F
Filament2y ago
FantonioMotta

Integrating Custom Pages into Laravel Policies

I'm doing a project where I had to use the custom pages functionality, but with these pages I'm not getting the access permissions configured in app/Providers
4 Replies
Patrick Boivin
Patrick Boivin2y ago
I think you can safely do the check in the page's mount() method : 
    public function mount()
    {
        abort_unless(request()->user()->can('view_custom_page'), 403);
    }
    public function mount()
    {
        abort_unless(request()->user()->can('view_custom_page'), 403);
    }
FantonioMotta
FantonioMottaOP2y ago
But is there any way to link Laravel Policy and Providers to perform all security control of pages in one place?
Patrick Boivin
Patrick Boivin2y ago
Possibly... If your custom page requires the same permission as another kind of resource, you could check for that instead (e.g. ->can('view_any_page')) Or using the resource class directly: 
    abort_unless(PageResource::canViewAny(), 403);
    abort_unless(PageResource::canViewAny(), 403);
FantonioMotta
FantonioMottaOP2y ago
Okay, thanks a lot for the support.
Want results from more Discord servers?
Add your server