Skip to content

Commit

Permalink
Fix missing middleware parameters when using authorizeResource()
Browse files Browse the repository at this point in the history
Previously, the middleware would not be applied to the create and edit methods since calling middleware() overwrites any previous definitions with a matching name.
  • Loading branch information
misenhower committed Aug 2, 2016
1 parent ef392e1 commit 8b55fbd
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 10 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,16 @@ public function authorizeResource($model, $parameter = null, array $options = []
{
$parameter = $parameter ?: strtolower(class_basename($model));

$middleware = [];

foreach ($this->resourceAbilityMap() as $method => $ability) {
$modelName = in_array($method, ['index', 'create', 'store']) ? $model : $parameter;

$this->middleware("can:{$ability},{$modelName}", $options)->only($method);
$middleware["can:{$ability},{$modelName}"][] = $method;
}

foreach ($middleware as $middlewareName => $methods) {
$this->middleware($middlewareName, $options)->only($methods);
}
}

Expand Down
19 changes: 10 additions & 9 deletions tests/Auth/AuthorizesResourcesTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,49 +11,49 @@ public function testIndexMethod()
{
$controller = new AuthorizesResourcesController($this->request('index'));

$this->assertHasMiddleware($controller, 'can:view,App\User');
$this->assertHasMiddleware($controller, 'index', 'can:view,App\User');
}

public function testCreateMethod()
{
$controller = new AuthorizesResourcesController($this->request('create'));

$this->assertHasMiddleware($controller, 'can:create,App\User');
$this->assertHasMiddleware($controller, 'create', 'can:create,App\User');
}

public function testStoreMethod()
{
$controller = new AuthorizesResourcesController($this->request('store'));

$this->assertHasMiddleware($controller, 'can:create,App\User');
$this->assertHasMiddleware($controller, 'store', 'can:create,App\User');
}

public function testShowMethod()
{
$controller = new AuthorizesResourcesController($this->request('show'));

$this->assertHasMiddleware($controller, 'can:view,user');
$this->assertHasMiddleware($controller, 'show', 'can:view,user');
}

public function testEditMethod()
{
$controller = new AuthorizesResourcesController($this->request('edit'));

$this->assertHasMiddleware($controller, 'can:update,user');
$this->assertHasMiddleware($controller, 'edit', 'can:update,user');
}

public function testUpdateMethod()
{
$controller = new AuthorizesResourcesController($this->request('update'));

$this->assertHasMiddleware($controller, 'can:update,user');
$this->assertHasMiddleware($controller, 'update', 'can:update,user');
}

public function testDestroyMethod()
{
$controller = new AuthorizesResourcesController($this->request('destroy'));

$this->assertHasMiddleware($controller, 'can:delete,user');
$this->assertHasMiddleware($controller, 'destroy', 'can:delete,user');
}

/**
Expand All @@ -63,10 +63,11 @@ public function testDestroyMethod()
* @param string $middleware
* @return void
*/
protected function assertHasMiddleware($controller, $middleware)
protected function assertHasMiddleware($controller, $method, $middleware)
{
$this->assertTrue(
in_array($middleware, array_keys($controller->getMiddleware())),
in_array($middleware, array_keys($controller->getMiddleware()))
&& in_array($method, $controller->getMiddleware()[$middleware]['only']),
"The [{$middleware}] middleware was not registered"
);
}
Expand Down

0 comments on commit 8b55fbd

Please sign in to comment.