Home Explore Help
Register Sign In
dth
/
strprfcrm
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 18a6d77b93
Branches Tags
strprfcrm
/
app
/
Http
/
Middleware
/
EnsureRoutePermission.php

EnsureRoutePermission.php 1.1 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Middleware;
    4. 

  4. 

  5. use App\Services\Access\AccessService;
    6. 

  6. use Closure;
    7. 

  7. use Illuminate\Http\Request;
    8. 

  8. use Symfony\Component\HttpFoundation\Response;
    9. 

  9. 

  10. class EnsureRoutePermission
    11. 

  11. {
    12. 

  12.     public function __construct(private readonly AccessService $accessService)
    13. 

  13.     {
    14. 

  14.     }
    15. 

  15. 

  16.     public function handle(Request $request, Closure $next): Response
    17. 

  17.     {
    18. 

  18.         $user = $request->user();
    19. 

  19.         $routeName = $request->route()?->getName();
    20. 

  20. 

  21.         $routePermission = $this->accessService->routePermission($routeName);
    22. 

  22. 

  23.         if (!$user || !$routeName || !$routePermission) {
    24. 

  24.             return $next($request);
    25. 

  25.         }
    26. 

  26. 

  27.         // Compatibility while tests and old runtime paths still create users with only legacy role slugs.
    28. 

  28.         if (!$user->role_id) {
    29. 

  29.             return $next($request);
    30. 

  30.         }
    31. 

  31. 

  32.         abort_unless(
    33. 

  33.             is_array($routePermission)
    34. 

  34.                 ? $this->accessService->canAny($user, $routePermission)
    35. 

  35.                 : $this->accessService->can($user, $routePermission),
    36. 

  36.             403
    37. 

  37.         );
    38. 

  38. 

  39.         return $next($request);
    40. 

  40.     }
    41. 

  41. }
    42.