/** * Load the Laravel routes into the application routes for * permission assignment. * * @param $routeNameRegEx * * @return int The number of Laravel routes loaded. */ public static function loadLaravelRoutes($routeNameRegEx) { $AppRoutes = \Route::getRoutes(); $cnt = 0; foreach ($AppRoutes as $appRoute) { $name = $appRoute->getName(); $methods = $appRoute->getMethods(); $path = $appRoute->getPath(); $actionName = $appRoute->getActionName(); // Skip AuthController and PasswordController routes, Those are always authorized. if (!str_contains($actionName, 'AuthController') && !str_contains($actionName, 'PasswordController')) { // Include only if the name matches the requested Regular Expression. if (preg_match($routeNameRegEx, $name)) { foreach ($methods as $method) { $route = null; if ('HEAD' !== $method && !starts_with($path, '_debugbar')) { // Skip all DebugBar routes. // TODO: Use Repository 'findWhere' when its fixed!! // $route = $this->route->findWhere([ // 'method' => $method, // 'action_name' => $actionName, // ])->first(); $route = \App\Models\Route::ofMethod($method)->ofActionName($actionName)->ofPath($path)->first(); if (!isset($route)) { $cnt++; Route::create(['name' => $name, 'method' => $method, 'path' => $path, 'action_name' => $actionName, 'enabled' => 1]); } } } } } } return $cnt; }
/** * Load the Laravel routes into the application routes for * permission assignment. * * @return int The number of Laravel routes loaded. */ public static function loadLaravelRoutes() { $AppRoutes = \Route::getRoutes(); $cnt = 0; foreach ($AppRoutes as $appRoute) { $name = $appRoute->getName(); $methods = $appRoute->getMethods(); $path = $appRoute->getPath(); $actionName = $appRoute->getActionName(); if (!str_contains($actionName, 'AuthController') && !str_contains($actionName, 'PasswordController')) { foreach ($methods as $method) { $route = null; if ('HEAD' !== $method && !starts_with($path, '_debugbar')) { // Skip all DebugBar routes. // TODO: Use Repository 'findWhere' when its fixed!! // $route = $this->route->findWhere([ // 'method' => $method, // 'action_name' => $actionName, // ])->first(); $route = \App\Models\Route::ofMethod($method)->ofActionName($actionName)->ofPath($path)->first(); if (!isset($route)) { $cnt++; $newRoute = Route::create(['name' => $name, 'method' => $method, 'path' => $path, 'action_name' => $actionName, 'enabled' => 1]); } } } } } return $cnt; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $authorized = false; // Default to protect all routes. $errorCode = 0; // Default to something bogus... $method = null; $path = null; $actionName = null; $user = null; $username = null; $guest = false; // Get current route from Laravel. $laravelRoute = LaravelRoute::current(); // If not set we will fallback to error HTTP 500. This should never occur. TODO: remove this check... if (isset($laravelRoute)) { // Get route info. $method = $laravelRoute->getMethods()[0]; $path = $laravelRoute->getPath(); $actionName = $laravelRoute->getActionName(); // Get current user or set guest to true for unauthenticated users. if ($this->auth->check()) { $user = $this->auth->user(); $username = $user->username; } elseif ($this->auth->guest()) { $guest = true; } // AuthController and PasswordController are exempt from authorization. // TODO: Get list of controllers exempt from config. if (str_contains($actionName, 'AuthController@') || str_contains($actionName, 'PasswordController@')) { $authorized = true; } elseif (!$guest && isset($user) && 'root' == $user->username) { $authorized = true; } elseif (!$guest && isset($user) && $user->hasRole('admins')) { $authorized = true; } else { // if ($user->enabled) // { // Get application route based on info from Laravel route. $appRoute = AppRoute::ofMethod($method)->ofActionName($actionName)->ofPath($path)->enabled()->with('permission')->first(); // If found, proceed with authorization if (isset($appRoute)) { // Permission set for route. if (isset($appRoute->permission)) { // Route is open to all. // TODO: Get 'open-to-all' role name from config, and replace all occurrences. if ('open-to-all' == $appRoute->permission->name) { $authorized = true; } elseif ($guest && 'guest-only' == $appRoute->permission->name) { $authorized = true; } elseif (!$guest && isset($user) && $user->enabled && 'basic-authenticated' == $appRoute->permission->name) { $authorized = true; } elseif (!$guest && isset($user) && $user->enabled && $user->can($appRoute->permission->name)) { $authorized = true; } else { Log::error("Authorization denied for request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "], guest [" . $guest . "], username [" . $username . "]."); $errorCode = 403; } } else { Log::error("No permission set for the requested route, path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "], guest [" . $guest . "], username [" . $username . "]."); $errorCode = 403; } } else { Log::error("No application route found in AuthorizeRoute module for request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "]."); $errorCode = 403; } // if ( isset($appRoute) ) // } // else // { // return redirect( route('logout') ); // } } } // If authorize, proceed if ($authorized) { return $next($request); // Else if error code was set abort with that. } elseif (0 != $errorCode) { if (!$guest && isset($user) && !$user->enabled) { Log::error("User [" . $user->username . "] disabled, forcing logout."); return redirect(route('logout')); } else { abort($errorCode); } // Lastly Fallback to error HTTP 500: Internal server error. We should not get to this! } else { Log::error("Server error while trying to authorize route, request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "]."); abort(500); } }
/** * @return \Illuminate\View\View */ public function load() { $AppRoutes = \Route::getRoutes(); $cnt = 0; foreach ($AppRoutes as $appRoute) { $name = $appRoute->getName(); $methods = $appRoute->getMethods(); $path = $appRoute->getPath(); $actionName = $appRoute->getActionName(); if (!str_contains($actionName, 'AuthController') && !str_contains($actionName, 'PasswordController')) { foreach ($methods as $method) { $route = null; if ('HEAD' !== $method && !starts_with($path, '_debugbar')) { // TODO: Use Repository 'findWhere' when its fixed!! // $route = $this->route->findWhere([ // 'method' => $method, // 'action_name' => $actionName, // ])->first(); $route = \App\Models\Route::ofMethod($method)->ofActionName($actionName)->ofPath($path)->first(); if (!isset($route)) { $cnt++; $newRoute = $this->route->create(['name' => $name, 'method' => $method, 'path' => $path, 'action_name' => $actionName]); } } } } } Flash::success(trans('admin/routes/general.status.loaded', ['number' => $cnt])); return redirect('/admin/routes'); }