I am facing a problem on a Request in which i am using a policy on it's authorize() method. It receives an array of IDs from the input request , which i then use for getting those from the DB and i have to confirm if a field called seller_id from one of those records matches the user logged. If so, o have to return false and i cannont keep on executing the job, if not i keep going. Not sure if i can pass that array as parameter so i tried the following option, which doesnt work. Any suggestions?
on the Request
public function authorize()
{
//return true;
$tickets = Ticket::find(request()->input('tickets_ids'))->get();
foreach($tickets as $ticket){
return request()->user()->can('buyTicket', $ticket);
}
}
on the Policy
public function buyTicket(User $user, Ticket $ticket){
if($user->id !== $ticket->seller_id){
return true;
}
return false;
}
Modify your request so it only aborts the loop if the current user can't buy the ticket. Otherwise, return true at the end of the function.
public function authorize()
{
$tickets = Ticket::findMany(request()->input('tickets_ids', []))->get();
foreach ($tickets as $ticket) {
$userCanBuyTicket = request()->user()->can('buyTicket', $ticket);
if (!$userCanBuyTicket) {
return false;
}
}
return true;
}
Related
I have an application using Laravel in backend.
In web.php, I'm defining the following route :
Route::get('/customize/{id}', function () {
if (Profile::where('user_id', User::find(4))) {
return true;
}
return false;
});
Basically I want for example when user_id = 4, return true. {id} is the id of the profile. So if the profile has as user_id of 4, the link will return true, else it's false.
For some reason whatever the value I'm setting in user::find() it returns true.
Example of the profile table :
Try this code:
Route::get('/customize/{id}', function () {
if (Profile::where('user_id', User::find(4))->first()) {
return true;
}
return false;
});
By adding first() you will select only one record or null, the result will be true or false.
Try it first
Hope it will helps
You write a subquery which is User::find(4) it will give you an collection object and in your main query you need to check is it exit or not with where condition. So from you need to get id from from your object User::find(4)->id then it can match with user_id;
Route::get('/customize/{id}', function () {
if (Profile::query()->where('user_id','=', User::query()->find(1)->id)->exists()) {
return 'true';
}
return 'false';
});
I just like to add, that Route::fallback() only handles the GET method:
public function fallback($action)
{
$placeholder = 'fallbackPlaceholder';
return $this->addRoute(
'GET', "{{$placeholder}}", $action
)->where($placeholder, '.*')->fallback();
}
If you want to build a fallback for any other HTTP method, than you would have to use an other way:
Route::any('{fallbackPlaceholder}', $action)->where(
'fallbackPlaceholder', '.*'
)->fallback();
I'm trying to create a custom omnipay driver for a local gateway called creditguard.
For this gateway you need to post the data to the endpoint and get back a redirect url for the payment form.
My question is how do you post and get the response before making the purchase?
Edit:
Gateway.php
class Gateway extends AbstractGateway
{
public function getName()
{
return 'Creditguard';
}
public function getDefaultParameters()
{
return array();
}
public function getEndpoint()
{
return 'https://verifonetest.creditguard.co.il/xpo/Relay';
}
public function purchase(array $parameters = array())
{
return $this->createRequest('\Nirz\Creditguard\Message\PurchaseRequest', $parameters);
}
public function completePurchase(array $parameters = array())
{
return $this->createRequest('\Nirz\Creditguard\Message\CompletePurchaseRequest', $parameters);
}
}
PurchaseRequest.php
class PurchaseRequest extends AbstractRequest
{
protected $liveEndpoint = 'https://verifonetest.creditguard.co.il/xpo/Relay';
protected $testEndpoint = 'https://verifonetest.creditguard.co.il/xpo/Relay';
public function getData()
{
$this->validate('amount');
// Either the nodifyUrl or the returnUrl can be provided.
// The returnUrl is deprecated, as strictly this is a notifyUrl.
if (!$this->getNotifyUrl()) {
$this->validate('returnUrl');
}
$data = array();
$data['user'] = 'user';
$data['password'] = 'password';
$data['tid'] = '11111111';
$data['mid'] = '111111';
$data['amount'] = '20000';
$data['int_in'] = '<ashrait>
<request>
<version>1000</version>
<language>HEB</language>
<dateTime></dateTime>
<command>doDeal</command>
<doDeal>
<terminalNumber>'.$data['tid'].'</terminalNumber>
<mainTerminalNumber/>
<cardNo>CGMPI</cardNo>
<total>'.$data['amount'].'</total>
<transactionType>Debit</transactionType>
<creditType>RegularCredit</creditType>
<currency>ILS</currency>
<transactionCode>Phone</transactionCode>
<authNumber/>
<numberOfPayments/>
<firstPayment/>
<periodicalPayment/>
<validation>TxnSetup</validation>
<dealerNumber/>
<user>'. $data['user'] .'</user>
<mid>'.$data['mid'].'</mid>
<uniqueid>'.time().rand(100,1000).'</uniqueid>
<mpiValidation>autoComm</mpiValidation>
<email>someone#creditguard.co.il</email>
<clientIP/>
<customerData>
<userData1/>
<userData2/>
<userData3/>
<userData4/>
<userData5/>
<userData6/>
<userData7/>
<userData8/>
<userData9/>
<userData10/>
</customerData>
</doDeal>
</request>
</ashrait>';
return $data;
}
public function sendData($data)
{
// $httpResponse = $this->httpClient->post($this->getEndpoint(), null, $data);
return $this->response = new PurchaseResponse($this, $data);
}
public function getEndpoint()
{
return $this->getTestMode() ? $this->testEndpoint : $this->liveEndpoint;
}
}
PurchaseResponse.php
class PurchaseResponse extends AbstractResponse implements RedirectResponseInterface
{
public function isSuccessful()
{
return false;
}
public function isRedirect()
{
return true;
}
public function getRedirectUrl()
{
// return $this->getRequest()->getEndpoint().'?'.http_build_query($this->data);
return $this->getRequest()->data['mpiHostedPageUrl'];
// return isset($this->data['mpiHostedPageUrl']) ? $this->data['mpiHostedPageUrl'] : null;
}
public function getRedirectMethod()
{
return 'GET';
}
public function getRedirectData()
{
return [];
}
}
Not sure how to get the response's mpiHostedPageUrl so I can redirect to the correct url.
