Laravel - Authorization - Authorizing Resource Controllers
If you are utilizing resource controllers, you may make use of the authorizeResource
method in your controller's constructor. This method will attach the appropriate can
middleware definitions to the resource controller's methods.
The authorizeResource
method accepts the model's class name as its first argument, and the name of the route / request parameter that will contain the model's ID as its second argument. You should ensure your resource controller is created using the --model
flag so that it has the required method signatures and type hints:
authorizeResource(Post::class, 'post');
}
}
The following controller methods will be mapped to their corresponding policy method. When requests are routed to the given controller method, the corresponding policy method will automatically be invoked before the controller method is executed:
You may use themake:policy
command with the--model
option to quickly generate a policy class for a given model:php artisan make:policy PostPolicy --model=Post
.