I solved a similar problem by using a custom filter. The filter would throw and error or return a 403 if the module is not available to the user.
For example if the user wanted to access a module, they might go to the url "/modules/{module_id}".
I am assuming you have a users, module_user, and modules table. The module_user table is the pivot table that stores all the modules the user can access.
The custom filter could be something like:
public function CheckModulePermission(){
if(! Auth::user()->hasModule(Route::input('module_id') {
throw new AuthenticationException;
}
}
In the User.php (model) you could have a function like:
public function hasModule($module_id){
if(Auth::user()->join('module_user', 'module_user.user_id', '=', 'users.id')->where('module_user.module_id', $module_id)->first(['module_user.module_id'])) {
return true;
}
return false;
}
In your controller you would just need to tell the controller to use the filter in the __construct method.
nvanselow, Thanks a lot for the help. I'll try this! Have a nice day!
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community