master_template/app/Http/Middleware/PermissionMiddleware.php
2024-06-23 17:02:56 +05:45

63 lines
1.6 KiB
PHP

<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Exceptions\UnauthorizedException;
use Spatie\Permission\Guard;
class PermissionMiddleware
{
public function handle($request, Closure $next, $guard = null)
{
$authGuard = Auth::guard($guard);
$user = $authGuard->user();
// For machine-to-machine Passport clients
if (!$user && $request->bearerToken() && config('permission.use_passport_client_credentials')) {
$user = Guard::getPassportClient($guard);
}
if (!$user) {
throw UnauthorizedException::notLoggedIn();
}
if (!method_exists($user, 'hasAnyPermission')) {
throw UnauthorizedException::missingTraitHasRoles($user);
}
// if ($user->hasRole('admin')) {
// return $next($request);
// }
foreach ($user->roles as $role) {
if ($role->hasPermissionTo($request->route()->getName())) {
return $next($request);
}
}
throw UnauthorizedException::forPermissions($user->getAllPermissions()->toArray());
}
/**
* Specify the permission and guard for the middleware.
*
* @param array|string $permission
* @param string|null $guard
* @return string
*/
public static function using($permission, $guard = null)
{
$permissionString = is_string($permission) ? $permission : implode('|', $permission);
$args = is_null($guard) ? $permissionString : "$permissionString,$guard";
return static::class . ':' . $args;
}
}