I am trying to use Laravel 5.1's form request validation, to authorize if the request is from the owner. The validation is used when the user is trying to update part of the table clinics
through the show.blade.php
.
My set up so far:
routes.php:
Route::post('clinic/{id}',
array('as' => 'postUpdateAddress', 'uses' => '[email protected]'));
ClinicController.php:
public function postUpdateAddress($id,
\App\Http\Requests\UpdateClinicAddressFormRequest $request)
{
$clinic = Clinic::find($id);
$clinic->save();
return Redirect::route('clinic.index');
}
UpdateClinicAddressFormRequest.php:
public function authorize()
{
$clinicId = $this->route('postUpdateAddress');
return Clinic::where('id', $clinicId)
->where('user_id', Auth::id())
->exists();
}
Show.blade.php
{!! Form::open(array('route' => array('postUpdateAddress', $clinic->id), 'role'=>'form')) !!}
{!! Form::close() !!}
If I
dd($clinicId)
within the authorize function, it returnsnull
, so I think that's where the problem lies!
Any help why on submit it's saying 'forbidden' would be hugely appreciated.