php - Laravel 策略忽略查看、更新和删除，但创建工作正常

Question

我正在创建我的第一个 Laravel 策略。我有一个基本新鲜的 laravel 5.4 项目，它有一个项目模型。我创建了一项名为 ProjectPolicy 的策略，但我无法让所有方法发挥作用。

如果我调用 $user->can('create', Project::class) 我会得到“here”转储并返回 true。但是，查看、创建和删除操作永远不会到达 ProjectPolicy。 “here”永远不会被转储，并且总是返回 false。我想不出或找不到任何理由来解释为什么一种政策方法有效而其他政策方法无效。我错过了什么？

应用\策略\ProjectPolicy.php

namespace App\Policies;

use App\User;
use App\Project;
use Illuminate\Auth\Access\HandlesAuthorization;

class ProjectPolicy
{
    use HandlesAuthorization;


    /**
     * Determine whether the user has a specific ability for projects.
     *
     * @param  \App\User  $user
     * @param  \App\Project  $project
     * @return mixed
     */
    public function before($user, $ability)
    {
        var_dump('here');
    }

    /**
     * Determine whether the user can view the project.
     *
     * @param  \App\User  $user
     * @param  \App\Project  $project
     * @return mixed
     */
    public function view(User $user, Project $project)
    {
        return true;
    }

    /**
     * Determine whether the user can create projects.
     *
     * @param  \App\User  $user
     * @return mixed
     */
    public function create(User $user)
    {
        return true;
    }

    /**
     * Determine whether the user can update the project.
     *
     * @param  \App\User  $user
     * @param  \App\Project  $project
     * @return mixed
     */
    public function update(User $user, Project $project)
    {
        return true;
    }

    /**
     * Determine whether the user can delete the project.
     *
     * @param  \App\User  $user
     * @param  \App\Project  $project
     * @return mixed
     */
    public function delete(User $user, Project $project)
    {
        return true;
    }
}

AuthServiceProvider.php

namespace App\Providers;

use App\Project;
use App\Policies\ProjectPolicy;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        Project::class => ProjectPolicy::class,
    ];

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        $this->registerPolicies();

        //
    }
}

Answer 1

问题可能是您在调用 $user->can('view', Project::class) 时未传递项目实例。尝试调用 $user->can('view', $project) ，其中 $project 是所有那些在其函数定义中需要项目的方法的项目类的实例。