Guys, how can I register a user as an administrator? I tried the default methods of Laravel and nothing worked. When I tried to register a user without being authenticated, everything worked. I understand by default, Laral does not allow users to register, if you are currently logged in. How can this be fixed? PS: I just have a role field in the users table and, depending on this field, users are divided into administrators and ordinary users. But in theory, it is the administrator who needs to regat users.
|
1 answer
By default, Laravel does not support roles. You should add this functionality yourself. Now you as such have no “administrator”, but there is just a logged in user with the name 'admin'. He has the same rights as any other independently registered user.
In theory, you must first create the users , roles , permissions , permission_role , role_user . The last two are for many-to-many connections, so that each role can have multiple users, and each user has several roles. The same for the connection of Access Rights and Roles. I will not show the structure of the tables here, it will be very long.
In the permissions table we store the names of access rights, approximately in the form of user.create , user.remove , user.edit . In the permission_role table we assign permissions to roles. In the table role_user connect the user and roles.
After creating the tables - add links to the User.php models, Permission.php , Role.php .:
/** * File: /app/User.php */ public function roles() { return $this->belongsToMany('App\Role'); } /** * File: /app/Role.php */ public function permissions() { return $this->belongsToMany('App\Permission'); } /** * File: /app/Permission.php */ public function roles() { return $this->belongsToMany('App\Role'); } Now, in the User.php model, User.php will intercept the creation of a new user, check if the user currently logged in has such rights, and allow or prohibit this action:
public function store(Request $request) { foreach(Auth::user->roles as $role) { foreach($role->permissions as $perm) { if ($perm->name === 'user.create') { $flight = new Flight; $flight->name = $request->name; $flight->save(); return TRUE; } } } return FALSE; } But even after this user it is unlikely to create through the registration form of a new user (I can’t check it, I have disabled the possibility of registering users). You will have to create your own views with a registration form, a controller for processing the form data, and an entry in route.php , which will redirect post requests from the form to the controller, and that one will already apply to the User.php model and perform operations on the user.
Something like this. Let them correct me, I myself laravel5 the third day just pick.
toxxxa toxxxa
1,093 five nineteen
- Thanks, of course, for the advice. But, in my opinion, Laravel in parallel which tables I have are responsible for the roles and how it works. According to my scheme, during authorization, the controller processes the data of the user who has logged in and, depending on his role, redirects to a separate view. Therefore, in any case, a regular user does not have access to administrator functionality. It seems to me that in Laravel it will simply not be possible to register another user being authorized (if we are talking about AuthController). Therefore, I will process the form submission in my controller. - newbie
- oneI talked about this, he doesn’t care about the role tables, because he doesn’t know how to play out of the box. during installation, it creates for itself only the
migrations,usersandpassword_resetstable. this is his, dear. The rest to add the most or third-party plug-ins with github. By default, for him there is only the concept of authorized user or not. NativeAuth. For roles, I put the module github.com/Zizaco/entrust and admin set up on administrator.frozennode.com - toxxxa - I think you do not quite understand the procedure for registering a new user by the administrator. this is not done through the register form, the register form is only so that the user can register on the working site independently. and user registration by the admin - through the admin area (self-written or from a github) - toxxxa
|