Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have the following user roles in my application:
Admin
Client
Contractor
They are controlled by ACL for each function / page.
I want to create a new one called Client_site. But I want this new role to route through to the Client prefixed pages. e.g. /client/:controller/:action
Basically I want it to use all the same pages as the client role, but just have read only access to them. Which I have set up in the ACL tables.
How would I set this up in the routing?
Also is there anything else I will need to amend to get this working?
If you mean read only access to your data, then you'd need to have separate functions for the new role, otherwise they'd still have the same access given to client. It makes sense to follow the guidelines. For example, you'd have a newrole_index, and a newrole_index.ctp, so the newrole does't have the same view as the client. You don't want your users see buttons that lead to places they can't actually go, which would happen if you shared the prefix with them.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed last year.
Improve this question
I am learning laravel 8. I am getting confused visualizing how the whole thing works like request respond cycle, routes etc.
Is there any source where the whole laravel working scheme is visualized?
Got this image from google. Hope this is clear to you. The basic flow you need to remember:
Define Route
Call Controller#method for that route
Call Model to Query the database
Pass data to a blade view file
render that blade view file for user to see
There are many more things come in when you start developing properly. EG:
Events, Jobs, Mailables, Notifications
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I've developed a Laravel-based app that sends out various emails such as informing users of new jobs as well as new messages.
I have created all the necessary Mail classes. We now want to create a database column that will allow individual users to set whether they want to receive those notification emails or not.
When a user performs an action that would normally send out an email, I want the system to check if the user wants to receive those emails based on their settings in the database. I don't want to wrap all calls to email, in the code, with unnecessary if() functions.
Is there a preferred design pattern that I could use to handle this?
It's called the Facade Pattern: https://en.wikipedia.org/wiki/Facade_pattern
Extend Laraval's PendingMail object
Override the send() function to Only call parent::send() if your if() condition is met
Make Mail::to() return your extended version
Laravel has some documentation on how to do this here:
https://lumen.laravel.com/docs/7.x/mail
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I have been looking all over the internet for different ways to implement multi-level. My issue is I want admin users to be able to sign specific permissions to users. For example
User 1: Manage Docs , View Images ...
User 2: Manage Docs , Delete and View Images.
I was thinking of using a table called user permissions. And create a link between the user and the permissions. Just how would I check against this table. I do not have any code as of yet as I am trying to understand how this could be implemented.
There is an library for laravel called Sentry, it helps you out to handle user's permissions as you're describing through a JSON.
Here is how to implement it in Laravel 5.
Here Documentation of library
Hope this helps!
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am buiding a licence style system where a user can buy one or a number of licences. They can then log in to the system only once with each licence (similar to Spotify). So a user buys 2 licences. They can log in once in Firefox and once with Chrome. If they try to log in using IE the system will prompt/warn that they will be logged out of another session.
I understand a user could just use multiple instances of the same browser to gain access to multiple sessions/screens but thats fine. We are really only trying to stop users from using multiple devices (2+ separate PCs) if their licence restricts.
Any idea how I would go about this? Can I check session data from another instance or should I store the logins in a separate table and check against that?
Thanks
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
Im working on a PHP based web app which allows users to login. What would be the appropriate method of 404'ing all the back-end - (the actual application pages).
I've got a user-tools class which has a check-login function in it, that I use at the moment. If the user isn't logged-in, it redirects to a 404.
However I'm wondering is there a better way to set this up? Could I have a global page that has a list of all the pages that should 404 if the user isn't logged in? If so, how would you set that up?
Many website have all their traffic through a single entry point. In such a setup, you can define a constant in that single file, and check it in every file that is included, so you know whether the file was in fact loaded by the entry file. This method is implemented in MediaWiki for example.
Another solution is to put all the include files outside of the document root. Many frameworks (like CodeIgnitor and others) allow you to specify this directory, and allow you to put it anywhere you want. If it's outside the doc root, visitors cannot load files from that directory directly.