I have been trying to solve this issue for days, but I struggle.
I tried to pack this post with as many information as I could because it is not easy to troubleshoot.
"laravel/framework": "9.41.0",
"spatie/laravel-permission": "5.7"
Explanation
If I drag any rows with the admin role, it works perfectly.
If I drag a role with the manager role, the first drag works, on the second drag I get this:
Unknown named parameter $id <---THIS IS THE ERROR
Routes:
require __DIR__ . '/auth.php';
Route::prefix('/')
->middleware(['auth','verified'])
->group(function () {
Route::resource('roles', RoleController::class);
Route::resource('permissions', PermissionController::class);
Route::resource('users', UserController::class);
Route::resource('popups', PopupController::class);
});
Illuminate\ Auth\ Access \ Gate : 535 callAuthCallback
/**
* Resolve and call the appropriate authorization callback.
*
* #param \Illuminate\Contracts\Auth\Authenticatable|null $user
* #param string $ability
* #param array $arguments
* #return bool
*/
protected function callAuthCallback($user, $ability, array $arguments)
{
$callback = $this->resolveAuthCallback($user, $ability, $arguments);
return $callback($user, ...$arguments); //This line shows in RED
}
I using this library to drag and drop a table row:
https://github.com/nextapps-be/livewire-sortablejs
This is my component:
<table class="w-full max-w-full mb-4 bg-transparent">
<thead class="text-gray-700">
<tr>
<th class="px-4 py-3 text-left"></th>
<th class="px-4 py-3 text-left"></th>
<th class="px-4 py-3 text-left"></th>
<th></th>
</tr>
</thead>
<tbody wire:sortable="reorder" wire:sortable.options="{ animation: 100 }" class="text-gray-600">
#forelse($popups as $popup)
<tr wire:sortable.item="{{ $popup['id'] }}" wire:sortable.triggers="reorder" class="hover:bg-gray-50 {{ $popup['order'] === 1 ? 'bg-yellow-50' : '' }}" wire:key="popup-{{ $popup['id'] }}">
<td class="px-4 py-3 text-left">
{{ $popup['id'] ?? '-' }}
</td>
<td class="px-4 py-3 text-left">
{{ $popup['title'] ?? '-' }}
</td>
<td class="px-4 py-3 text-left">
{{ $popup['reset_popup_days'] ?? '-' }}
</td>
<td>
<button wire:sortable.handle>
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" strokeWidth={1.5} stroke="currentColor" className="w-6 h-6">
<path strokeLinecap="round" strokeLinejoin="round" d="M8.25 15L12 18.75 15.75 15m-7.5-6L12 5.25 15.75 9"/>
</svg>
</button>
</td>
</tr>
#empty
<tr>
<td colspan="7">
#lang('crud.common.no_items_found')
</td>
</tr>
#endforelse
</tbody>
</table>
The livewire class:
<?php
namespace App\Http\Livewire\Table\Popup;
use App\Models\Popup;
use Livewire\Component;
class Index extends Component
{
public $popups;
public function mount()
{
$this->popups = Popup::orderBy('order')->get();
}
public function reorder($reorderedIds)
{
$orderedIds = collect($reorderedIds)->sortBy('order')->pluck('value');
$this->popups = $orderedIds->map(function ($id) {
return collect($this->popups)->where('id', (int)$id)->first();
})->values();
foreach ($this->popups as $index => $popup) {
$popup = Popup::find($popup['id']);
$popup->order = $index + 1;
$popup->save();
}
}
public function render()
{
return view('livewire.table.popup.index', ['popups' => $this->popups]);
}
}
I am using Gates and Policies for the Laravel controllers(not using it on livewire components directly yet as I am not sure if I should).
This is my controller so when the user lands on the CRUD, he can access all the different pages.
