Policy的授权不通过

PostPolicy:

public function update(User $user, Post $post)
{
return $user->id=== $post->user_id;
}

//删除
public function delete(User $user, Post $post)
{
return $user->id=== $post->user_id;
}
Auth:
protected $policies = [
//'App\Model' => 'App\Policies\ModelPolicy',
'App\Post' => 'App\Policies\PostPolicy',
];
控制器:
//编辑逻辑
public function update(Post $post)
{
//验证
$this->validate(\request(),[
'title'=>'required|string|max:100|min:5',
'content'=>'required|string|min:10'
]);


$this->authorize('update', $post);//策略类认证

//逻辑
$post->title= \request('title');
$post->content= \request('content');
$post->save();

//渲染
return view('post/show',compact('post'));

}
结果:


Symfony \ Component \ HttpKernel \ Exception \AccessDeniedHttpException
This action is unauthorized.

2 条回复

  1. 学院君 学院君 says:

    policy里面用==试试吧 因为从数据库查询出来的id可能是字符串格式

登录后才能进行评论,立即登录?