Problems with ownership and @can
Closed this issue · 1 comments
Hi everyone, perhaps someone can help.
On a fresh Laravel installation i installed Bouncer V1.0.
I try to set full ownership on the user model for the current logged in user.
Checking for $user->can('edit', \App\Models\User::class) always gives me a not allowed in return.
What i have tried so far:
I added full access for the logged in user to Users model.
\Bouncer::allow(\Auth::user())->toOwn(\App\Models\User::class);
Now i check permissions with:
dd(\Bouncer::can('edit', \App\Models\User::class));
This gives me false/denied.
Then i had the idea to add a "edit" ability for Users model:
\Bouncer::allow(\Auth::user())->to('edit', \App\Models\User::class);
Now checking for
dd(\Bouncer::can('edit', \App\Models\User::class));
gives me true/allowed
So far so bad, the idea is to give the logged in user full access (ownership) to the users model.
So i removed the edit role again:
\Bouncer::disallow(\Auth::user())->to('edit', \App\Models\User::class);
Now checking again by ownership:
dd(\Bouncer::can('edit', \App\Models\User::class));
i get false/denied again.
Does someone have a running installation using ownership and or does someone have an idea whats going wrong?
Is it a bug?
Solved, i was looking for \Bouncer::allow(\Auth::user())->toManage(\App\Models\User::class);