时间戳

首页 > 解决方案 > 用户的 Laravel 异常

laravel - 用户的 Laravel 异常

问题描述

寻求帮助,我如何为用户例外,如果他不属于调查所属的团队,则看不到调查?因为现在每个人都可以看到所有调查,当更改链接最后一个 ID 号时。也许有人有一些建议我如何制定规则或检查用户 ID,如果存在于调查 ID 属于团队或其他东西的团队中

这是我的控制器:

public function viewSurvey($id)
{
    $object = DB::table('question')->where('survey_id' , '=', $id)->get();

    $date = Survey::where('surveyId' , '=', $id)->get();
    $teams = Auth::user()->teams;

    $members = Survey::where('surveyId' , '=', $id)
        ->join('team','team.teamId', '=', 'survey.teamId')
        ->join('teammembersall','teammembersall.TeamId', '=', 'team.TeamId')
        ->join('users','users.id', '=', 'teammembersall.UserId')
        ->select('users.*')
        ->whereNotExists(function($query){
            $query->select(DB::raw(1))
                ->from('answer')
                ->whereRaw('answer.answerAboutUserId = users.id');
        })
        ->get();

    $questions = DB::table('answer')->get();

    return view('survey_details', ['object' => $object, 'date' => $date, 'teams' => $teams, 'members' => $members, 'questions' => $questions]);
}

这是我的观点:

<html>
<head>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
</head>
<body>
            <div class="container">
                <hr>
                <div class="row">
                    <div class="col-md-2">
                    </div>
                    <div class="col-md-8">
                            <br>
                            <div style="display:none">
                            {{  $dates = date('Y-m-d H:i:s') }}
                            </div>
                                <div class="container-survey-logo">
                                    <img src={{url('/img/survey-banner.jpg')}} width="100%" height="auto" alt=""/>
                                    <div class="text-block-survey-date">
                                        @foreach($date as $dat)
                                        <h4>End date:</h4>
                                        <p>{{ $dat->ended_at}}</p>
                                        @endforeach
                                    </div>
                                </div>
                                <div style="display:none;">
                                    @foreach($questions as $quest)
                                        <p>{{ $quest->answerAboutUserId}}</p>
                                    @endforeach
                                </div>
                                @if($dat->ended_at > $dates )

                                    <div class="survey-theme">
                                        @foreach($members as $memb)
                                            @if($memb->id != Auth::user()->id)
                                            <form action="/confirmSurveyAnswers" method="post">
                                                {{csrf_field()}}
                                                <br>
                                                <div class="well well-lg">
                                                <h5>
                                                    Questions about member:
                                                    <h2><input style="border:none;background:none" name="surveyName" value="{{ $memb->name}}" readonly></h2>
                                                   <input style="border:none;background:none;display:none" name="surveyUserDataId" value="{{ $memb->id}}" readonly>
                                                 </h5>
                                                <br>
                                                @foreach($object as $object_each)
                                                                <input style="font-size:20px;" type="text" class="form-control" id="exampleInputAnswer" name="questionName[{{$object_each->id}}]" value="{!! $object_each->name !!}" readonly>
                                                        <div class="survey-questions">
                                                            <label class="radio-inline-text">
                                                                Not agree -
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="1" name="QuestionsAnswers[{{$object_each->id}}]" >1
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="2" name="QuestionsAnswers[{{$object_each->id}}]" >2
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="3" name="QuestionsAnswers[{{$object_each->id}}]" >3
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="4" name="QuestionsAnswers[{{$object_each->id}}]" >4
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="5" name="QuestionsAnswers[{{$object_each->id}}]" >5
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="6" name="QuestionsAnswers[{{$object_each->id}}]" >6
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="7" name="QuestionsAnswers[{{$object_each->id}}]" >7
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="8" name="QuestionsAnswers[{{$object_each->id}}]" >8
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="9" name="QuestionsAnswers[{{$object_each->id}}]" >9
                                                            </label>
                                                            <label class="radio-inline">
                                                                <input type="checkbox" value="10" name="QuestionsAnswers[{{$object_each->id}}]" >10
                                                            </label>
                                                            <label class="radio-inline-text">
                                                                &nbsp;&nbsp; - Fully agree
                                                            </label>
                                                        </div>
                                                @endforeach
                                                    <div class="im-done-button">
                                                        <button type="submit" class="btn btn-primary">I'm Done</button>
                                                    </div>
                                                </div>
                                                @endif
                                            </form>
                                            @endforeach
                                                <Br>
                                                @include('layouts.errors')

                                    </div>

                                     @else <h1>This survey ended</h1>  @endif
                    </div>
                    <div class="col-md-2">
                    </div>
                </div>
                <hr>
            </div>

</body>
</html>

标签: laravelexceptionlockingrules

解决方案

您可以为此使用不同的替代方案:

  1. Laravel 策略和盖茨根据经过身份验证的用户生成不同类型的视图授权,您可以在此处搜索更多信息:https ://laravel.com/docs/5.6/authorization

  2. 使用第三方包来处理权限、角色,例如https://cartalyst.com/manual/sentinel/2.0https://github.com/spatie/laravel-permission

推荐阅读