<?php

namespace App\Http\Middleware;

use Cartalyst\Sentinel\Native\Facades\Sentinel;
use Closure;
use Illuminate\Contracts\Auth\Guard;
use Auth;
use Log;

class SentinelACL
{
    /**
     * The Guard implementation.
     *
     * @var Guard
     */
    protected $auth;

    /**
     * Create a new filter instance.
     *
     * @param  Guard  $auth
     * @return void
     */
    public function __construct(Guard $auth) {
        $this->auth = $auth;

    }


    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next) {
        $currentRouteName = $request->route()->getName();

        $usuario = Auth::user();

        if($usuario === null){
            return response()->unauthorized('unauthorized');
        }

        $user = Sentinel::findById($usuario->id);

        if (!$user->hasAccess($currentRouteName) ) {
            return response()->forbidden('dont_have_permission');
        }

        return $next($request);
    }
}