Laravel 5.5 Permissions - User does not have the right roles
You should overwrite the render method to redirect (or whatever you want to do). Go to Expections/Handler.php and overwrite the render function like this:
public function render($request, Exception $exception)
{
if ($exception instanceof \Spatie\Permission\Exceptions\UnauthorizedException) {
return redirect('/');
}
return parent::render($request, $exception);
}
source:https://github.com/spatie/laravel-permission#catching-role-and-permission-failures
![sniafas](https://lh4.googleusercontent.com/-oExoPOFTtNU/AAAAAAAAAAI/AAAAAAAAAoY/gG4W9iD-avk/photo.jpg?sz=256)
sniafas
I am Software Engineer with interests in computer vision, ml, backend web technologies. Trying to find a path of creativity and inspiration through open source software.
Updated on June 07, 2022Comments
-
sniafas about 2 years
I'm trying to find a solution in a use case where the admin user does not have the assigned role. In dashboard view it doesn't render the url for users, while if I directly access the dashboard/users, I get:
Spatie \ Permission \ Exceptions \ UnauthorizedException
user does not have the right roles
app/Http/Kernel.php
protected $routeMiddleware = [ .... 'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, 'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class, ];
routes/web.php
Route::group( ['middleware' => ['role:admin']], function () { Route::get('/dashboard/users', 'UsersController@index'); Route::get('/dashboard/users/{id}', 'UsersController@edit'); Route::patch('/dashboard/users/{id}', 'UsersController@update'); } );
view/dashboard.blade.php
<div class="panel-body"> @hasrole('admin') <li><a href="/dashboard/users">Manage Users</a></li> @endhasrole </div>
I have successfully generated the default roles & permission with
Commands/GenerateRoles.php
public function handle() { $this->info('Generating default roles and permissions...'); $admin = User::create( [ 'name' => 'administrator', 'email' => '[email protected]', 'password' => bcrypt('12345'), ] ); // Create roles. $adminRole = Role::create(['name' => 'admin']); $supportRole = Role::create(['name' => 'support']); $admin->assignRole('admin'); // Create permissions. $userManagement = Permission::create(['name' => 'users management']); $deleteImages = Permission::create(['name' => 'delete images']); $datasetStatus = Permission::create( ['name' => 'change dataset building status'] ); $adminRole->givePermissionTo($userManagement); $deleteImages->syncRoles([$adminRole, $supportRole]); $datasetStatus->syncRoles([$adminRole, $supportRole]); }
What it could possibly goes wrong? Thanks for you time.
-
sniafas over 6 yearsThank you for your response. Maybe I haven't describe the problem well enough. The problem is that the admin user, is not privileged to access the admin domain. Really thanks for letting me know how to catch an exception, but it will not solve the problem.
-
Hirad Roshandel over 6 years@sniafas sorry if I misunderstood it. I would debug it step by step. 1) use tinker to ensure your user has that role 2) Make sure your User.php is using the trait HasRoles 3) Change your @hasrole('admin') to @if(auth()->user()->hasRole('admin')) and see if that makes a difference. 4) In your route you can also do a dd(auth()->user()); to see if you have the correct user. One side note you can set 'dashboard' as prefix in your Route group so you don't repeat it in every route
-
sniafas over 6 yearsno worries. I really appreciate your time. 1) it works fine. 2,3,4 gives
false
. So I managed tomigrate:fresh
&db:seed
again. Suddenly everything works just fine.. Really strange, but it works!