【发布时间】:2017-11-16 00:18:06
【问题描述】:
我正在尝试删除属于发布它的用户的帖子,但是我收到此错误(顺便说一下,这是在网络日志中)
“/Applications/MAMP/htdocs/eli42/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php” 行:201 消息:“此操作未经授权。”跟踪:[{,…},…]
我正在使用 laravel 5.5 policy 不确定我这样做是否正确,我在 $protected 政策中的 AuthServiceProvider 中注册了它
Post::class => PostPolicy::class,
路线
Route::delete('auth/post/{id}', 'PostController@destroy');
PostPolicy.php
<?php
namespace App\Policies;
use App\User;
use App\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
class PostPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view the post.
*
* @param \App\User $user
* @param \App\Post $post
* @return mixed
*/
public function view(User $user, Post $post)
{
//
}
/**
* Determine whether the user can create posts.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
//
}
/**
* Determine whether the user can update the post.
*
* @param \App\User $user
* @param \App\Post $post
* @return mixed
*/
public function update(User $user, Post $post)
{
//
}
/**
* Determine whether the user can delete the post.
*
* @param \App\User $user
* @param \App\Post $post
* @return mixed
*/
public function delete(User $user, Post $post)
{
//
return $user->id === $post->user_id;
}
PostController.php(此文件有更多代码,但我想突出显示删除功能)
<?php
namespace App\Http\Controllers;
use App\Post;
use App\User;
use App\Policies\TaskPolicy;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
class PostController extends Controller
{
public function destroy($id, Post $post)
{
$mypost = $this->authorize('delete',$post);
if($mypost){
Post::destroy($id);
}
}
}
Main.js 删除帖子
$scope.deletePost = function(post){
var index = $scope.myposts.indexOf(post);
if(index != -1){
$scope.myposts.splice(index, 1);
}
$http.delete('auth/post/' + post.id);
};
html
<button ng-click="deletePost(post)">x</button>
之前
之后
【问题讨论】:
-
向我们展示您的路线可能有助于我们确定您的问题。
-
@Mark 我更新了帖子