Comments (6)
The canAny()
method comes from the Illuminate\Foundation\Auth\Access\Authorizable
trait provided by Laravel.
The Permission
middleware uses it so that its results are the same as if you had called canAny()
directly.
Aside: You don't need to include the HasPermissions
trait when you're already including the HasRoles
trait, because HasRoles includes HasPermissions automatically.
from laravel-permission.
class User extends Model implements AuthenticatableContract, AuthorizableContract, JWTSubject
You didn't post your complete User model.
Specifically: you didn't post the code that shows what namespace it is declared in, to be sure it matches the error message and therefore isn't hitting some other part of your code.
You also didn't post the imported use
classes that show what the AuthorizableContract
is an alias of.
from laravel-permission.
class User extends Model implements AuthenticatableContract, AuthorizableContract, JWTSubject
You didn't post your complete User model. Specifically: you didn't post the code that shows what namespace it is declared in, to be sure it matches the error message and therefore isn't hitting some other part of your code. You also didn't post the imported
use
classes that show what theAuthorizableContract
is an alias of.
The code for the User model is as follows:
<?php
namespace App\Models;
use Illuminate\Auth\Authenticatable;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Laravel\Lumen\Auth\Authorizable;
use Spatie\Permission\Traits\HasRoles;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Model implements AuthenticatableContract, AuthorizableContract, JWTSubject
{
use Authenticatable, Authorizable, HasFactory, HasRoles;
/**
* The attributes that are mass assignable.
*
* @var string[]
*/
protected $fillable = [
'name',
'username',
'password',
];
/**
* The attributes excluded from the model's JSON form.
*
* @var string[]
*/
protected $hidden = [
'password',
];
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier()
{
return $this->getKey();
}
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims()
{
return [];
}
}
Note that in the above model, I have attempted to remove the HasPermissions
trait, but the result remains the same (error: Call to undefined method App\Models\User::canAny()).
from laravel-permission.
your code:
use Illuminate\Auth\Authenticatable;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Laravel\Lumen\Auth\Authorizable;
use Spatie\Permission\Traits\HasRoles;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Model implements AuthenticatableContract, AuthorizableContract, JWTSubject
{
use Authenticatable, Authorizable, HasFactory, HasRoles;
Note that because of your imports at the top of the class, your use Authenticatable, Authorizable, HasFactory, HasRoles;
line is using the Laravel\Lumen\Auth\Authorizable trait instead of Laravel's Illuminate\Foundation\Auth\Access\Authorizable.
Lumen doesn't implement canAny()
, which is why your canAny()
error is appearing.
You will either need to use Laravel's Authorizable
trait, or re-implement the missing methods in your User model.
The docs have been updated to include a note about this.
from laravel-permission.
your code:
use Illuminate\Auth\Authenticatable;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Laravel\Lumen\Auth\Authorizable;
use Spatie\Permission\Traits\HasRoles;
use Tymon\JWTAuth\Contracts\JWTSubject;class User extends Model implements AuthenticatableContract, AuthorizableContract, JWTSubject { use Authenticatable, Authorizable, HasFactory, HasRoles;
Note that because of your imports at the top of the class, your
use Authenticatable, Authorizable, HasFactory, HasRoles;
line is using the Laravel\Lumen\Auth\Authorizable trait instead of Laravel's Illuminate\Foundation\Auth\Access\Authorizable. Lumen doesn't implementcanAny()
, which is why yourcanAny()
error is appearing.You will either need to use Laravel's
Authorizable
trait, or re-implement the missing methods in your User model.The docs have been updated to include a note about this.
I attempted to implement some missing methods from Illuminate\Foundation\Auth\Access\Authorizable, but it resulted in another issue, such as:
"Spatie\Permission\PermissionServiceProvider::Spatie\Permission{closure}(): Argument #2 ($app) must be of type Illuminate\Contracts\Foundation\Application, Laravel\Lumen\Application given, called in C:\laragon\www\api-blog\vendor\illuminate\container\Container.php on line 1302"
As an alternative, I tried creating or copying a new middleware from Spatie\Permission\Middleware\PermissionMiddleware::class with code modifications:
class PermissionMiddleware
{
public function handle($request, Closure $next, $permission, $guard = null)
{
//.. other code parts
if (!$user->canAny($permissions)) {
throw UnauthorizedException::forPermissions($permissions);
}
return $next($request);
}
//.. other code parts
}
Changed to:
class PermissionMiddleware
{
public function handle($request, Closure $next, $permission, $guard = null)
{
//.. other code parts
if (!$user->hasAnyPermission($permissions)) {
throw UnauthorizedException::forPermissions($permissions);
}
return $next($request);
}
//.. other code parts
}
The above code works well and meets my expectations for the time being.
from laravel-permission.
Yes, that was going to be my next suggestion: clone the middleware from this package and replace canAny
with hasAnyPermission
.
Seems like the best solution.
from laravel-permission.
Related Issues (20)
- team_id doesn't have a default value HOT 5
- assignRole and syncRoles fail for model with ulid type id HOT 2
- Documentation for v6/main unaccessible at spatie.be HOT 4
- Wrong octane event listener HOT 2
- Too much Role-Models loaded HOT 3
- Enums shouldn't be casted in the model HOT 8
- assignRole > getModel() > null
- Timestamps in migration for sql server HOT 4
- Target class [Spatie\Permission\Middlewares\PermissionMiddleware] does not exist. HOT 2
- DOCS - Side menu dissapeared HOT 4
- Problem upgrading with existing data permissions/roles HOT 1
- Cannot save the user model twice in the same request HOT 10
- withoutPermission scope from HasPermissions returns users from outside the team HOT 2
- Laravel 11 compatibility issues HOT 4
- Problem with middleware definition method in the controller in Laravel 11
- Problem with denied access using the middleware aliases role, permission, and role_or_permission in Spatie Permission version 6 and higher. HOT 1
- Problem when trying to migrate laravel-permission migrations HOT 2
- Docs are not uptodate with current implementation HOT 9
- Diffs are not properly displayed in generated docs HOT 4
- Bug @can OR $user->can OR $user->hasAnyPermission($permission) HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from laravel-permission.