pls help me to fix this. I am trying to figure out how to avoid users who are not yet approve to post on my platform

this is my code in controller

// current authenticated user status
$userStatus = auth()->user()->status;

// if the current authenticated user status is not approved return false
if($userStatus != Constants::APPROVED){
    return back()->with('error_message', 'not approved');
}

this is my constant files

class  Constants{
    const  APPROVED = "approved";
    const  PENDING = "pending";
    const  REJECTED = "rejected";

finally my migration

$table->string('status')->default("Pending");

CodePudding user response：

You wrote $table->string('status')->default("Pending"); and ind your const vars you write it lowercase. that would be the problem. Please check if you also consider lower and uppercase when setting the status.

class  Constants{
    const  APPROVED = "approved";
    const  PENDING = "pending";
    const  REJECTED = "rejected";

CodePudding user response：

Laravel have the authorization already figured out for you, what you need to do is create a middleware file named (eg. Status)

 public function handle($request, Closure $next)
    {
        if ($request->user()->status !== 'APPROVED') {
            return back()->with('error_message', 'not approved'); // do something if the user is not approved
        }

        return $next($request); // else just continue
    }

in your route now add the middleware

Route::post('/post', [PostController::class, 'post'])->middleware(['approved']);