編集履歴

質問編集履歴

コードを編集しました。

2019/12/26 13:52

投稿

GO999

スコア5

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -266,7 +266,7 @@
 use App\Post;
+use App\Http\Controllers\Controller;
 class PostsController extends Controller
@@ -290,8 +290,6 @@
       $posts = Post::with(['comments'])->orderBy('created_at', 'desc')->paginate(10);
       return view('posts.bbs',['posts'=>$posts]);
     }
@@ -322,7 +320,9 @@
+        auth()->user()->posts()->create($params);
-    Post::create($params);
+        //Post::create($params);
@@ -354,6 +354,8 @@
     {
       $post=Post::findOrFail($post_id);
       $this->authorize('edit', $post);
@@ -382,10 +384,10 @@
     $post=Post::findOrFail($post_id);
+    $this->authorize('update', $post);
     $post->fill($params)->save();
-    $this->authorize('update', $post);
     return redirect()->route('posts.show',['post'=>$post]);
     }
@@ -420,6 +422,8 @@
     }
 ```
 database/migrations/posts_table.php

コード修正しました。

2019/12/26 13:52

投稿

GO999

スコア5

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -116,7 +116,7 @@
 namespace App\Policies;
+use App\Post;
 use App\User;
@@ -128,7 +128,7 @@
 {
-  //  use HandlesAuthorization;
+    use HandlesAuthorization;
@@ -142,41 +142,45 @@
      */
-    //public function __construct()
+    public function __construct()
-    //{
+    {
         //
-    //}
+    }
     public function edit(User $user, Post $post)
-      {
+     {
-          return $user->id === $post->user_id;
+         return $user->id === $post->user_id;
-      }
+     }
-    public function update(User $user, Post $post)
+   public function update(User $user, Post $post)
-      {
+     {
-          return $user->id === $post->user_id;
+         return $user->id === $post->user_id;
-      }
+     }
+}
 ```
+App/Http/Policies/UserPolicy.php
 ```PHP
@@ -184,6 +188,76 @@
+namespace App\Policies;
+use App\Post;
+use App\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+class UserPolicy
+{
+    use HandlesAuthorization;
+    /**
+     * Create a new policy instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+    public function edit(User $user, User $model)
+   {
+       return $user->id == $model->id;
+   }
+    public function update(User $user, User $model)
+     {
+         return $user->id == $model->id;
+     }
+}
+```
+App/Http/Controllers/PostsController.php
+```PHP
+<?php
 namespace App\Http\Controllers;
@@ -310,7 +384,7 @@
     $post->fill($params)->save();
-    $this->authorize('edit', $post);
+    $this->authorize('update', $post);
     return redirect()->route('posts.show',['post'=>$post]);
@@ -348,7 +422,7 @@
 ```
-App/Http/Controllers/PostsController.php
+database/migrations/posts_table.php
 ```PHP
@@ -356,171 +430,77 @@
-namespace App\Http\Controllers;
-use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Schema;
-use App\Post;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
-class PostsController extends Controller
+class CreatePostsTable extends Migration
 {
-    public function index()
-    {
-      return view('posts.top');
-    }
-    public function bbs()
-    {
-      $posts = Post::with(['comments'])->orderBy('created_at', 'desc')->paginate(10);
-      return view('posts.bbs',['posts'=>$posts]);
-    }
-    public function create()
-    {
-    return view('posts.create');
-    }
-    public function store(Request $request)
-    {
-    $params = $request->validate([
-        'title' => 'required|max:50',
-        'body' => 'required|max:2000',
-    ]);
-    Post::create($params);
-    return redirect()->route('bbsTop');
-    }
-    public function show($post_id)
-    {
-      $post=Post::findOrFail($post_id);
-      return view('posts.show',[
-        'post'=>$post,
-      ]);
-    }
-    public function edit($post_id)
-    {
-      $post=Post::findOrFail($post_id);
-      $this->authorize('edit', $post);
-      return view('posts.edit', [
-        'post' => $post,
-    ]);
-    }
-    public function update($post_id,Request $request)
-    {
-      $params=$request->validate([
-    'title'=>'required|max:50',
-    'body'=>'required|max:2000',
-    ]);
-    $post=Post::findOrFail($post_id);
-    $post->fill($params)->save();
-    $this->authorize('update', $post);
-    return redirect()->route('posts.show',['post'=>$post]);
-    }
-    public function destroy($post_id)
-    {
-      $post=Post::findOrFail($post_id);
-      \DB::transaction(function() use ($post){
-    $post->comments()->delete();
-    $post->delete();
-    });
-    return redirect()->route('bbsTop');
-    }
-    }
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('posts', function (Blueprint $table) {
+            $table->increments('id');
+            $table->unsignedInteger('user_id');
+            $table->string('title',50);
+            $table->text('body');
+            $table->timestamps();
+            $table->foreign('user_id')->references('id')->on('users');
+        });
+    }
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('posts');
+    }
+}
 ```
-database/migrations/posts_table.php
+database/migrations/users_table.php
 ```PHP
@@ -536,7 +516,7 @@
-class CreatePostsTable extends Migration
+class CreateUsersTable extends Migration
 {
@@ -554,22 +534,22 @@
     {
-        Schema::create('posts', function (Blueprint $table) {
+        Schema::create('users', function (Blueprint $table) {
-            $table->increments('id');
+            $table->bigIncrements('id');
-            $table->unsignedInteger('user_id');
-            $table->string('title',50);
+            $table->string('name');
+            $table->string('email')->unique();
+            $table->timestamp('email_verified_at')->nullable();
-            $table->text('body');
+            $table->string('password');
+            $table->rememberToken();
             $table->timestamps();
-            $table->foreign('user_id')->references('id')->on('users');
         });
     }
@@ -590,7 +570,7 @@
     {
-        Schema::dropIfExists('posts');
+        Schema::dropIfExists('users');
     }
@@ -598,7 +578,7 @@
 ```
-database/migrations/users_table.php
+App/Http/Providers/Post.php
 ```PHP
@@ -606,77 +586,55 @@
-use Illuminate\Support\Facades\Schema;
+namespace App;
-use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Migrations\Migration;
-class CreateUsersTable extends Migration
+class Post extends Model
 {
-    /**
-     * Run the migrations.
+    protected $fillable = [
-     *
-     * @return void
+        'title',
-     */
+        'body',
+    ];
-    public function up()
+    public function comments()
-    {
+    {
-        Schema::create('users', function (Blueprint $table) {
-            $table->bigIncrements('id');
-            $table->string('name');
-            $table->string('email')->unique();
-            $table->timestamp('email_verified_at')->nullable();
-            $table->string('password');
+        return $this->hasMany('App\Comment');
-            $table->rememberToken();
-            $table->timestamps();
-        });
-    }
+    }
-    /**
-     * Reverse the migrations.
-     *
-     * @return void
-     */
-    public function down()
+    public function user()
-    {
+  {
-        Schema::dropIfExists('users');
+      return $this->belongsTo('App\User');
-    }
+  }
 }
 ```
-App/Http/Providers/Post.php
+App/Http/Providers/User.php
 ```PHP
@@ -688,150 +646,94 @@
-use Illuminate\Database\Eloquent\Model;
+use Illuminate\Notifications\Notifiable;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Foundation\Auth\User as Authenticatable;
-class Post extends Model
+class User extends Authenticatable
 {
+    use Notifiable;
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var array
+     */
     protected $fillable = [
-        'title',
+        'name', 'email', 'password',
-        'body',
     ];
+    /**
+     * The attributes that should be hidden for arrays.
+     *
+     * @var array
+     */
-    public function comments()
+    protected $hidden = [
-    {
-        return $this->hasMany('App\Comment');
+        'password', 'remember_token',
+    ];
+    /**
+     * The attributes that should be cast to native types.
-    }
+     *
+     * @var array
+     */
+    protected $casts = [
+        'email_verified_at' => 'datetime',
+    ];
-    public function user()
+    public function posts()
   {
-      return $this->belongsTo('App\User');
+      return $this->hasMany('App\Post');
   }
 }
 ```
-App/Http/Providers/User.php
-```PHP
-<?php
-namespace App;
-use Illuminate\Notifications\Notifiable;
-use Illuminate\Contracts\Auth\MustVerifyEmail;
-use Illuminate\Foundation\Auth\User as Authenticatable;
-class User extends Authenticatable
-{
-    use Notifiable;
-    /**
-     * The attributes that are mass assignable.
-     *
-     * @var array
-     */
-    protected $fillable = [
-        'name', 'email', 'password',
-    ];
-    /**
-     * The attributes that should be hidden for arrays.
-     *
-     * @var array
-     */
-    protected $hidden = [
-        'password', 'remember_token',
-    ];
-    /**
-     * The attributes that should be cast to native types.
-     *
-     * @var array
-     */
-    protected $casts = [
-        'email_verified_at' => 'datetime',
-    ];
-    public function posts()
-  {
-      return $this->hasMany('App\Post');
-  }
-}
-```
 ### 試したこと

