I write middleare to decide permission. But giving error.
Route page
Route::middleware([Permission::class])->group(function($id){
});
middleware
public function handle(Request $request, Closure $next,$id)
{
$id = $request->id; //$id is returning null
}
Giving this eror
Too few arguments to function App\Http\Middleware\Permission::handle(), 2 passed in /home/saide/Desktop/saide-backoffice/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php on line 167 and exactly 3 expected
I think when you called Middleware you used a square bracket, you have used an array for submitting the parameter to the middleware, use the below code
Route::middleware([Permission::class])->group(function($id){
});
For submitting multiple parameters through middleware use this code:
Route::get('/', function () {
//
})->middleware(['first', 'second']);
For passing single middleware use this:
Route::get('/profile', function () {
//
})->middleware('auth');
Information Source: https://laravel.com/docs/8.x/middleware
The issue is that the middleware is expecting a parameter and you aren't supplying it.
If you want your middleware to have an additional parameter $id, then route should be like this:
Route::middleware([Permission::class.':id_value_goes_here'])->group(function () {
});
If you need the ID to be a dynamic parameter based on a route parameter (e.g. Route::get('/posts/$id', ...)) or something passed to the request, then you should omit the extra parameter from the middleware handle()'s method signature:
public function handle(Request $request, Closure $next)
{
$id = $request->id; // $id will now get correctly set
}
Related
I'm on a task to write a simple CRUD program for a users list, following a similar nestjs example. While GET, POST and GET by id works fine, PUT and DELETE does not work properly. I get 'User does not exist' however user exists in database.
Controller
#Controller('users')
export class UsersController {
constructor(private userService: UsersService) {}
.....
//Update a user's details
#Put('/update')
async updateUser(
#Res() res,
#Query('userid') userID,
#Body() createUserDto: CreateUserDto
) {
const user = await this.userService.updateUser(userID, createUserDto);
if (!user) throw new NotFoundException('User does not exist!');
return res.status(HttpStatus.OK).json({
message: 'User has been successfully updated',
user
})
}
//Delete a user
#ApiParam({ name: 'id' })
#Delete('/delete')
async deleteUser(#Res() res, #Query('userid') userID) {
const user = await this.userService.deleteUser(userID);
if (!user) throw new NotFoundException('Customer does not exist');
return res.status(HttpStatus.OK).json({
message: 'User has been deleted',
user
})
}
Service
// Edit user details
async updateUser(userID, createUserDto: CreateUserDto): Promise<User> {
const updatedUser = await this.userModel
.findByIdAndUpdate(userID, createUserDto, { new: true });
return updatedUser;
}
// Delete a customer
async deleteUser(userID): Promise<any> {
const deletedUser = await this.userModel
.findByIdAndRemove(userID);
return deletedUser;
}
I'm using swagger to perform my tests. I'm passing id as a parameter to find and update user.
Based on your code repository, you aren't using URL Parameters, but rather you are using Query Parameters. The difference in the two is how they are passed to the server and how they are told to the server to listen for them.
Query Parameters
With query parameters, you pass them to your server starting with a ? in the url, and concatenating each one after by using a &. An example could look something like http://localhost:3000?name=Test&id=a26408f3-69eb-4443-8af7-474b896a9e70. Notice that there are two Query parameters, one named name and one named id. In Nest, to get these parameters in your route handler, you would use the #Query() decorator. A sample class could look like
#Controller()
export class AppController {
#Get()
getHello(#Query() query: { name: string, id: string }) {
return `Hello ${name}, your ID is ${id}`;
}
}
Notice how with the url above, the route called is the base route (/), with the query parameters added on.
URL Parameters
URL parameters are a way to dynamically build your routes without needing to specify what each possible URL. This is useful for things like IDs that are dynamically generated. Taking a similar URL as above, the sample URL this time could look like http://localhost:3000/Test/a26408f3-69eb-4443-8af7-474b896a9e70. Notice how this time there is no ? or & and it just looks like a full URL. To specify URL Params in nest, you need to a a colon(:) before the param name in the resource declaration decorator, along with any other part of the path necessary. Then to access the URL Parameters, you need to use the #Param() decorator in the route handler, similar to how you would the #Query() decorator. The class sample for this would be
#Controller()
export class AppController {
#Get(':name/:id')
getHello(#Param() params: { name: string, id: string })
return `Hello ${name}, your ID is ${id}`;
}
}
Problem and Solution
You're currently calling off to http://localhost/users/update/<ID> acting as if you are using URL parameters, but in your route handler you are expecting #Query() to grab the id. Because of this, there is no handler to find /users/update/:id and so you are getting a 404 in return. You can either modify your server to listen for URL Parameters as described above, or you can modify the URL to send the request using Query Parameters instead of URL parameters.