<?php
namespace App\Http\Controllers;
use App\Models\Popup;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage;
use App\Http\Requests\PopupStoreRequest;
use App\Http\Requests\PopupUpdateRequest;
class PopupController extends Controller
{
/**
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function index(Request $request)
{
$this->authorize('view-any', Popup::class);
$search = $request->get('search', '');
$popups = Popup::search($search)
->latest()
->paginate(5)
->withQueryString();
return view('app.popups.index', compact('popups', 'search'));
}
/**
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function create(Request $request)
{
$this->authorize('create', Popup::class);
return view('app.popups.create');
}
/**
* #param \App\Http\Requests\PopupStoreRequest $request
* #return \Illuminate\Http\Response
*/
public function store(PopupStoreRequest $request)
{
$this->authorize('create', Popup::class);
$validated = $request->validated();
if ($request->hasFile('image')) {
$validated['image'] = $request->file('image')->store('public');
}
//$latestOrder = Popup::orderBy('order')->get()->last();
$latestOrder = Popup::orderBy('order', 'desc')->first();
$order = $latestOrder ? $latestOrder->order + 1 : 0;
$popup = Popup::create(array_merge($validated, ['order' => $order]));
//$popup = Popup::create($validated);
return redirect()
->route('popups.edit', $popup)
->withSuccess(__('crud.common.created'));
}
/**
* #param \Illuminate\Http\Request $request
* #param \App\Models\Popup $popup
* #return \Illuminate\Http\Response
*/
public function show(Request $request, Popup $popup)
{
$this->authorize('view', $popup);
return view('app.popups.show', compact('popup'));
}
/**
* #param \Illuminate\Http\Request $request
* #param \App\Models\Popup $popup
* #return \Illuminate\Http\Response
*/
public function edit(Request $request, Popup $popup)
{
$this->authorize('update', $popup);
return view('app.popups.edit', compact('popup'));
}
/**
* #param \App\Http\Requests\PopupUpdateRequest $request
* #param \App\Models\Popup $popup
* #return \Illuminate\Http\Response
*/
public function update(PopupUpdateRequest $request, Popup $popup)
{
$this->authorize('update', $popup);
$validated = $request->validated();
if ($request->hasFile('image')) {
if ($popup->image) {
Storage::delete($popup->image);
}
$validated['image'] = $request->file('image')->store('public');
}
$popup->update($validated);
return redirect()
->route('popups.edit', $popup)
->withSuccess(__('crud.common.saved'));
}
/**
* #param \Illuminate\Http\Request $request
* #param \App\Models\Popup $popup
* #return \Illuminate\Http\Response
*/
public function destroy(Request $request, Popup $popup)
{
$this->authorize('delete', $popup);
if ($popup->image) {
Storage::delete($popup->image);
}
$popup->delete();
return redirect()
->route('popups.index')
->withSuccess(__('crud.common.removed'));
}
}
My policies:
<?php
namespace App\Policies;
use App\Models\User;
use App\Models\Popup;
use Illuminate\Auth\Access\HandlesAuthorization;
class PopupPolicy
{
use HandlesAuthorization;
/**
* Determine whether the popup can view any models.
*
* #param App\Models\User $user
* #return mixed
*/
public function viewAny(User $user)
{
return $user->hasPermissionTo('list popups');
}
/**
* Determine whether the popup can view the model.
*
* #param App\Models\User $user
* #param App\Models\Popup $model
* #return mixed
*/
public function view(User $user, Popup $model)
{
return $user->hasPermissionTo('view popups');
}
/**
* Determine whether the popup can create models.
*
* #param App\Models\User $user
* #return mixed
*/
public function create(User $user)
{
return $user->hasPermissionTo('create popups');
}
/**
* Determine whether the popup can update the model.
*
* #param App\Models\User $user
* #param App\Models\Popup $model
* #return mixed
*/
public function update(User $user, Popup $model)
{
return $user->hasPermissionTo('update popups');
}
/**
* Determine whether the popup can delete the model.
