谁能给我逐行详细解释一下这部分吗?如何在 Eloquent ORM 中创建 isAuthorized(@param, @param)
方法?
class User extends Authenticatable
{
public function isAuthorized($object, $operation)
{
return Db::table('role_permissions')
->where('object', $object)
->where('operation', $operation)
->join('user_roles', 'user_roles.role_id', '=', 'role_permissions.role_id')
->where('user_roles.user_id', $this->id)
->exists();
}
}
最佳答案
我不知道我对 $object
和 $operation
的猜测是否正确,但我在这里:
<?php
class User extends Authenticatable
{
public function isAuthorized($object, $operation)
{
// You are checking if the current user has access to $operation method
// on $object. E.g. App\Http\Controllers\UserController@viewAny.
// This will output a query LIKE this:
// SELECT COUNT(`rp`.`id`)
// FROM role_permissions rp
// INNER JOIN user_roles ur ON ur.role_id = rp.role_id
// WHERE `object` = 'App\\Http\\Controllers\\UserController'
// AND `operation` = 'viewAny'
// AND `ur`.`user_id` = 1;
// And then it will check if the value > 0.
return Db::table('role_permissions')
->where('object', $object)
->where('operation', $operation)
->join('user_roles', 'user_roles.role_id', '=', 'role_permissions.role_id')
->where('user_roles.user_id', $this->id)
->exists();
}
}
如果这是它正在做的事情,您应该查看政策:https://laravel.com/docs/6.x/authorization#creating-policies
然后使用该策略: https://laravel.com/docs/6.x/authorization#via-the-user-model
关于php - 如何在 Eloquent ORM 中创建 isAuthorized() 方法?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58921708/