Question 16262 in Laravel Question posted in
The official Laravel Documentation can be found here.

Laravel policy too few arguments passed to UserPolicy

I’ve got a Laravel 9 project being used as an API. I’m using the Laravel Spatie Permissions package to perform permission and role checks. I’ve set up a Laravel policy called UserPolicy, and thus far my policy methods are working fine, apart from when I attempt to authorize my show function.

My API only passes the model’s ID, and this is fine, also, I already have my user by this point. I’m checking to see whether the logged in user has the ability to view another user that may not be their-self in the platform here.

The error:

Too few arguments to function AppPoliciesUserManagementUserPolicy::view(), 1 passed in /Users/ryanholton/Sites/lespro-api/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php on line 798 and exactly 2 expected

Here’s my controller action:

/**
 * Display the specified resource.
 *
 * @param  int  $id
 * @return IlluminateHttpResponse
 */
public function show($id)
{
    $this->authorize('view', User::class);

    $user = User::with('roles')->find($id);

    if (!$user) {
        return response()->json([
            'message' => 'User not found or invalid user ID'
        ], 404);
    }

    return response()->json([
        'user' => $user
    ], 200);
}

And my policy:

<?php

namespace AppPoliciesUserManagement;

use AppModelsUser;
use IlluminateAuthAccessHandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    /**
     * Determine whether the user can view any models.
     *
     * @param  AppModelsUser  $user
     * @return IlluminateAuthAccessResponse|bool
     */
    public function viewAny(User $user)
    {
        if ($user->can('user_index')) {
            return true;
        }
    }

    /**
     * Determine whether the user can view the model.
     *
     * @param  AppModelsUser  $user
     * @param  AppModelsUser  $model
     * @return IlluminateAuthAccessResponse|bool
     */
    public function view(User $user, User $model)
    {
        if ($user->can('user_show')) {
            return true;
        }
    }

    /**
     * Determine whether the user can create models.
     *
     * @param  AppModelsUser  $user
     * @return IlluminateAuthAccessResponse|bool
     */
    public function create(User $user)
    {
        if ($user->can('user_store')) {
            return true;
        }
    }

    /**
     * Determine whether the user can update the model.
     *
     * @param  AppModelsUser  $user
     * @param  AppModelsUser  $model
     * @return IlluminateAuthAccessResponse|bool
     */
    public function update(User $user, User $model)
    {
        if ($user->can('user_update')) {
            return true;
        }
    }

    /**
     * Determine whether the user can delete the model.
     *
     * @param  AppModelsUser  $user
     * @param  AppModelsUser  $model
     * @return IlluminateAuthAccessResponse|bool
     */
    public function delete(User $user, User $model)
    {
        if ($user->can('user_destroy')) {
            return true;
        }
    }
}
Tags:

2

Answers


  1. 0

    for authorize method you have to pass $user instance

    $user = User::with('roles')->find($id);

 $this->authorize('view',$user);

    and in your policy , remove extra user param

     public function view(User $user)
    {
        if ($user->can('user_show')) {
            return true;
        }
    }
    Login or Signup to reply.
  2. 0

    The error says that only one parameter was passed, although the existing method expects two.
    Perhaps it’s not at all obvious to you which method is called – it is the view method of the UserPolicy class.
    If we pay attention to it, we will indeed see that the method expects two parameters.

    public function view(User $user, User $model)

    Try removing the last option – that should help. Your method will looks:

    public function view(User $user)
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search