*
* #param App\Models\User $user
* #param App\Models\Popup $model
* #return mixed
*/
public function delete(User $user, Popup $model)
{
return $user->hasPermissionTo('delete popups');
}
/**
* Determine whether the user can delete multiple instances of the model.
*
* #param App\Models\User $user
* #param App\Models\Popup $model
* #return mixed
*/
public function deleteAny(User $user)
{
return $user->hasPermissionTo('delete popups');
}
/**
* Determine whether the popup can restore the model.
*
* #param App\Models\User $user
* #param App\Models\Popup $model
* #return mixed
*/
public function restore(User $user, Popup $model)
{
return false;
}
/**
* Determine whether the popup can permanently delete the model.
*
* #param App\Models\User $user
* #param App\Models\Popup $model
* #return mixed
*/
public function forceDelete(User $user, Popup $model)
{
return false;
}
}
And the manager is assigned:
Permission::create(['name' => 'list popups']);
Permission::create(['name' => 'view popups']);
Permission::create(['name' => 'create popups']);
Permission::create(['name' => 'update popups']);
Permission::create(['name' => 'delete popups']);
While the admin is assigned all the permissions like this:
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* #var array
*/
protected $policies = [
// 'App\Models\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* #return void
*/
public function boot()
{
// Automatically finding the Policies
Gate::guessPolicyNamesUsing(function ($modelClass) {
return 'App\\Policies\\' . class_basename($modelClass) . 'Policy';
});
$this->registerPolicies();
// Implicitly grant "Super Admin" role all permission checks using can()
Gate::before(function ($user, $ability) {
logger($ability);
if ($user->isSuperAdmin()) {
return true;
}
});
}
}
[TRIED]
<?php
namespace App\Http\Livewire\Table\Popup;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use App\Models\Popup;
use Livewire\Component;
class Index extends Component
{
use AuthorizesRequests;
public $popups;
public function mount()
{
//$this->popups = Popup::orderBy('order')->get()->toArray();
$this->popups = Popup::orderBy('order')->get();
}
public function reorder($reorderedIds)
{
$this->authorize('update', array($this->popups));
$orderedIds = collect($reorderedIds)->sortBy('order')->pluck('value');
$this->popups = $orderedIds->map(function ($id) {
return collect($this->popups)->where('id', (int)$id)->first();
})->values();
//logger($this->popups);
foreach ($this->popups as $index => $popup) {
$popup = Popup::find($popup['id']);
$popup->order = $index + 1;
$popup->save();
}
}
public function render()
{
return view('livewire.table.popup.index', ['popups' => $this->popups]);
}
}
But getting this:
403 THIS ACTION IS UNAUTHORIZED.
//Event with the action is authorised(I checked the database and it is 100% authorised.
I think array($this->popups) is causing the issue as the data is different from the controler update authorised method....But how can I solve this if both methods deal differently with the data. In the old controller the update was dealing with a $POST array, while $this->popups deals with a collection.
I think this issue is connected to this PHP 8 modification that makes string keys interpreted as function parameter names. So when the custom policy function is called with the argument unpacking (...) operator here:
return $callback($user, ...$arguments);
the $popup variable (which is behaving like an associative array) from e.g. $this->authorize('update', $popup); becomes the named arguments of the policy functions after the unpacking. However since the policy functions do not have an $id argument, they throw the error.
You can try to run the code with PHP 7 to confirm the source of the issue.
To fix this you can try to embed the extra arguments of authorize() in an array, so the first array unpacking will only deconstruct the outer array, so the $popup array remains intact:
$this->authorize('update', array($popup));
Or you can also remove the extra arguments of authorize() since you don't use them in the policy functions.
