From 942fc31f952683b04b6f1d65d02cc9dcd5f13299 Mon Sep 17 00:00:00 2001
From: Damian Lee <damiankloip@gmail.com>
Date: Thu, 27 Sep 2018 15:09:47 +0100
Subject: [PATCH] [5.7] Authorize Middleware Doesn't Accept String Parameters
 (#25763)

* Add test case for string parameter for Authorize middleware

* Pass model value as default value in Authorize middleware

* Add test using string route parameter
---
 src/Illuminate/Auth/Middleware/Authorize.php |  2 +-
 tests/Auth/AuthorizeMiddlewareTest.php       | 36 ++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/src/Illuminate/Auth/Middleware/Authorize.php b/src/Illuminate/Auth/Middleware/Authorize.php
index 331edc120b41..04c692146724 100644
--- a/src/Illuminate/Auth/Middleware/Authorize.php
+++ b/src/Illuminate/Auth/Middleware/Authorize.php
@@ -72,7 +72,7 @@ protected function getGateArguments($request, $models)
      */
     protected function getModel($request, $model)
     {
-        return $this->isClassName($model) ? $model : $request->route($model);
+        return $this->isClassName($model) ? $model : $request->route($model, $model);
     }
 
     /**
diff --git a/tests/Auth/AuthorizeMiddlewareTest.php b/tests/Auth/AuthorizeMiddlewareTest.php
index 4a5986d4ab52..5d96fcba1986 100644
--- a/tests/Auth/AuthorizeMiddlewareTest.php
+++ b/tests/Auth/AuthorizeMiddlewareTest.php
@@ -86,6 +86,42 @@ public function testSimpleAbilityAuthorized()
         $this->assertEquals($response->content(), 'success');
     }
 
+    public function testSimpleAbilityWithStringParameter()
+    {
+        $this->gate()->define('view-dashboard', function ($user, $param) {
+            return $param === 'true';
+        });
+
+        $this->router->get('dashboard', [
+            'middleware' => Authorize::class.':view-dashboard,true',
+            'uses' => function () {
+                return 'success';
+            },
+        ]);
+
+        $response = $this->router->dispatch(Request::create('dashboard', 'GET'));
+
+        $this->assertEquals($response->content(), 'success');
+    }
+
+    public function testSimpleAbilityWithStringParameterFromRouteParameter()
+    {
+        $this->gate()->define('view-dashboard', function ($user, $param) {
+            return $param === 'true';
+        });
+
+        $this->router->get('dashboard/{route_parameter}', [
+            'middleware' => Authorize::class.':view-dashboard,route_parameter',
+            'uses' => function () {
+                return 'success';
+            },
+        ]);
+
+        $response = $this->router->dispatch(Request::create('dashboard/true', 'GET'));
+
+        $this->assertEquals($response->content(), 'success');
+    }
+
     /**
      * @expectedException \Illuminate\Auth\Access\AuthorizationException
      * @expectedExceptionMessage This action is unauthorized.