Check role bug
Closed this issue · 1 comments
Hi! (sorry my bad english) I found bug in check role when work with another plugins. Example: if middleware plugins write 'middleware' => ['web','auth', 'roles:admin'], roles:admin will cause an error,
I corrected the error like this: in CheckRole.php add code:
`public function handle($request, Closure $next, $role = null)
{
// Get the required roles from the route
$roles = $this->getRequiredRoleForRoute($request->route());
// Check if a role is required for the route, and
// if so, ensure that the user has that role.
if(!is_null($role) && $request->user()->hasRole($role)) {
return $next($request);
}
if (is_null($role) && ($request->user()->hasRole($roles) || !$roles)) {
return $next($request);
}
return response([
'error' => [
'code' => 'INSUFFICIENT_ROLE',
'description' => 'You are not authorized to access this resource.',
],
], 401);
}`
@alexeydg I think you miss the actual documentation.
I didn't mention 'middleware' => ['web','auth', 'roles:admin'], roles:admin
Please use
// Check role in route middleware
Route::group(['namespace' => 'Admin', 'prefix' => 'admin', 'middleware' => ['auth', 'roles'], 'roles' => 'admin'], function () {
Route::get('/', ['uses' => 'AdminController@index']);
});