New CPM with Laravel 12 and React

app/Http/Middleware/PermissionMiddleware.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+use Spatie\Permission\Exceptions\UnauthorizedException;
+use Spatie\Permission\Guard;
+
+class PermissionMiddleware
+{
+    public function handle($request, Closure $next, $guard = null)
+    {
+        $authGuard = Auth::guard($guard);
+
+        $user = $authGuard->user();
+
+        // For machine-to-machine Passport clients
+        if (!$user && $request->bearerToken() && config('permission.use_passport_client_credentials')) {
+
+            $user = Guard::getPassportClient($guard);
+        }
+
+        if (!$user) {
+
+            throw UnauthorizedException::notLoggedIn();
+        }
+
+        if (!method_exists($user, 'hasAnyPermission')) {
+            throw UnauthorizedException::missingTraitHasRoles($user);
+        }
+
+        if ($user->hasRole('admin')) {
+            return $next($request);
+        }
+
+        foreach ($user->roles as $role) {
+            if ($role->hasPermissionTo($request->route()->getName())) {
+                return $next($request);
+
+            }
+        }
+
+        throw UnauthorizedException::forPermissions($user->getAllPermissions()->toArray());
+
+    }
+
+    /**
+     * Specify the permission and guard for the middleware.
+     *
+     * @param  array|string  $permission
+     * @param  string|null  $guard
+     * @return string
+     */
+    public static function using($permission, $guard = null)
+    {
+        $permissionString = is_string($permission) ? $permission : implode('|', $permission);
+        $args = is_null($guard) ? $permissionString : "$permissionString,$guard";
+
+        return static::class . ':' . $args;
+    }
+}
+