Hello,
I have User model and several other models that belongsTo User. I have a lot of routes for changing/deleting/etc these models and I want to allow these operations only to the User that owns particular model/resource.
Any advice how what is the best solution in L5? I don't want to check if User owns the resource in each controller method :/
Can this be done via middleware?
I think you want the package efficiently/authority-controller. It lets you put logic into determining access to routes, so you can restrict editing to only the owner.
Also searching for some articles on this. The package "efficiently/authority-controller" seems a bit overkill at this point
watch the video before the auth login on the L5 series, it will solve ur problem in 5 mins, they show EXACTLY how to do that
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community