Laravel Controller function to return view based on user permission
up vote
0
down vote
favorite
I have one route that switches the routes based on the permission the user has. Here is a little example:
public function show(Company $company)
{
if(auth()->user()->hasPermission('read-companies')) {
return view('portal.company.showAdmin', compact('company'));
} elseif (auth()->user()->hasPermission('read-company') && auth()->user()->companies->contains($company)) {
return view('portal.company.showEntrepreneur', compact('company'));
} elseif(auth()->user()->hasPermission('read-companies_v') && $company->visible()) {
return view('portal.company.showTrainee', compact('company'));
} else {
abort('403');
}
}
This basicly returns to 3 views based on the permissions of the user. A lot of my controller functions look like this. Now my question: Is this "One controller/route for multiple actions" approach a bad Idea? What if I want to add a role to the auth()->user()->companies->contains($company) many to many relationship? I would need to add all my controller functions. Is it better to have a function on the user model like IsAbleToShowOnCompany($company)? But than I would have houndreads of functions like that, because, e.g., Companys can create pokes, and I would need to check if the role of the many to many relation to company would allow that.
Do you have any refactor Ideas?
I've heard about service and repository classes, but how can I refactor this into a servivce?
php laravel controller authorization
edited 2 days ago
200_success
127k15148412
asked 2 days ago
KuebelElch15
1063
add a comment |
up vote
0
down vote
favorite
I have one route that switches the routes based on the permission the user has. Here is a little example:
public function show(Company $company)
{
if(auth()->user()->hasPermission('read-companies')) {
return view('portal.company.showAdmin', compact('company'));
} elseif (auth()->user()->hasPermission('read-company') && auth()->user()->companies->contains($company)) {
return view('portal.company.showEntrepreneur', compact('company'));
} elseif(auth()->user()->hasPermission('read-companies_v') && $company->visible()) {
return view('portal.company.showTrainee', compact('company'));
} else {
abort('403');
}
}
This basicly returns to 3 views based on the permissions of the user. A lot of my controller functions look like this. Now my question: Is this "One controller/route for multiple actions" approach a bad Idea? What if I want to add a role to the auth()->user()->companies->contains($company) many to many relationship? I would need to add all my controller functions. Is it better to have a function on the user model like IsAbleToShowOnCompany($company)? But than I would have houndreads of functions like that, because, e.g., Companys can create pokes, and I would need to check if the role of the many to many relation to company would allow that.
Do you have any refactor Ideas?
I've heard about service and repository classes, but how can I refactor this into a servivce?
php laravel controller authorization
edited 2 days ago
200_success
127k15148412
asked 2 days ago
KuebelElch15
1063
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have one route that switches the routes based on the permission the user has. Here is a little example:
public function show(Company $company)
{
if(auth()->user()->hasPermission('read-companies')) {
return view('portal.company.showAdmin', compact('company'));
} elseif (auth()->user()->hasPermission('read-company') && auth()->user()->companies->contains($company)) {
return view('portal.company.showEntrepreneur', compact('company'));
} elseif(auth()->user()->hasPermission('read-companies_v') && $company->visible()) {
return view('portal.company.showTrainee', compact('company'));
} else {
abort('403');
}
}
This basicly returns to 3 views based on the permissions of the user. A lot of my controller functions look like this. Now my question: Is this "One controller/route for multiple actions" approach a bad Idea? What if I want to add a role to the auth()->user()->companies->contains($company) many to many relationship? I would need to add all my controller functions. Is it better to have a function on the user model like IsAbleToShowOnCompany($company)? But than I would have houndreads of functions like that, because, e.g., Companys can create pokes, and I would need to check if the role of the many to many relation to company would allow that.
Do you have any refactor Ideas?
I've heard about service and repository classes, but how can I refactor this into a servivce?
php laravel controller authorization
edited 2 days ago
200_success
127k15148412
asked 2 days ago
KuebelElch15
1063
I have one route that switches the routes based on the permission the user has. Here is a little example:
public function show(Company $company)
{
if(auth()->user()->hasPermission('read-companies')) {
return view('portal.company.showAdmin', compact('company'));
} elseif (auth()->user()->hasPermission('read-company') && auth()->user()->companies->contains($company)) {
return view('portal.company.showEntrepreneur', compact('company'));
} elseif(auth()->user()->hasPermission('read-companies_v') && $company->visible()) {
return view('portal.company.showTrainee', compact('company'));
} else {
abort('403');
}
}
This basicly returns to 3 views based on the permissions of the user. A lot of my controller functions look like this. Now my question: Is this "One controller/route for multiple actions" approach a bad Idea? What if I want to add a role to the auth()->user()->companies->contains($company) many to many relationship? I would need to add all my controller functions. Is it better to have a function on the user model like IsAbleToShowOnCompany($company)? But than I would have houndreads of functions like that, because, e.g., Companys can create pokes, and I would need to check if the role of the many to many relation to company would allow that.
Do you have any refactor Ideas?
I've heard about service and repository classes, but how can I refactor this into a servivce?
php laravel controller authorization
php laravel controller authorization
edited 2 days ago
200_success
127k15148412
asked 2 days ago
KuebelElch15
1063
edited 2 days ago
200_success
127k15148412
asked 2 days ago
KuebelElch15
1063
edited 2 days ago
200_success
127k15148412
edited 2 days ago
200_success
127k15148412
edited 2 days ago
200_success
127k15148412
127k15148412
asked 2 days ago
KuebelElch15
1063
asked 2 days ago
KuebelElch15
1063
asked 2 days ago
KuebelElch15
1063
1063
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Code Review Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f208783%2flaravel-controller-function-to-return-view-based-on-user-permission%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
