Laravel Sentry restrict Edit permissions to Creator

Question

I am using Laravel to build a simple Movie management System.

When a User creates a Movie in my DB, I use the following

public function store()
{
    $input = Input::except('_token');
    $id = Helpers::loggedInUser()->id;
    $input['creator_id'] = $id;
    $this->title->create($input);
    return Redirect::back()->withSuccess( trans('main.created successfully') );
}

This successfully passes the users id and stores in it a creator_id field

I want to restrict users from editing Movies which they did not create. So in the edit function I have

public function edit($title)
{
    $title = $this->title->byURi( e($title) );      
    $id = Helpers::loggedInUser()->id;
    $titleuser=$title['creator_id'];        
    if ( $titleuser = $id )
    {
        return View::make('Titles.Edit')->withTitle($title)->withType('movies');
    }

}

However, this does not seem to work. Anyone with a movie.edit permission in my sentry user db can still see the view.

Answer 1

If you compare two variables you have to use two equal signs, otherwise you set the first variable to the value of the second.

if ( $titleuser == $id )