Home Explore Help
Register Sign In
dth
/
strprfcrm
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: a6ab13a666
Branches Tags
strprfcrm
/
app
/
Http
/
Middleware
/
EnsureUserHasRole.php

EnsureUserHasRole.php 1.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Middleware;
    4. 

  4. 

  5. use App\Services\Access\AccessService;
    6. 

  6. use Closure;
    7. 

  7. use Illuminate\Http\Request;
    8. 

  8. use Symfony\Component\HttpFoundation\Response;
    9. 

  9. 

  10. class EnsureUserHasRole
    11. 

  11. {
    12. 

  12.     public function __construct(private readonly AccessService $accessService)
    13. 

  13.     {
    14. 

  14.     }
    15. 

  15. 

  16.     /**
    17. 

  17.      * Handle an incoming request.
    18. 

  18.      *
    19. 

  19.      * @param Request $request
    20. 

  20.      * @param Closure $next
    21. 

  21.      * @param mixed ...$roles
    22. 

  22.      * @return Response
    23. 

  23.      */
    24. 

  24.     public function handle(Request $request, Closure $next, ... $roles): Response
    25. 

  25.     {
    26. 

  26.         $user = $request->user();
    27. 

  27. 

  28.         $routeName = $request->route()?->getName();
    29. 

  29.         $hasRoutePermission = $user && $routeName === 'import.create' && $request->input('type') === 'catalog'
    30. 

  30.             ? $this->accessService->can($user, 'catalog.import')
    31. 

  31.             : ($user && $this->accessService->canAccessRoute($user, $routeName));
    32. 

  32. 

  33.         if ($user?->hasRole($roles) || $hasRoutePermission) {
    34. 

  34.             return $next($request);
    35. 

  35.         }
    36. 

  36. 

  37.         abort(403);
    38. 

  38.     }
    39. 

  39. }
    40.