I have 3 user types: admin, teacher, student.
I created a policy manage so that only admins can edit users:
UserController:
$this->authorize('manage', User::class);
UserPolicy:
public function manage($user) {
return $user->type === 'admin';
}
where $user is the currently authenticated user.
I would like to modify my manage policy so that a User can modify his own profile. I have tried:
UserController:
$this->authorize('manage', User::class, $userToEdit);
UserPolicy:
public function manage($user, $userToEdit) {
return $user->type === 'admin' || $user->id === $userToEdit->id;
}
but it doesn't work. Any ideas on how to achieve this?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire