How to use middleware to control access flexibly?

now there are three roles: general factory, middleman, and customer.
the framework I use is the laravel framework
I have built three middleware:
BackendRole.php / / function: only allow factory access
ShopRole.php / / function: only allow middlemen to access
ClientRole.php / / function: only allow customers to access

so, if I want to implement permission control on a single side, it will be easy, just (laravel routing code): 

//
Route::middleware("BackendRole")->group(function () {  
    //...
});

however, if I want to have access to both the factory and the customer, or to the factory and the middleman at the same time, this pairwise combination will be more difficult to achieve in this way.
so, in a situation like this, how can middleware be used to flexibly control access?

Object-oriented-programming design-pattern java php laravel
Apr.14,2022
  • Middleware can be an array
  • this can be done in another way: bit operations.
< table > < thead > < tr > < th > General Factory < / th > < th > Agent < / th > < th > customer < / th > < / tr > < / thead > < tbody > < tr > < td > 1 < / td > < td > 2 < / td > < td > 4 < / td > < / tr > < / tbody > < / table >

to represent respectively.

    The
    • A page is only accessible to the factory. Then give 1.
    • The
    • B page is only accessible by agents. Then give 2.
    • C page needs to be accessed by factory and agent, so it is 1 | 2 = 3

for example, on the C page, when the vendor visits it, it means that you have permission, otherwise you don't have permission. If it is a proxy access, (3x2) = = 2 also returns true. There is no permission when the customer visits (334) = = 4 and returns False.

B page (2x4) = = 4 obviously B needs 2, currently the customer is not satisfied with the operation of 4.

sounds complicated.

  • it is recommended to switch to RBAC for the last words.

recommend a way to write, assuming that your three roles are all in the same table, distinguished by type values 

$router->middleware('role:BackendRole,ShopRole')->group(function () {  
     //...
});

in this way, the route passes ['BackendRole,ShopRole'] into the role middleware as a parameter, and you only need to determine in the middleware whether the incoming user's role is in this array.

Previous: Typescript Error Duplicate identifier 'localforage'.

Next: About js findIndex

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1b304be-340cc.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1b304be-340cc.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?