Laravel Authorization using Policies

0
votes

So I need help learning how to create policies to do authorization. I understands Gates pretty well, and they work for me, but when I create a policy, it doesn't work.

Here is the code that I'm using. I think the issue that Im having is trying to find out where do you put the check for authorization for a given model function?

public function update(User $user, Message $message)
{
   return true;
}

Here I'm just toggling the test to either true or false, just to see how things work. But when I do this in the Message controller:

if ($user->can('update', $message)) {
    return 'You can update this post';
}

It doesn't work. I also ran across another approach to checking authorization in the controller using $this->authorize('update', $message); But that didn't work either.

Thank you.

1
laravellaravel-authorization
Did you register your Policy class in your AuthServiceProvider?Doom5
@Domm5 Yes I did 'App\Message' => 'App\Policies\MessagePolicy',Kaley36

1 Answers

1
votes

So I got the system to run after sleeting on it. I changed many things, and got stuck in so many places that I didn't know exactly what I did. But it seems that the biggest difference was changing how I registered the policies. In the policies array in the AuthServiceProvider has, apparently an example that is written in during format. Even though the documentation show the registering of the model and policy in the format of ::class at the end, I used the String format. I guess this was my issue.also, I had to pass in an actual instance of a message to the authorize method, instead of using Message::class, approach.