0

I want to allow users to CRUD only posts they own. I would like not to create a new middleware, but to leverage the existing ones instead. So, Can Entrust's default middlewares be extended to fit this purpose?

class PostsController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth');
        $this->middleware('role:blogger|owner'); // <-- implement additional logic in here
    }

    ...
}
Alex Lomia
  • 6,705
  • 12
  • 53
  • 87
  • Have you ever had an answer/solution that is not here? I am facing a similar problem and I am thinking about moving to the standard Laravel authorization now that it is available... – Federico Stango Oct 11 '16 at 20:14
  • As far as I remember, I haven't found any straightforward way to deal with the issue using Entrust – Alex Lomia Oct 12 '16 at 17:11

1 Answers1

0
 @if (Auth::id() === $user->id){
     Edit
    }

If you have defined in your Kernel.php

protected $routeMiddleware = [ 'auth' => '...' ]

In your construct: 

public function __construct()
{
    $this->middleware('auth', ['only' => ['create']]);
}

using eloquent along with Entrust:

$users = User::whereHas('roles' => function($q){
$q->where('name', 'my-user-role')
})->get();
score
  • 521
  • 1
  • 8
  • 22
  • Thanks, but I want to do the checking inside middleware – Alex Lomia Apr 28 '16 at 19:51
  • @AlexanderLomia Just updated the answer, not sure if that's what you looking for. – score Apr 28 '16 at 20:02
  • I just want to check for user's role (**this is done by Entrust's default middleware**) && check if user owns a post he's trying to modify (**this is not**) – Alex Lomia Apr 28 '16 at 20:10
  • Sorry, may b I m not able to help you out, but i updated the answer using eloquent along with Entrust, which I have used previously. I am also waiting for an answer - something new to learn :) – score Apr 28 '16 at 20:26