tethys/app/Http/Middleware/PermissionMiddleware.php

46 lines
1.1 KiB
PHP
Raw Permalink Normal View History

2018-08-06 12:30:51 +00:00
<?php
namespace App\Http\Middleware;
use Illuminate\Support\Facades\Auth;
use Closure;
class PermissionMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next, $permission)
{
if (Auth::guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('/login');
}
}
//if (! $request->user()->hasRole($role))
//{
// abort(401);
//}
foreach ($request->user()->roles()->get() as $role) {
if ($role->hasPermissionTo($permission)) {
return $next($request);
}
//break(1);
}
//if (! $request->user()->can($permission))
//{
// abort(401);
//}
// return abort(403);
throw new \Illuminate\Auth\Access\AuthorizationException('This action is unauthorized.');
2018-08-06 12:30:51 +00:00
}
}