Please create a project, where we can define row-level restrictions (each record level ) and inside each record field level restriction. Very helpful for large applications.
Hello Povilas. Thank you for the useful lessons. I have one question. What about the viewAny method? I understand that I need to pass a model that is tied to a policy. But in the viewAny method this model is not transmitted. Have a nice day!
Thank you for your answer. I understand that this is permission to display a list of models. I meant how to use this permission. I've already figured it out. You need to pass the class of the associated model to can $user->can(''viewAny", Model::class). Instead of a specific instance of the object
but how do i deal with views ? showing edit button to post owner and admin for example not anyone else ? and what is the difference between policies and gates?
Please create a project, where we can define row-level restrictions (each record level ) and inside each record field level restriction. Very helpful for large applications.
Row level is usually done with global scopes, in my experience. Field level I haven't done much, personally.
Very useful content
Hello Povilas. Thank you for the useful lessons. I have one question. What about the viewAny method? I understand that I need to pass a model that is tied to a policy. But in the viewAny method this model is not transmitted. Have a nice day!
Thank you for your answer. I understand that this is permission to display a list of models. I meant how to use this permission. I've already figured it out. You need to pass the class of the associated model to can $user->can(''viewAny", Model::class). Instead of a specific instance of the object
but how do i deal with views ? showing edit button to post owner and admin for example not anyone else ? and what is the difference between policies and gates?
You can use the blade directives for policies.
@can('edit', [$post])
Edit
@endcan
There is also the inverse: @cannot / @endcannot
You can wrap the button with:
@can('edit', [$post])
button
@endcan
A policy is a class of multiple gates and a gate is a standalone authorization. You should prefer policies
In short, Policy is a set of Gates around one Eloquent Model.
If Gate::before() returns true when using can(), how can I make cannot() return false or continue checking other policy methods?
could you please revisit your old videos? maybe there are some things we could improve🙂thank you!
Which ones do you mean exactly? Yes I'm constantly talking about old topics but with new examples.
@@LaravelDaily Yes like old topics with new examples, sorry for my English :)