63 lines
1.6 KiB
PHP
63 lines
1.6 KiB
PHP
|
<?php
|
||
|
|
||
|
namespace App\Http\Middleware;
|
||
|
|
||
|
use Closure;
|
||
|
use Illuminate\Support\Facades\Auth;
|
||
|
use Spatie\Permission\Exceptions\UnauthorizedException;
|
||
|
use Spatie\Permission\Guard;
|
||
|
|
||
|
class PermissionMiddleware
|
||
|
{
|
||
|
public function handle($request, Closure $next, $guard = null)
|
||
|
{
|
||
|
$authGuard = Auth::guard($guard);
|
||
|
|
||
|
$user = $authGuard->user();
|
||
|
|
||
|
// For machine-to-machine Passport clients
|
||
|
if (!$user && $request->bearerToken() && config('permission.use_passport_client_credentials')) {
|
||
|
|
||
|
$user = Guard::getPassportClient($guard);
|
||
|
}
|
||
|
|
||
|
if (!$user) {
|
||
|
|
||
|
throw UnauthorizedException::notLoggedIn();
|
||
|
}
|
||
|
|
||
|
if (!method_exists($user, 'hasAnyPermission')) {
|
||
|
|
||
|
throw UnauthorizedException::missingTraitHasRoles($user);
|
||
|
}
|
||
|
|
||
|
// if ($user->hasRole('admin')) {
|
||
|
// return $next($request);
|
||
|
// }
|
||
|
|
||
|
foreach ($user->roles as $role) {
|
||
|
if ($role->hasPermissionTo($request->route()->getName())) {
|
||
|
return $next($request);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
throw UnauthorizedException::forPermissions($user->getAllPermissions()->toArray());
|
||
|
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Specify the permission and guard for the middleware.
|
||
|
*
|
||
|
* @param array|string $permission
|
||
|
* @param string|null $guard
|
||
|
* @return string
|
||
|
*/
|
||
|
public static function using($permission, $guard = null)
|
||
|
{
|
||
|
$permissionString = is_string($permission) ? $permission : implode('|', $permission);
|
||
|
$args = is_null($guard) ? $permissionString : "$permissionString,$guard";
|
||
|
|
||
|
return static::class . ':' . $args;
|
||
|
}
|
||
|
}
|