允许管理员用户查看其他用户类型可以查看/执行的操作吗? [英] Allow admin users to see what other user type can see/do?
问题描述
我有一个包含2种类型的用户的Laravel Web应用程序:
I have a Laravel web application consist of 2 types of user:
- 客户
- 管理员
根据他们的用户类型,他们可以看到并执行不同的操作.
Base on their user type , they can see, and perform different things.
客户
以客户身份登录时,我的客户将看到不同的仪表板.
When log-in as customer, my customer will see different dashboard.
管理员
以管理员身份登录时,我可以在表中看到用户列表
When log-in as admin, I can see a list of users in a table
示例
- userA
- userB
- userC
- 更多…
目标: 我想查看在单击列表中的一个用户时看到的客户.
Goal: I want to see what customer see when click on one of the user on the list.
我无法提出解决方案.
I couldn’t come up the solution for that.
IMO
Auth::user()->type在这种情况下会起作用吗?
Will Auth::user()->type work for this scenario ?
目标是在实际Auth::user()->type == ‘admin’时将页面呈现为Auth:user()->type == ‘customer’.我不确定我尝试做的事是否可行.
The goal is to render the page as Auth:user()->type == ‘customer’, when the actual Auth::user()->type == ‘admin’. I'm not entirely sure if what I am trying to do is possible.
我将如何在Laravel中做类似的事情?
How would I do something like that in Laravel ?
推荐答案
您可以尝试在我的一个项目中所做的工作-实现非常简单,也许您也可以使用它.
You could try what I did in one of my projects - implementation is pretty simple, maybe you can make use of that as well.
我们的 AuthController 中还有其他操作,允许用户切换到其他用户并记住会话中的当前用户ID:
There is additional action in our AuthController that allows a user to switch to other users and remembers current user ID in session:
public function switchUser($userId)
{
// disallow switched users from switching again
if (Session::get('previous_user')) App::abort(403);
$user = User::findOrFail($userId);
Session::set('previous_user', Auth::id());
Auth::login($user);
return redirect('some path');
}
第二部分是自定义的注销功能,对于切换用户,他们将其切换回其原始用户帐户,而不是注销:
Second part is customized logout function, that for switched users switches them back to their original user account instead of logging out:
public function getLogout()
{
if ($previousUser = Session::get('previous_user')) {
Session::remove('previous_user');
Auth::loginUsingId($previousUser);
return redirect('some path');
}
Auth::logout();
return redirect('some path');
}
使用这种逻辑,您将能够切换到其他用户并返回.您可能需要添加权限检查,以便只有管理员才能执行此操作等,将列表中的客户链接到切换URL,无论如何,功能的核心在上面的代码中.
With that logic you'll be able to switch to other users and back. You might need to add permission checking, so that only admins can do that etc., link the customers in the list to the switch URL, anyway the core of the functionality is there in the code above.
这篇关于允许管理员用户查看其他用户类型可以查看/执行的操作吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
