问题
I have 3 Middleware with all different routes assigned. These are the routes that correspond to each user type.
Like this:
In my routes I have this
Route::group(['middleware' => 'auth'], function () {
Route::resource('/', 'DashController');
Route::get('/logout')->name('logout')->uses('Auth\LoginController@logout');
Route::group(['middleware' => ['director']], function () {
//survey
//questions
//groups
//forum
});
Route::group(['middleware' => ['super']], function () {
//import
});
Route::group(['middleware' => ['admin']], function () {
//semester
//users
//sections
//category
//classrooms
//careers
//courses
});
});
What I need to do is add the routes that are inside the director group also to the admin group. The admin middleware checks if the user is an admin or superadmin, so thats why the super group only has the import route.
I've tried nesting the group one inside the other like this:
Route::group(['middleware' => ['director', 'admin']], function () {
//survey
//questions
//groups
//forum
Route::group(['middleware' => ['admin']], function () {
//semester
//users
//sections
//category
//classrooms
//careers
//courses
});
});
I've also tried same as above but first group like this
Route::group(['middleware' => ['director'], ['admin']], function () {});
Nothing is working, in the sense of letting both share those routes. How can I do this?
回答1:
Here is a way to use that cascading setup:
Have to think of this in reverse with the highest role needed to the lowest, since you have a funnel of permission here, where the top can access everything, the next down almost everything then the bottom the least.
Route::group(['roles' => 'super', 'middleware' => 'check', ...], function () {
// only routes for 'super admin'
Route::group(['roles' => 'admin', ...], function () {
// routes only for superadmin and admin
Route::group(['roles' => 'director', ...], function () {
// remaining routes that director, admin and super admin can access
Route::get('sometest', function () { })->name('for-all');
});
})
});
We are going to use the cascading ability of route groups with route parameter/attributes.
The route named for-all will end up with a action parameter named roles which will be an array, ['super', 'admin', 'director']. We can have the middleware use this so we know what to check for.
class CheckMiddleware
{
public function handle($request, Closure $next)
{
$roles = $request->route()->getAction('roles', []);
foreach ((array) $roles as $role) {
// if the user has this role, let them pass through
if (...) {
return $next($request);
}
}
// user is not one of the matching 'roles'
return redirect('/');
}
}
I do not know how you are checking the User to see what 'role' they have but that will come into play in this middleware.
来源:https://stackoverflow.com/questions/58736673/how-to-assign-two-middleware-to-the-same-group-of-routes-laravel