57 lines
1.1 KiB
PHP
57 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Cartalyst\Sentinel\Native\Facades\Sentinel;
|
|
use Closure;
|
|
use Illuminate\Contracts\Auth\Guard;
|
|
use Auth;
|
|
use Log;
|
|
|
|
class SentinelACL
|
|
{
|
|
/**
|
|
* The Guard implementation.
|
|
*
|
|
* @var Guard
|
|
*/
|
|
protected $auth;
|
|
|
|
/**
|
|
* Create a new filter instance.
|
|
*
|
|
* @param Guard $auth
|
|
* @return void
|
|
*/
|
|
public function __construct(Guard $auth) {
|
|
$this->auth = $auth;
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
* Handle an incoming request.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param \Closure $next
|
|
* @return mixed
|
|
*/
|
|
public function handle($request, Closure $next) {
|
|
$currentRouteName = $request->route()->getName();
|
|
|
|
$usuario = Auth::user();
|
|
|
|
if($usuario === null){
|
|
return response()->unauthorized('unauthorized');
|
|
}
|
|
|
|
$user = Sentinel::findById($usuario->id);
|
|
|
|
if (!$user->hasAccess($currentRouteName) ) {
|
|
return response()->forbidden('dont_have_permission');
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|