Related
Hello When I run page it tells me that:
ErrorException
Undefined variable: tickets (View: D:\xampp\htdocs\new-helpdesk\resources\views\tickets\index.blade.php)
http://localhost:8000/tickets
Hide solutions
$tickets is undefined
when I dd it works.
index.blade.php
#extends('layouts.ticket')
#section('content')
#if ($tickets)
**
**#foreach ($tickets as $ticket)
<div class="form-group">
{!! Form::label('company', 'Company:', ['class' => 'form-label fs-6 d-inline-block']) !!}
{!! Form::select('company', [' '=> 'Choose Company'], null,['class'=>'form-control']);!!}
</div>
#endforeach
#endif
#endsection
TicketsController
<?php
namespace App\Http\Controllers;
use App\Models\Companies;
use App\Models\Tickets;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class TicketsController extends Controller
{
/**
* Display a listing of the resource.
*
* #return \Illuminate\Http\Response
*/
public function index()
{
//
// $tickets = Tickets::with('companies')->get();
return view('tickets.index');
}
/**
* Show the form for creating a new resource.
*
* #return \Illuminate\Http\Response
*/
public function create()
{
//
// return view('tickets.create');
$tickets = Companies::all();
dd($tickets->toArray());
// return view('tickets.index', compact('tickets'))->with('tickets', $tickets);
return view('tickets.index')->with(['tickets' => $tickets]);
}
/**
* Store a newly created resource in storage.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function store(Request $request)
{
//
$request->validate([
'ticket_title'=> 'required',
'description'=>'required'
]);
$query = DB::table('tickets')->insert([
'ticket_title'=>$request->input('ticket_title'),
'description'=>$request->input('description'),
]);
if($query){
return back()->with('success','Data have beeen inserted');
} else {
return back()->with('fail', 'Data not inserted');
}
}
/**
* Display the specified resource.
*
* #param \App\Models\Tickets $tickets
* #return \Illuminate\Http\Response
*/
public function show(Tickets $tickets)
{
//
}
/**
* Show the form for editing the specified resource.
*
* #param \App\Models\Tickets $tickets
* #return \Illuminate\Http\Response
*/
public function edit(Tickets $tickets)
{
//
}
/**
* Update the specified resource in storage.
*
* #param \Illuminate\Http\Request $request
* #param \App\Models\Tickets $tickets
* #return \Illuminate\Http\Response
*/
public function update(Request $request, Tickets $tickets)
{
//
}
/**
* Remove the specified resource from storage.
*
* #param \App\Models\Tickets $tickets
* #return \Illuminate\Http\Response
*/
public function destroy(Tickets $tickets)
{
//
}
public function showcategory(){
// $companies = Companies::pluck('name', 'id');
// dd($companies);
}
}
web.php
Route::resource('/tickets', TicketsController::class);
Route::resource('/companies', CompaniesController::class);
Tickets Model
public function companys(){
return $this->belongsTo(Companies::class);
}
Companies Model
public function tickets(){
return $this->HasMany(Tickets::class);
}
How can I solve this problem?
I try to change it as layout
You have a little chaos in your return value, you either pass the collection in compact() or in with(). with() needs an array, so you will have to do one of the following:
return view('tickets.index', compact('tickets'));
//or
return view('tickets.index')->with(['tickets' => $tickets]);
=====EDIT
The /tickets route is calling your index() action. https://laravel.com/docs/9.x/controllers#actions-handled-by-resource-controller This action also returns the index.blade.php view, but you are not passing the tickets collection.
public function index()
{
$tickets = Tickets::with('companies')->get();
return view('tickets.index')->with(['tickets' => $tickets]);
}
As TimLewis pointed out, the #if($tickets) in your index.blade.php has no purpose and can be removed.
I have used Laravel Policies successfully in the past but am having issues with one currently.
In an ArticleController I have the following method:
/**
* Show the form for creating a new resource.
*
* #return \Illuminate\Http\Response
*/
public function create()
{
$this->authorize('create', Article::class);
$categories = $this->categories;
return view('editable.news.create', compact('categories'));
}
My ArticlePolicy looks like this:
<?php
namespace App\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
use App\User;
use App\Article;
class ArticlePolicy
{
use HandlesAuthorization;
/**
* Create a new policy instance.
