I'm trying to customize a single view that when the user is logged in, It will show Edit and Delete buttons.
When the user is a guest, Those two buttons are going to be hidden.
I'm trying to use the same controllers and view files. And do the Auth::check() inside the views before every admin-only item.
Also i've added auth filter in all of the Admin routes.
The problem is when i access / without being logged it. It works as expected and hides the admin-only items. When accessing it as an admin it shows the admin-only items.
But when i click Details anchor tag. I get redirected to /login route as i'm trying to access an admin only route. I just want it to hide the admin-only items !
I've tried to type it manually to reach the details page : /17 it gets me details about post with id equals to 17. But when i click this tag it tries to redirects me to /admin/post/list/17. How to manage these redirection based on if i'm an admin or not ?
EDIT: I've deleted unrelated code.
Here's my routes :
<?php
Route::get('login', array('before' => 'guest' , 'as' => 'getLogin', 'uses' => 'UserController@getLogin'));
Route::post('login', array('before' => 'csrf' , 'as' => 'postLogin', 'uses' => 'UserController@postLogin'));
Route::get('make/me/an/admin/account', array( 'as' => 'getSignup', 'uses' => 'UserController@getCreateAdmin'));
Route::post('make/me/an/admin/account', array('before' => 'csrf', 'as' => 'postSignup', 'uses' => 'UserController@postCreateAdmin'));
Route::get('logout', array('before' => 'auth', 'as' => 'getLogout', 'uses' => 'UserController@getLogout'));
Route::group(array( 'before' => 'auth', 'prefix' => 'admin'), function(){
Route::get('/' , function(){
return View::make('admin.main')->with('title', 'Main');
});
Route::group(array('prefix' => 'post',), function(){
Route::get('/', array('as' => 'listAllPosts', 'uses' => "PostController@listPosts"));
Route::get('list', array('as' => 'listAllPosts', 'uses' => "PostController@listPosts"));
Route::get('list/{id}', array('as' => 'listSinglePost', 'uses' => "PostController@showPost"));
Route::post('addcomment/{post_id}', array('as' => 'addComment', 'uses' => 'CommentController@addComment'));
});
});
});
Route::get('/', array('as' => 'listAllPostsGuest', 'uses' => 'PostController@listPosts'));
Route::get('/{id}', array('as' => 'listSinglePostsGuest', 'uses' => 'PostController@showPost'));
The views that i tried to achieve what i talked about :
list.blade.php (Where is the details link that redirects me to login (inside the foreach) ):
@extends('layout.layout')
@section('header')
@stop
@section('content')
@if(Auth::check())
<h2>Main - Admin - Post Main menu</h2>
@else
<h2>Main - Posts</h2>
@endif
@if(Auth::check())
<ul>
<li>{{ link_to_route('getAddPost', 'Add') }}</li>
</ul>
@endif
@if(isset($message))
<p>{{ $message }}</p>
@endif
@if(isset($posts))
<ul>
@foreach($posts as $post)
<li>
<span>{{ $post->body }} - {{ count($post->comments) }} Comment(s)</span>
@if(Auth::check())
{{ Form::open(array('action' => array('PostController@deletePost', $post->id))) }}
{{ Form::submit('delete') }}
{{ Form::close() }}
@endif
{{ link_to_route('PostController@showPost', 'Details', array("id" => $post->id)) }}
</li>
@endforeach
</ul>
@endif
@if(Auth::check())
{{ link_to('admin/', 'Back') }}
@else
{{ link_to('/', 'Back') }}
@endif
@stop
And here's my Controllers :
<?php
class PostController extends BaseController {
public function listPosts(){
$posts = Post::all();
return View::make('admin.post.list')->with('posts' , $posts);
}
public function showPost($id){
if(!is_numeric(trim($id))){
return Redirect::action('PostController@listPosts');
}
$post = Post::find($id);
if(empty($post)){
return Redirect::action('PostController@listPosts');
}
return View::make('admin.post.postdetails')->with('post', $post);
}
}
?>
Every URI that begins with admin/ will have the auth filter run prior to any controller code loading. If your auth filter does any redirects, that's where the issue lies.
I'd recommend really figuring out how your URI structure is going to be set up (having public-facing URIs that start with admin doesn't make much sense). After that, you can set up your routes more efficiently and with less filter conflicts and such.