I have this middleware on my app that checks the user role for a route:
public function handle($request, Closure $next, ...$roles)
{
if (in_array($request->user()->rol, $roles)) {
return $next($request);
} else {
return redirect()->action('SecurityController#noAutorizado');
}
}
And I'm triying to make a test for this middleware (phpUnit):
public function testUsuarioLogadoPuedeAccederAPantallaUsuarios()
{
$user = UsuariosTestFixtures::unAsignador();
$this->actingAs($user);
$request = Request::create('/usuarios', 'GET');
$middleware = new CheckRole();
$response = $middleware->handle($request,Closure $next,$user->getRole(), function () {});
$this->assertEquals($response, true);
}
But i'm retreiving this error: Argument 2 passed to App\Http\Middleware\CheckRole::handle() must be an instance of Closure, null given
I don't know how I have to pass the "Closure $next" on the $middleware->handle
I've tryed this:
public function testUsuarioLogadoPuedeAccederAPantallaUsuarios(Closure $next){...}
But It returns an error: Too few arguments to function UsuarioControllerTest::testUsuarioLogadoPuedeAccederAPantallaUsuarios(), 0 passed in C:\www\APPS\catsa\vendor\phpunit\phpunit\src\Framework\TestCase.php
What's the solution?
Thanks a lot!
A Closure in PHP is simply a function, so you need to pass a function as the second argument of your handle method.
In the context of Laravel middleware, the $next function represent the full pipeline of steps that the request goes through.
Obviously you can't (and don't need to) execute this pipeline during a test. What you need is just a function that return some values that your can test in an assertion.
What you can do is something like this:
//... setup code here
$middleware = new CheckRole();
$roles = ['role1', 'role2']; // change this with the desired roles
$result = $middleware->handle($request,function($request) {
return 'success';
},$roles);
$this->assertEquals('success', $result);
So, what is happening here?
If everything goes as planned (the user has the required role), the $next closure is executed and it returns success; on the other hand, if the user doesn't have the required role, the code takes the other path and it returns a RedirectResponse.
Finally, the assertion checks if success is returned, and it reports a failure if that doesn't happen.
I have a problem with my router in Phalcon.
I have an action in my controller which ether takes a date parameter or not.
So when I access an URL: http://example.com/sl/slots/index/2017-06-27
everything works ok.
But when I go to: http://example.com/sl/slots/index
I get the following error:
DateTime::__construct(): Failed to parse time string (sl) at position
0 (s): The timezone could not be found in the database.
So the router actually takes the "sl" in the beginning as a parameter.
My router for this kind of url is set like this:
$router->add(
"/{language:[a-z]{2}}/:controller/:action",
array(
"controller" => 2,
"action" => 3
)
);
Btw it does the same withut the index: http://example.com/sl/slots
Oh and my slots index action looks like this:
public function indexAction($currentDate = false){ //code }
So the $currentDate is set to "sl" when I call the action without a parameter
Thank you for the help
Well you need to add language in first argument of action too. Then it should work.
In addition to #Juri's answer.. I prefer to keep my Actions empty or as slim as possible. Imagine if you have 3-4 parameters in the Route, you will end up with something like:
public function indexAction($param1 = false, $param2 = false, $param3 = false....)
Here is how I prefer to handle Route parameters:
public function indexAction()
{
// All parameters
print_r($this->dispatcher->getParams());
// Accessing specific Named parameters
$this->dispatcher->getParam('id');
$this->dispatcher->getParam('language');
// Accessing specific Non-named parameters
$this->dispatcher->getParam(0);
$this->dispatcher->getParam(1);
...
}
I have upgrade Laravel from 4.2 to laravel5.3 but I can't access Authentication data inside of Constructor of Controller
I have as below Middleware but it never work for me
use App\Http\Controllers\BaseController;
use Closure;
use Illuminate\Contracts\Auth\Guard;
use Redirect;
use Auth;
use App\User;
class DashboardController extends BaseController
{
public $user;
public function __construct(Guard $guard, User $user)
{
$this->middleware(function ($request, $next) {
$this->user = Auth::user();
return $next($request);
});
//$this->userID = Auth::user()?Auth::user()->id:null;
dd($user);// Result attributes: []
dd($guard);
dd($this->user);
}
}
The result after DD()
dd($guard);
DD($this->user);
NULL
It will return Null when I dd user property.
This is to be expected. The reason you have to assign the user inside the middleware closure is because the session middleware hasn't run yet. So, the closure you have above won't actually be called until later in the execution process.
If you move the dd($this->user) to inside the middleware closure or in to your one of you route methods in that controller it should be working absolutely fine.
Also, just FYI, in your middleware closure you can get the user instance from the request i.e. $request->user() will give you the authenticated user.
Hope this help!
I got this error in my Lumen API update user module. I didn't get the Request $request values from postman. It's happening only in my UserController,
my other controllers work fine. I'm using the put method to update the user.
This is the error:
FatalErrorException in Request.php line 901: Call to a member function
parameter() on a non-object in Lumen API
My update function looks like this:
public function updateUser(Request $request,$user_id)
{
try {
$user = User::findOrFail($user_id);
} catch(ModelNotFoundException $e) {
return "User not found";
}
$user->buyer_id = $request->buyer_id;
The thing is, Lumen and Laravel use different route resolvers. You can see it for yourself if you just output the type of the variable $route just before that line 901.
Try $request['buyer_id'] instead.
I would suggest to use $request->input('buyer_id'); instead which would not throw any error if the buyer_id doesn't exist on $request stack (if it helps).
We can also pass the default value like this:
$request->input('buyer_id', null);