*
* #return void
*/
public function __construct()
{
//
}
/**
* Determine whether the user can view the post.
*
* #param \App\User $user
* #param \App\Post $post
* #return mixed
*/
public function show(User $user, Article $article)
{
// If the article is published
if ($article->published) {
return true;
}
// A user with permission can view unpublished articles
if ($user->can('view unpublished articles')) {
return true;
}
// Authors can view their own unpublished posts
if ($user->username === $article->author->username) {
return true;
}
}
/**
* Determine whether the user can create posts.
*
* #param \App\User $user
* #return mixed
*/
public function create(User $user)
{
return true;
}
/**
* Determine whether the user can update the post.
*
* #param \App\User $user
* #param \App\Post $post
* #return mixed
*/
public function update(User $user, Article $article)
{
if ($user->can('edit own articles')) {
return $user->username === $article->author->username;
}
if ($user->can('edit any articles')) {
return true;
}
}
/**
* Determine whether the user can delete the post.
*
* #param \App\User $user
* #param \App\Post $post
* #return mixed
*/
public function delete(User $user, Article $article)
{
// A user can delete their own articles
if ($user->can('delete own articles')) {
return $user->username === $article->author->username;
}
// A user with permission can delete any article
if ($user->can('delete any articles')) {
return true;
}
}
}
You can see in the create method I am just returning true, this is deliberate.
Whenever I hit the create blade I always receive a 403 error.
I also have an accompanying test:
/** #test */
public function a_user_with_permission_can_create_an_article()
{
$this->setupPermissions();
$user = factory(User::class)->create();
$user->assignRole('news contributor');
$article = factory(Article::class)->raw(['excerpt' => null]);
$this->actingAs($user)
->get(route('thanos.articles.create'))
->assertStatus(200);
$this->post(route('thanos.articles.store'), $article);
$this->assertDatabaseHas('articles', [
'user_username' => $user->username,
'title' => $article['title']
]);
}
I have implemented a user policy in Laravel as follows.
namespace App\Policies;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class UserPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can list the model.
*
* #param \App\User $user
* #return mixed
*/
public function index(User $user)
{
// only a chief editor can view all users
$authorized = false;
$authorized = ($user->role->name === 'Chief Editor');
return $authorized;
}
/**
* Determine whether the user can view the model.
*
* #param \App\User $user
* #param \App\User $model
* #return mixed
*/
public function view(User $user, User $model)
{
// only a chief editor or user(who owns the user) can view the user
$authorized = false;
$authorized = ($user->role->name === 'Chief Editor' || $user->id === $model->id);
return $authorized;
}
/**
* Determine whether the user can create models.
*
* #param \App\User $user
* #return mixed
*/
public function create(User $user)
{
// only a chief editor can create a user
$authorized = false;
$authorized = ($user->role->name === 'Chief Editor');
return $authorized;
}
/**
* Determine whether the user can update the model.
*
* #param \App\User $user
* #param \App\User $model
* #return mixed
*/
public function update(User $user, User $model)
{
// only a chief editor or user(who owns the user) can update the user
$authorized = false;
$authorized = ($user->role->name === 'Chief Editor' || $user->id === $model->id);
return $authorized;
}
/**
* Determine whether the user can delete the model.
*
* #param \App\User $user
* #param \App\User $model
* #return mixed
*/
public function delete(User $user, User $model)
{
// only a chief editor or user(who owns the user) can delete the user
$authorized = false;
$authorized = ($user->role->name === 'Chief Editor' || $user->id === $model->id);
return $authorized;
}
}
And here is my user controller.
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests\StoreUser;
use App\Http\Requests\UpdateUser;
use App\User;
use App\Role;
class UserController extends Controller
{
public function __construct()
{
$this->middleware('auth');
$this->middleware('can:index,App\User')->only('index');
$this->middleware('can:view,user')->only('show');
$this->middleware('can:create,App\User')->only('create', 'store');
$this->middleware('can:update,user')->only('edit', 'update');
$this->middleware('can:delete,user')->only('destroy');
}
/**
* Display a listing of the resource.
