Apply a middleware to a specific method of the controller

[algodoncin]

Hi, I am facing a problem while applying an authentication middleware to a specific route from a controller. Basically I was able to apply the middleware on the routes that start with Route::crud('route', 'controller')

Now I want to apply this middleware to the setupCreateOperation method from a controller (so it doesn't open the controller/create route) but when I do it it seems to not recognize the route and doesn't apply to it. This is an example of what I want to achieve:

// Users that have the type "user" are not allowed to access these routes
Route::middleware(['checkUserType:user'])->group(function () {
Route::crud('user', 'UserCrudController');
Route::crud('items', 'ItemsCrudController');
Route::get('category/create', 'categoryCrudController@setupCreateOperation')
});
// Users with the type "user" can still access to edit, and show methods and routes from categoryCrudController
Route::crud('category', 'categoryCrudController');

I tried to search on the documentation for a way to break down the controller on different routes but I didn't find anything that could do it.

Thanks in advance for your help.

[pxpm]

Hey @algodoncin

Middleware is just one stack layer before the controller so you have two options:

• Do not use Route::crud() and create all the routes manually, so you can apply middleware to each route.
• Leave it as is, and do the user verification at controller level.

For the second option, you can just add into your setup() method:

if(backpack_user()->hasRole('user')) { // or whatever you are using to check the user type.
    CRUD::denyAccess(['update', 'delete', 'show']); // this will prevent users with type "user", from accessing update, delete and show operations.
}

Here are the docs for CRUD access functions: https://backpackforlaravel.com/docs/6.x/crud-api#access

Let me know if that helps.

Cheers