platform icon indicating copy to clipboard operation
platform copied to clipboard

Published 20 hours ago verified publisher icon orchidsoftware

Policy in screen

Open DarKsandr opened this issue 2 years ago • 3 comments

I wanted to use policy, but I always get 403 THIS ACTION IS UNAUTHORIZED.

Route::screen('/chat/{chat}', ChatScreen::class)
    ->can('view', 'chat')
    ->name('platform.chat');

class ChatPolicy
{
    public function view(User $user, Chat $chat): bool
    {
        return true;
    }
}

But if you use policies in the screen itself, then everything works

class ChatScreen extends Screen
{
    public function query(Chat $chat): iterable
    {
        if($chat->exists){
            $this->authorize('view', $chat);
        }
        ...
    }
...

DarKsandr avatar Aug 07 '23 19:08 DarKsandr

To help you, please submit an issue using a template that includes the version you are using

tabuna avatar Aug 20 '23 00:08 tabuna

  • Platfrom Version: 14.8.0
  • Laravel Version: 10.16.1
  • PHP Version: 8.1

DarKsandr avatar Aug 20 '23 05:08 DarKsandr

I would like to confirm that the usage of the can method always results in a 403 error. This is due to Screen determining which method to call later than the can middleware operates.

I have discovered a hacky way to make it work in this branch: compare/auth_middleware_policy, but I am not satisfied with this solution. I am open to any suggestions or alternatives you may have.

tabuna avatar Aug 28 '23 01:08 tabuna