Assuming this is the payment gateway documentation in question.
You just go ahead and make the transaction request, the customer won't be charged as they'll have to authorise it on the next page by entering in their payment details.
The response of that transaction request contains an element mpiHostedPageUrl, which you can see on page 13 of that document, that contains the URL you need to get from the response to provide the redirect.
I know this is very old question. First you need to set 'mpiHostedPageUrl' in your getData method of PurchaseRequest.php and access in PurchaseResponse.php by using $this->data['mpiHostedPageUrl'].
HATEOAS (Hypermedia as the Engine of Application State) is a way to organize the response for REST application.
In HATEOAS world, the response JSON may contains all URL the client may need. Example, in github API, the response contain URL for accessing to repository, user, pull request...
So, I suggest you to call the gateway with the first POST request and then, according to the JSON response, call to provided URL which will represent the redirection.
Another solution could be to use a ZUUL gateway (in Spring-Boot) which will perform the redirection for you.
You can find a description here : https://spring.io/guides/gs/routing-and-filtering/
I'm trying to update result in the database.The Update query is working fine, values are getting updated but controller show else results always.
Below code
base Controller
#update/save in model
$data = ['twitter_link' => $this->input->post('twitter_link')];
if($this->Restaurant_admin->update_site_settings($data,'setting_id',1,'site_setting')){
$this->session->set_flashdata("update_success_twitter","Twitter link updated successfully.");
redirect('admin/Entry/basic_table');
}else{
$this->session->set_flashdata("update_success_twitter","Something went wrong data not saved.");
redirect('admin/Entry/basic_table');
}
Restaurant_admin Model
public function update_site_settings($data,$where_cond,$value,$table_name)
{
$this->db->set($data);
$this->db->where($where_cond,$value);
$this->db->update($table_name,$data);
}
#update_site_settings
In model update_site_settings function check the query is executed or not, If executed successfully return true else return false
public function update_site_settings($data,$where_cond,$value,$table_name)
{
$this->db->set($data);
$this->db->where($where_cond,$value);
if($this->db->update($table_name,$data))
{
return true;
}
else
{
return false;
}
}
I have ACL set up with laravel. I have the following helper:
function user($user_id = null)
{
if (!$user_id) return Auth::user();
return User::where('id', $user_id)->first();
}
I have this helper function so I don't have to type the long Auth::user().
Here's the problem. I have ACL set up so when I do something like the following in my model and the user is not logged in, I get an error.
if (user()->can('edit-blog')) {
echo 'you can edit blog!';
}
This is the error if the user is not logged in:
Call to a member function can() on null
Now, I have the following code everywhere in my site. I am using ACL in almost every view and model and controller. I don't want to have to do something like the following just to not get the error.
if (user() && user()->can('edit-blog')) {
// do stuff
}
How can I return false if there is a "null" error or an exception?
** What I have tried **
I have tried try/catch but it does not do anything:
try {
if (!$user_id) return Auth::user();
return User::where('id', $user_id)->first();
} catch (Exception $ex) {
return false;
}
Thank you for your support.
You need to check if the user is logged in before calling can
if(Auth::check() && user()->can('edit-post')){
Return true;
}else{
Return false;
}
I can't put real code here because is very long and will be hard to
explain.
I have users table in database and I have data table in database too.
So, to get the user data I'll pass user_id as parameter. Like this:
public function get_user_data($user_id) {
}
But. I can only get 1 data per "request". (Keep reading)
public function user_data() {
$getUsers = $this->db->get('users');
foreach($getUsers->result_array() as $user)
{
$data = $this->get_user_data($user->ID);
var_dump($data); // Only return 1 data;
}
}
But, I guess that have an way to "bypass" this but I don't know. I'm having trouble thinking.
As I said, I want to "bypass" this, and be able to send multiple user IDs, my real function do not accept that by default and can't be changed.
Thanks in advance!
replace
foreach($getUsers->result_array() as $user)
{
$data = $this->get_user_data($user->ID);
var_dump($data); // Only return 1 data;
}
to this
foreach($getUsers->result_array() as $user)
{
$data[] = $this->get_user_data($user->ID);
}
var_dump($data);
If you are aiming at sending more data to the function, you always need to make signature change of your function as one of the below :
function get_user_data() {
$args = func_get_args();
/** now you can access these as $args[0], $args[1] **/
}
Or
function get_user_data(...$user_ids) {
/** now you can access these as $user_ids[0], $user_ids[1] **/
}
// Only higher version of PHP
But I am not sure how you will handle returning data.
EDIT: Yes, then in the function, you can collect data in array and return an array of data from function.
If you can change in your function from where to where_in I think you will get an easy solution.
public function get_user_data($user_ids)
{
// your db code
$this->db->where_in('ID',$user_ids); //replace where with where_in
}
public function user_data()
{
$getUsers = $this->db->get('users');
foreach($getUsers->result_array() as $user)
{
$user_ids[] = $user->ID;
}
$this->get_user_data($user_ids);
}