Authorization - 404 instead of 403.

When trying to access a page for which I don't have access I get 404 instead of 403.

Why is that so?

Solution

Ah.. here we go. I got this bit of code on my resource.

    public static function getEloquentQuery(): Builder
    {
        return parent::getEloquentQuery()->where('user_id', auth()->id());
    }

    public static function getEloquentQuery(): Builder
    {
        return parent::getEloquentQuery()->where('user_id', auth()->id());
    }

    public static function getEloquentQuery(): Builder
    {
        return parent::getEloquentQuery()->where('user_id', auth()->id());
    }

    public static function getEloquentQuery(): Builder
    {
        return parent::getEloquentQuery()->where('user_id', auth()->id());
    }

So that probaly is taken into account for the route model binding for the view page and other custom pages. Or any other route uner that resource which resolves the {record}.

Jump to solution

Authorization - 404 instead of 403.

Similar Threads

Similar Threads

Similar Threads