Restrict product modification to admin

This commit is contained in:
bad 2021-12-05 19:22:52 +01:00
parent a51c2e5159
commit f2c368ae67

View file

@ -36,6 +36,7 @@ Route::any("/logout", [LoginController::class, "logout"])->name("logout");
Route::post("/product/{product}/addToCart", [CartController::class, "addToCart"])->name("addToCart")->middleware("auth"); Route::post("/product/{product}/addToCart", [CartController::class, "addToCart"])->name("addToCart")->middleware("auth");
Route::post("/product/{product}/removeFromCart", [CartController::class, "removeFromCart"])->name("removeFromCart")->middleware("auth"); Route::post("/product/{product}/removeFromCart", [CartController::class, "removeFromCart"])->name("removeFromCart")->middleware("auth");
Route::resource("product", ProductController::class); Route::resource("product", ProductController::class)->middleware("auth.admin");
Route::resource("product", ProductController::class)->only(["show"]);
Route::resource("order", OrderController::class)->middleware("auth"); Route::resource("order", OrderController::class)->middleware("auth");
Route::resource("image", ImageController::class)->only(["store", "delete", "create"])->middleware("auth.admin"); Route::resource("image", ImageController::class)->only(["store", "delete", "create"])->middleware("auth.admin");