0

I want to make sure this two is connecting with a variable. Which the variable determine during login: ROLE. The user will only can view information who work under them only.

LoginController.php

protected function authenticated($request, $user)
{ 
    if($user->role == 'workers') {

       $this->redirectTo = ('/home');
    } else if($user->role == 'manager') {

       $this->redirectTo = ('/welcome');
    } else {//($user->role = 'admin')

      $this->redirectTo = ('/dashboard');
    }

    return redirect()->intended($this->redirectPath());
}

AttendanceController.php

class AttendanceViewController extends Controller
{
    protected function index()
    {
       $attendance1 = DB::select('select * from attendance where line_num = "$role"');

       return view('attendanceview',['attendance1'=>$attendance1]);
    }
}

I have tried the suggestion from our friends: Session & Authorization it seems to work but it does not appear the information that I want in the AttendanceController.

Improve this question
6
  • 2
    You really should use authorization techniques, like policies, not global variables Commented Nov 30, 2018 at 3:25
  • Maybe i misinterpret my question. Now i have no problem when login to redirect to the intended page. Problem i'm facing here is on each view.blade, it only appear data related. Example: Table1: Users->role->chicken, Table2: Class->Dancetype->chicken, goat, cow. So when i login as Chicken, i only can view Dancetype-> chicken Commented Nov 30, 2018 at 3:29
  • Read the authorization docs like Chris suggested. There's no reason for globals here. Commented Nov 30, 2018 at 3:30
  • I'm a tad bias, because its my answer - but you should really read my answer... Using globals in situations like this is asking for trouble Commented Nov 30, 2018 at 4:06
  • Will try to understand on the usage of authorization. I'll update later Commented Nov 30, 2018 at 5:43

3 Answers 3

Reset to default
1

This requirement wouldn't request "global" variables.

In any controller, you will have access to the user via the Auth facade: 

public function index() 
{
  if (Auth::check()) {
    // The user is logged in...
    if(Auth::user()->role === 'something') {
      // Do something when x role
    }
  }
}

Note, this is a very primitive example - most likely you want to read through the authorization documentation (https://laravel.com/docs/5.7/authorization) which provides more robust approach to authorization (not authentication) than simple if checks.

The point of the above snippet is more about showing that you don't need to have globals to do what you need to do.

If you absolutely need to use globals (please don't - you really don't need to), you still have access to all normal PHP approaches, such as:

$GLOBALS['variable'] = 'foo';
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Maybe i misinterpret my question. Now i have no problem when login to redirect to the intended page. Problem i'm facing here is on each view.blade, it only appear data related. Example: Table1: Users->role->chicken, Table2: Class->Dancetype->chicken, goat, cow. So when i login as Chicken, i only can view Dancetype-> chicken.
@A.nia Chris is correct. and authorization != authentication. authorization is when you allow/deny access to a certain resource based on his/her role.
0

nia

I would save the information that you need to the session as this will update the information each time they login

This can be done like this:

Session::put('yourUniqueSessionName', 'valuesYouWishToStore');

You can access the session data like this:

if (Session::has('yourUniqueSessionName') ) {

    $data = Session::get('yourUniqueSessionName');

} else {

    $data = (get the data that you want again);

}

This will then allow you to query the Session data and see what you want to allow them to access.

For more info:

https://laravel.com/docs/5.7/session

Hope this helps

Improve this answer

Comments

0

After trying the suggestion by Chris and Josh, I have updated the code:

LoginController.php

protected function authenticated($request, $user)
{

     $user = auth()->user();
     $role=$user->role;
     Session::put('role', $role);


    if($user->role == 'workers') {

        $this->redirectTo = ('/home');
    }  else if($user->role == 'manager') {

        $this->redirectTo = ('/welcome');
    } else { //($user->role = 'admin')

        $this->redirectTo = ('/dashboard');
    }

    return redirect()->intended($this->redirectPath());
}

AttendanceController.php

public function index() {

    $user = auth()->user();
    $position=$user->position;
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.