我的授权功能在laravel-5.8中总是失败？

Question

我在create函数中创建了一个策略，我检查这个用户是否能够创建记录，然后在AthServiceProvider.php中注册模型和策略，然后使用$this->authorize('create')在控制器内检查它总是失败的，甚至用户是有效的，您能帮我解决这个问题吗

Error:- This Action is unathorized

restaurentContoller.php

class RestaurentsController extends Controller
{
    protected $repository;

    public function __construct(RestaurentRepository $repository){
        $this->repository = $repository;
    }

    public function postRestaurent(RestaurentRequest $request){
        $data = $request->all();
        $data['admin_id'] = $this->getAccountId($request);
        $this->authorize('create');
        $rest = $this->repository->create($data);
        return response()->json(fractal($rest,new RestuarentTransformer));        
    }
}

RestaurentPolicy.php

   public function create(User $user)
    {
        return ($user->admin_id=1) ? true : false;
    }

api.php

Route::post('/postRest',[RestaurentsController::class,'postRestaurent'])->middleware(['CheckAdmin']);

Answer 1

如果使用请求类，则必须更改授权方法，将false返回为true。

class RestaurentStoreRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return false;
    }
}