The following column will introduce you to a Laravel exception context solution from the Laravel Tutorial column, I hope it will be helpful to friends in need!
Recently, the project encountered a situation. When we encounter a user who does not have permission to access certain information, we hope to prompt a detailed reason. For example, when accessing a team resource and non-members access it, a prompt will be given: You are not a member of the [xxxxxx] team and cannot view it temporarily. You can <Apply to join>
. At the same time, the coded team name and the join button need to be displayed, but the logic of the interface is that there is no permission. At that time, it was abort
directly:
abort_if(!$user->isMember($resouce->team), 403, '您无权访问该资源');
The response result obtained is as follows:
HTTP/1.0 403 Forbidden{ "message": "您无权访问该资源"}
It is impossible for us to use html to display the front-end prompt page. This would be too coupled. Strong and violates the principle of separation of front and back ends. Our goal is to return the following format to solve the problem:
HTTP/1.0 403 Forbidden{ "message": "您无权访问该资源", "team": { "id": "abxT8sioa0Ms", "name": "CoDesign****" }}
Passing data by carrying context makes it easier for front-end students to freely combine.
Start the transformation
Of course, this is not a complicated matter. It can be solved by directly modifying the original abort_if
:
- abort_if(!$user->isMember($resouce->team), 403, '您无权访问该资源'); + if (!$user->isMember($resouce->team)) { + return response()->json([ + 'message' => '您无权访问该资源', + 'team' => [ + 'id' => $resouce->team_id, + 'name'=> $resouce->team->desensitised_name, + ] + ], 403); + }
This seems to solve the problem, but just imagine, if an exception is detected in the closure and you want to exit, the above return
style of writing will be more difficult to do. , after all, return
will only terminate the latest context environment, we still hope to terminate the execution of the entire application like abort
, and then carry out another transformation.
Optimization implementation
After reading the abort
source code, I found that its first parameter actually supports \Symfony\Component\HttpFoundation\Response
instance, and the result of our return
above is its instance, so we only need to change it to this:
if (!$user->isMember($resouce->team)) { abort(response()->json([ 'message' => '您无权访问该资源', 'team' => [ 'id' => $resouce->team_id, 'name'=> $resouce->team->desensitised_name, ] ], 403)); }
It looks like Abnormal interruption has been implemented, but a new problem has arisen. It is still embarrassing if it needs to be reused. This code will appear repeatedly in various places where this permission is judged. This is not what we want.
Logical reuse
In order to achieve logical reuse, I looked at the implementation of \App\Exceptions\Handler
and found the ## of the parent class The #render method also has such a design:
public function render($request, Throwable $e) { if (method_exists($e, 'render') && $response = $e->render($request)) { return Router::toResponse($request, $response); } elseif ($e instanceof Responsable) { return $e->toResponse($request); } //...
render method:
$ ./artisan make:exception NotTeamMemberException
<?php namespace App\Exceptions; use App\Team; class NotTeamMemberException extends \Exception { public Team $team; public function __construct(Team $team, $message = "") { $this->team = $team; parent::__construct($message, 403); } public function render() { return response()->json( [ 'message' => !empty($this->message) ? $this->message : '您无权访问该资源', 'team' => [ 'id' => $this->team->id, 'name' => $this->team->desensitised_name, ], ], 403 ); } }
if (!$user->isMember($resouce->team)) { throw new NotTeamMemberException($resouce->team, '您无权访问该资源'); }
\throw_if(!$user->isMember($resouce->team), NotTeamMemberException::class, $resouce->team, '您无权访问该资源');
The above is the detailed content of Share a Laravel exception context solution. For more information, please follow other related articles on the PHP Chinese website!