根据Laravel模型,根据请求过滤用户的访问权限 [英] Filter user's access on request based on Laravel's model
问题描述
我有一张充满Products
的桌子.但是,每个用户只能看到一组产品.这是通过表 users_products_permissions 完成的.每个用户都有一个UsersPermissions
表的实例.在此表中,我设置了要应用于用户的一系列限制,这些限制是说允许用户"参见"的每个产品.这是通过由user_permission_id
和product_id
组成的 only 的弱"(这就是巴西葡萄牙语)来完成的.
I have a table full of Products
. But, for each user is only allowed a group of Products to see. This is done by the table users_products_permissions. Each user has an instance of UsersPermissions
table. In this table I set a range of restrictions to be applied on the user, restrictions to say each product a user is allowed to "see". This is done by a 'weak' (That's how we call in brasilian portuguese) table composed only by user_permission_id
and product_id
.
当然,在重新请求之前,请求者用户将被记录.
By the time of the requesition the requester user will be logged, of course.
问题在于:如何根据限制来过滤用户对产品的访问权限?
如果用户模型可以访问此产品,则无需手动检查每个请购单.一种自动方式,可以说...
Without checking in every requisition, manually, if the user model have access to this product. An automatic way, lets say...
如果需要任何代码,请说出来!
In case any code is needed, just say it!
推荐答案
对于4.2: 使用全局范围定义整个模型的范围.
For 4.2: Use a global scope to scope an entire model.
http://laravel.com/docs/4.2/eloquent#global-scopes 和 http://softonsofa.com/laravel-how定义和使用雄辩的全局范围/
对于4.0: http://www.laravel-tricks.com/tricks/global-scope-模型和 Laravel口才查询生成器的默认条件
<?php
class Product extends Eloquent {
public function newQuery()
{
return parent::newQuery()->where('permission', '=', 1);
}
}
这篇关于根据Laravel模型,根据请求过滤用户的访问权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!