コードを修正しました。

2019/12/22 09:55

投稿

GO999

スコア5

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -36,7 +36,13 @@
+use App\Post;
+use App\Policies\PostPolicy;
+use App\User;
+use App\Policies\UserPolicy;
 use Illuminate\Support\Facades\Gate;
@@ -96,6 +102,8 @@
 }
 ```
 App/Http/Policies/PostPolicy.php
@@ -474,7 +482,7 @@
     $post->fill($params)->save();
-    $this->authorize('edit', $post);
+    $this->authorize('update', $post);
     return redirect()->route('posts.show',['post'=>$post]);

参考サイトを追加しました。

2019/12/22 03:26

投稿

GO999

スコア5

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -830,7 +830,11 @@
 参照サイトを参考にポリシーの作成・登録、ルールの記述、コントローラに認可を追加しました。何度やっても上手くいかなかったので、Post.php,User.phpと、テーブルも確認し記述し直しましたが、投稿者IDとユーザーIDを合致させて認可することができませんでした。
+参照サイト：https://readouble.com/laravel/5.7/ja/authorization.html#writing-policies
+　　　　　https://qiita.com/sutara79/items/11d8417a6fc91ca1b841
+　　　　　https://tech.windii.jp/backend/laravel/authorization-basic
 ### 補足情報（FW/ツールのバージョンなど）