*
* #return \Illuminate\Http\Response
*/
public function index()
{
$users = User::paginate(5);
return view('users.index')
->with('users', $users);
}
/**
* Show the form for creating a new resource.
*
* #return \Illuminate\Http\Response
*/
public function create()
{
// fetch roles
$roles = Role::all();
return view('users.create')
->with('roles', $roles);
}
/**
* Store a newly created resource in storage.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function store(StoreUser $request)
{
//
}
/**
* Display the specified resource.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function show($id)
{
$user = User::findOrFail($id);
return view('users.show')
->with('user', $user);
}
/**
* Show the form for editing the specified resource.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function edit($id)
{
$user = User::findOrFail($id);
return view('users.edit')
->with('user', $user);
}
/**
* Update the specified resource in storage.
*
* #param \Illuminate\Http\Request $request
* #param int $id
* #return \Illuminate\Http\Response
*/
public function update(UpdateUser $request, $id)
{
//
}
/**
* Remove the specified resource from storage.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function destroy($id)
{
//
}
}
However, when I access an action with multiple parameters in the policy method(two user objects), I get the This action is unauthorized. error.
I have also tried returning true without any checks from these methods but still the same issue persists.
Is this my code issue or a bug with Laravel?
Update: Your code is not working because you'r not passing the second user to the policy.
You'r not using route model binding, so the user passed to the view method, for example, does not exist. When the model does not exist, Laravel will not check for the policy and just return false.
The following is an example from the documentation, and it works becuase of the route model binding.
Route::put('/post/{post}', function (Post $post) {
// The current user may update the post...
})->middleware('can:update,post');
The Answer:
Does not make sense to use authorization in the controller constructor. If you want to use middleware for authorization, attach it to the route not the controller.
If you allow the request to reach the controller, then it would be better to check for authorization in the action not the constructor. It will also be easier to read and debug.
I would remove all the calls to can middleware from the constructor and replace it with a call to authorize in the action.
You controller should be like this:
public function __construct()
{
$this->middleware('auth');
}
public function index()
{
$this-authorize('index'); // This will check for authorization
$users = User::paginate(5);
return view('users.index')
->with('users', $users);
}
public function show($id)
{
$user = User::findOrFail($id);
$this->authorize('view', $user);
return view('users.show')
->with('user', $user);
}
Also, no need for the temprory variable in your policy class.
public function index(User $user)
{
// only a chief editor can view all users
return $user->role->name === 'Chief Editor'
}
public function view(User $user, User $model)
{
// only a chief editor or user(who owns the user) can view the user
return $user->role->name === 'Chief Editor' || $user->id === $model->id)
}
As a side note, in your show action, Why don't you use implicit route model binding? It would be much cleaner.
// web.php
Route::get('users/{user}', 'UserController#show');
// UserController.php
public function show(User $user)
{
$this->authorize('view', $user);
return view('users.show', compact('user');
}
I am stuck with this error in Laravel:
Trying to get property of non-object (View: C:...\resources\views\admin\users\index.blade.php)
Is anything wrong with my code?
This My index
#extends('layouts.admin')
#section('content')
<h1>Users</h1>
<table class="table">
<thead>
<tr>
<th>Id</th>
<th>Name</th>
<th>Email</th>
<th>Role</th>
<th>Status</th>
<th>Created</th>
<th>Updated</th>
<th>Photo</th>
</tr>
</thead>
<tbody>
#if($users)
#foreach($users as $user)
<tr>
<td>{{$user->id}}</td>
<td>{{$user->name}}</td>
<td>{{$user->email}}</td>
<td>{{$user->role->name}}</td>
<td>{{$user->active == 1 ? 'Active' : 'Not Active'}}</td>
<td>{{$user->created_at->diffForHumans()}}</td>
<td>{{$user->updated_at->diffForHumans()}}</td>
<td>{{$user->photo_id}}</td>
</tr>
#endforeach
#endif
</tbody>
</table>
#stop
This my Controller
public function index()
{
//
$users = User::all();
return view('admin.users.index', compact('users'));
}
/**
* Show the form for creating a new resource.
