From the course: Building Laravel and Vue.js 2 Web Apps

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Protecting routes and models with policies

Protecting routes and models with policies

From the course: Building Laravel and Vue.js 2 Web Apps

Start my 1-month free trial

Protecting routes and models with policies

- [Instructor] For permissions that need to go beyond simply requiring authentication or email verification, we can create what are known in Laraval as policies. In this video, I'll create a policy for actions on the category model, and we can do that with Artisan of course. So artisan make:policy. We'll give it a name like CategoryPolicy, and then using the model option, we can specify the model class name for the model that we want to define these permissions for. So now we can open that up in app policies, category policy, and we can add logic for all of these different actions, and return either true or false for the current user to indicate whether or not they're allowed to perform the given operation. By itself, this won't have any effect because it will need to add code that checks this policy in a controller, or a route, or even in a Blade template. For our purposes, all we really care about is whether or not the user is an admin, but it's nice to have all these methods ready…

Contents