9

Am using zizaco entruest rbac and these are my web routes causing error

Route::group(['prefix' => 'user-management', 'middleware' => ['permission:admin']], function() {

    Route::get('/users', function(){
        return "sds";
    });

});

When i try navigating to

http://localhost:8000/user-management/users

am getting an error

Symfony \ Component \ HttpKernel \ Exception \ HttpException
No message

Where could i be wrong

I have commented all other routes and found this to be the culprit

I have setup my rbac as explained

https://github.com/Zizaco/entrust
Improve this question
13
  • Try it without middleware. Commented Sep 21, 2017 at 18:07
  • without middleware it works am adding the middleware as explained github.com/Zizaco/entrust Commented Sep 21, 2017 at 18:10
  • Did you add 'role' => \Zizaco\Entrust\Middleware\EntrustRole::class, 'permission' => \Zizaco\Entrust\Middleware\EntrustPermission::class, 'ability' => \Zizaco\Entrust\Middleware\EntrustAbility::class, to routeMiddleware array in app/Http/Kernel.php? Commented Sep 21, 2017 at 18:15
  • yes already added and even restarted artisan Commented Sep 21, 2017 at 18:19
  • Personally, I prefer to use github.com/DynamicCodeNinja/RBAC instead of Zizaco to handle Role Base Access Control. It has the same functionalities and no bugs at all. Commented Sep 21, 2017 at 18:22

5 Answers 5

Reset to default
8

You should create a 403.blade.php template view under resources/views/errors directory.
Your application's exception handler do not find the exception status code associated view, so it return the exception directly.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

thats an amazing idea il try and let you know
nopw all errors are caught by the blade, but doesnt solve the actual problem of the error caused by the middleware, Thanks for the insight though helped in another area
5
+50

You need to put auth middleware as well as it checks permission for an auth user within permission middleware. You can fix it by just putting auth middleware and then try logging in, now you can navigate to users url.

 Route::group(['prefix' => 'user-management', 'middleware' => ['auth', 'permission:admin']], function() {

    Route::get('/users', function(){
       return "sds";
    });

 });
Improve this answer

1 Comment

Thanks i see where i was going wrng i was using the permission even for unauthenticated users doing it this way solved the problem
0

To help you with this we need more information.

  • Is this the only route in your application?
  • Did you authenticate the user before trying to access /user-manag... ?
  • What's inside your app/Http/Kernel.php file? Did you add permission middleware?

Not sure what kind of http code are you receiving (is it a 403? or a 500?).

Things you can do that might help:

  1. Enable debug mode (change your .env (or config/app.php) DEBUG to "true")
  2. Check your laravel.log file (storage/logs/laravel.log)
  3. Install laravel-debugbar. This package can give you better insight about what's happening in your app. https://github.com/barryvdh/laravel-debugbar
Improve this answer

1 Comment

there are other routes, but when troubleshooting the problem i did comment on all others and left this one which brings the error
0

I've looked up the middleware. It says the following:

if ($this->auth->guest() || !$request->user()->can($permissions)) {
    abort(403);
}

This means that it crashes without a message if you aren't authenticated or you cannot do something because you don't have permission.

You could try to dd() something in here before the abort. Just to see if it reaches this. If it does check this page in the Laravel documentation about abort() and custom error pages: https://laravel.com/docs/5.5/errors#http-exceptions

Improve this answer

Comments

0

apparently your code looks fine. I guess you are having some problem in your middleware its not allowing you to pass through. you have used permission:admin so i guess you should log in as admin and then it will be working fine.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.