*
* #return \Illuminate\Http\Response
*/
public function create()
{
//
$roles = Role::pluck('name','id')->all();
return view('admin.users.create', compact('roles'));
}
/**
* Store a newly created resource in storage.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function store(UsersRequest $request)
{
//Buat bikin create dengan method ini
User::create($request->all());
return redirect('/admin/users');
// return $request->all();
}
/**
* Display the specified resource.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function show($id)
{
//
return view('admin.users.show');
}
/**
* Show the form for editing the specified resource.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function edit($id)
{
//
return view('admin.users.edit');
}
/**
* Update the specified resource in storage.
*
* #param \Illuminate\Http\Request $request
* #param int $id
* #return \Illuminate\Http\Response
*/
public function update(Request $request, $id)
{
//
}
/**
* Remove the specified resource from storage.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function destroy($id)
{
//
}
}
This my Request
class UsersRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* #return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* #return array
*/
public function rules()
{
return [
//
'name'=>'required',
'password'=>'required',
'email'=>'required',
'active'=>'required',
'role_id'=>'required',
'photo_id'=>'required|image|mimes:jpeg,png,jpg,gif,svg|max:7098',
];
}
}
This means (inside the controller)
$users = User::all();
returns empty object. There are no users in the db. The error probably comes from (admin/users/index.blade.php)
{{$user->id}}
and the other lines follow as well.
Before looping over the users, check if the data is empty. Correct this line
#if($users)
to look like this
#if($users->toArray())
It will return an empty array if there are no records for users and never enter in loop.
This will correct your error.
PS: Put an else statement for the #if statement with proper message so you can know it worked.
Please change this line
<td>{{$user->role->name}}</td>
to
<td>{{ $user->role ? $user->role->name : '-' }}</td>
Should work now... :)
i am a new laravel user and a have admin page which doing update delete and insert my problem is i dont know how to call this functions in route.
Note: all this options working on one page (admin).
so please can anyone help me ?!
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Http\Requests;
use DB;
class BlogPostController extends Controller
{
/**
* Display a listing of the resource.
*
* #return Response
*/
public function index(){
$date = date('Y-m-d');
$time = time('H:i:s');
/*$sections = ['History' => 'history.png','Electronics' => 'electronics.png','Electrical' => 'electrical.png','Science' => 'science.png',
'Art'=>'ARt.png','Database'=>'database.png','Irrigation'=>'irrigation.png','Novel'=>'Novel.png','Style'=>'Stsyle.png'];
*/
$sections = DB ::table('sections')->get();
return view('libraryViewsContainer.library')->withSections($sections)->withDate($date)->withTime($time);
}
/**
* Show the form for creating a new resource.
*
* #return Response
*/
public function create(){
//return View::make('posts.create');
return '<center><h1>Creating new section in the library!</h1></center>';
}
/**
* Store a newly created resource in storage.
*
* #return Response
*/
public function store( Request $request){
$section_name = $request->input('section_name');
$file = $request->file('image');
$destinationPath = 'images';
$filename = $file->getClientOriginalName();
$file->move($destinationPath,$filename);
DB ::table('sections')->insert(['section_name'=>$section_name,'image_name'=>$filename]);
return redirect('admin');
}
/**
* Display the specified resource.
*
* #param int $id
* #return Response
*/
public function show($id){
// $post = Post::find($id);
// return View::make('posts.show')->with('post', $post);
}
/**
* Show the form for editing the specified resource.
