英文:
How to make the profile user forbid to anyone except the own user?
问题
我有以下路由:
Route::get('@{username}', 'HomePageController@username')->name('user.profile');
该路由允许所有人查看用户的个人资料(包含个人信息和简历等)。在用户注册时,用户必须等待管理员激活他的帐户。
我需要检查用户的帐户是否仍在处理中,如果是,则只为该用户显示上述路由。当帐户激活后,对所有人开放上述路由以查看他的个人资料。
我尝试创建中间件,但不知道如何禁止"访客用户"。
我的错误之处:
public function username($username)
{
$user = User::where('username', '=', $username)->firstOrFail();
if($user->active){
return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
}else{
return redirect('/');
}
}
最佳方案是如何实现类似功能?
谢谢。
英文:
I have route:
Route::get('@{username}', 'HomePageController@username')->name('user.profile');
that route to allow for everyone to see the profile ( contains his info and his cv .. etc ), and in the beginning of register any user user must wait to active his account by the admin
I need to see if account of user still under process show above route just for him. and when the account is active open above route for everyone can see his profile.
I tried to create middleware but don't know how can I forbid the guest user
My wrong shut:
public function username($username)
{
$user = User::where('username' , '=' , $username)->firstOrFail();
if($user->active){
return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
}else{
return redirect('/');
}
}
What the best scenario to do something like that?
thanks.
答案1
得分: 1
如果($user->active || $username == Auth::user()->username){
return view('frontend.user_profile', compact('user', 'projects_last', 'first_project', 'whole_projects'));
}else{
return redirect('/');
}
英文:
if($user->active || $username == Auth::user()->username){
return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
}else{
return redirect('/');
}
答案2
得分: 1
if ($user->active) {
// 所有人都可以看到
} else {
if (Auth::user() && Auth::user()->username == $username) {
// 只有授权用户和本人可以看到
} else {
// 重定向到主页
}
}
英文:
if ($user->active) {
// Everyone can see
} else {
if (Auth::user() && Auth::user()->username == $username) {
// only auth and himself can see
} else {
// redirect to home page
}
}
答案3
得分: 0
你也可以像这样使用它:
if ($username == Auth::user()->username) {
return view('frontend.user_profile', compact('user', 'projects_last', 'first_project', 'whole_projects'));
} else {
return abort(403, '未经授权的操作。');
}
英文:
You can also use it like this
if( $username == Auth::user()->username){
return view('frontend.user_profile',compact('user','projects_last','firs. t_project','whole_projects'));
}else{
return abort(403, 'Unauthorized action.');
}
答案4
得分: 0
public function username($username)
{
$user = User::where(['username' => $username, 'status' => 'active'])->firstOrFail();
if($user && auth()->user()->username == $username){
return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
}else{
return abort(403, 'Unauthorized action.');
}
}
}
英文:
You can try this
public function username($username)
{
$user = User::where(['username' => $username,'status' => 'active'])->firstOrFail();
if($user && auth()->user()->username == $username){
return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
}else{
return abort(403, 'Unauthorized action.');
}
}
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论