict access to different routes depending on the user role (which is saved in the user table in db)

我该怎么做?这是我到目前为止所拥有的(到目前为止还没有工作).

How would I do that? Here is what I have so far (it's not working so far).

filters.php

filters.php

//allows backend api access depending on the user's role once they are logged in
Route::filter('role', function()
{ 
return Auth::user()->role;
}); 

routes.php

 Route::group(array('before' => 'role'), function($role) {
 if($role==1){
        Route::get('customer/retrieve/{id}', 'CustomerController@retrieve_single');
        Route::post('customer/create', 'CustomerController@create');
        Route::put('customer/update/{id}', 'CustomerController@update');
 }

    });

是否有可能我为组过滤器"编写了错误的语法?

Is it possible that I'm writing the syntax wrong for a "group filter"?

推荐答案

尝试以下操作:

filters.php

Route::filter('role', function()
{ 
  if ( Auth::user()->role !==1) {
     // do something
     return Redirect::to('/'); 
   }
}); 

routes.php

 Route::group(array('before' => 'role'), function() {
        Route::get('customer/retrieve/{id}', 'CustomerController@retrieve_single');
        Route::post('customer/create', 'CustomerController@create');
        Route::put('customer/update/{id}', 'CustomerController@update');


});

这篇关于laravel 路由过滤器检查用户角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！