*
* #param int $id
* #return Response
*/
public function edit($id){
// $post = Post::find($id);
// return View::make('posts.edit')->with('post', $post);
}
/**
* Update the specified resource in storage.
*
* #param int $id
* #return Response
*/
public function update($id,Request $request){
$section_name = $request->input('section_name');
DB ::table('sections')->where('id',$id)->update(['section_name'=>$section_name]);
return redirect('admin');
}
/**
* Remove the specified resource from storage.
*
* #param int $id
* #return Response
*/
public function destroy($id){
DB :: table('sections')->where('id',$id)->delete();
return redirect('admin');
}
public function admin()
{
$sections = DB ::table('sections')->get();
return view('libraryViewsContainer.admin',['sections'=>$sections]);
}
}
Not entirely sure of the question, but you list the routes in routes.php, under the web group (so it applies default checks).
When you have resources, they'll use CRUD operations (create, read, update, delete) and will correspond to the default operates in the class. Else, make your own function names, and put seperate routes.
Route::group(['middleware' => ['web', 'auth']], function () {
Route::resource('/user', 'UserController');
}
Another option is calling the method direct in your routes:
Route::get('/auth/login', '\App\Http\Controllers\Auth\AuthController#getLogin');
Route::any('/datafeed/{id}/validate', 'DataFeedController#validateQuery');
You'll notice {id} which is the variable available in the function you've selected i.e. function validateQuery($id);
Here's a full example:
class UserController extends BaseController
{
public function __construct(User $model)
{
parent::__construct($model);
}
/**
* Display a listing of the resource.
*
* #return \Illuminate\Http\Response
*/
public function index()
{
$collection = $this->model->all();
return view('user.index')->with('collection', $collection);
}
/**
* Show the form for creating a new resource.
*
* #return \Illuminate\Http\Response
*/
public function create()
{
return view('user.create');
}
/**
* Store a newly created resource in storage.
*
* #param \Illuminate\Http\Request $request
* #return \Illuminate\Http\Response
*/
public function store(Request $request)
{
$input = Input::except(['_method', '_token']);
$connector = $this->model->create($input);
return redirect()->action('UserController#show', [$connector->id]);
}
/**
* Display the specified resource.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function show($id)
{
$connector = $this->model->findOrFail($id);
return view('user.show')->with('connector', $connector);
}
/**
* Update the specified resource in storage.
*
* #param \Illuminate\Http\Request $request
* #param int $id
* #return \Illuminate\Http\Response
*/
public function edit($id)
{
$connector = $this->model->findOrFail($id);
return view('user.edit')->with('connector', $connector);
}
/**
* Show the form for editing the specified resource.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function update(Request $request, $id)
{
$input = Input::except(['_method', '_token']);
$connector = $this->model->findOrFail($id);
$connector->update($input);
return redirect()->action('UserController#show', [$id]);
}
/**
* Remove the specified resource from storage.
*
* #param int $id
* #return \Illuminate\Http\Response
*/
public function destroy($id)
{
$currentID = Auth::user();
$user = $this->model->findOrFail($id);
if ($currentID->id != $user->id) {
$user->delete();
} else {
Session::flash('flash_message', "You cant delete your own account!");
Session::flash('flash_type', 'alert-danger');
}
return redirect()->action('UserController#index');
}
And another example with a custom route:
Route::any('/datafeed/{id}/execute', 'DataFeedController#execute');
public function execute($id, $test = false) {
$results = $this->executeQuery($id, $test);
return view('datafeed.execute')->with('results', $results);
}
I'm not entirely sure on your plans (or even if you've fully read the documentation?) but you can access these functions by doing something similar to the following in your routes.php or Routes\web.php (depending on your version) file:
Route::get('/blog/create', 'BlogPostController#create');
Route::get('/blog/article/{id}', 'BlogPostController#show');
The first part is defining the route and the second part is saying what method should be run on the defined controller when this route is matched in the address bar. It doesn't always have to be get requests though, you can do get, post, patch and put