/**
* Load the Laravel routes into the application routes for
* permission assignment.
*
* @param $routeNameRegEx
*
* @return int The number of Laravel routes loaded.
*/
public static function loadLaravelRoutes($routeNameRegEx)
{
$AppRoutes = \Route::getRoutes();
$cnt = 0;
foreach ($AppRoutes as $appRoute) {
$name = $appRoute->getName();
$methods = $appRoute->getMethods();
$path = $appRoute->getPath();
$actionName = $appRoute->getActionName();
// Skip AuthController and PasswordController routes, Those are always authorized.
if (!str_contains($actionName, 'AuthController') && !str_contains($actionName, 'PasswordController')) {
// Include only if the name matches the requested Regular Expression.
if (preg_match($routeNameRegEx, $name)) {
foreach ($methods as $method) {
$route = null;
if ('HEAD' !== $method && !starts_with($path, '_debugbar')) {
// Skip all DebugBar routes.
// TODO: Use Repository 'findWhere' when its fixed!!
// $route = $this->route->findWhere([
// 'method' => $method,
// 'action_name' => $actionName,
// ])->first();
$route = \App\Models\Route::ofMethod($method)->ofActionName($actionName)->ofPath($path)->first();
if (!isset($route)) {
$cnt++;
Route::create(['name' => $name, 'method' => $method, 'path' => $path, 'action_name' => $actionName, 'enabled' => 1]);
}
}
}
}
}
}
return $cnt;
}
/**
* Load the Laravel routes into the application routes for
* permission assignment.
*
* @return int The number of Laravel routes loaded.
*/
public static function loadLaravelRoutes()
{
$AppRoutes = \Route::getRoutes();
$cnt = 0;
foreach ($AppRoutes as $appRoute) {
$name = $appRoute->getName();
$methods = $appRoute->getMethods();
$path = $appRoute->getPath();
$actionName = $appRoute->getActionName();
if (!str_contains($actionName, 'AuthController') && !str_contains($actionName, 'PasswordController')) {
foreach ($methods as $method) {
$route = null;
if ('HEAD' !== $method && !starts_with($path, '_debugbar')) {
// Skip all DebugBar routes.
// TODO: Use Repository 'findWhere' when its fixed!!
// $route = $this->route->findWhere([
// 'method' => $method,
// 'action_name' => $actionName,
// ])->first();
$route = \App\Models\Route::ofMethod($method)->ofActionName($actionName)->ofPath($path)->first();
if (!isset($route)) {
$cnt++;
$newRoute = Route::create(['name' => $name, 'method' => $method, 'path' => $path, 'action_name' => $actionName, 'enabled' => 1]);
}
}
}
}
}
return $cnt;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$authorized = false;
// Default to protect all routes.
$errorCode = 0;
// Default to something bogus...
$method = null;
$path = null;
$actionName = null;
$user = null;
$username = null;
$guest = false;
// Get current route from Laravel.
$laravelRoute = LaravelRoute::current();
// If not set we will fallback to error HTTP 500. This should never occur. TODO: remove this check...
if (isset($laravelRoute)) {
// Get route info.
$method = $laravelRoute->getMethods()[0];
$path = $laravelRoute->getPath();
$actionName = $laravelRoute->getActionName();
// Get current user or set guest to true for unauthenticated users.
if ($this->auth->check()) {
$user = $this->auth->user();
$username = $user->username;
} elseif ($this->auth->guest()) {
$guest = true;
}
// AuthController and PasswordController are exempt from authorization.
// TODO: Get list of controllers exempt from config.
if (str_contains($actionName, 'AuthController@') || str_contains($actionName, 'PasswordController@')) {
$authorized = true;
} elseif (!$guest && isset($user) && 'root' == $user->username) {
$authorized = true;
} elseif (!$guest && isset($user) && $user->hasRole('admins')) {
$authorized = true;
} else {
// if ($user->enabled)
// {
// Get application route based on info from Laravel route.
$appRoute = AppRoute::ofMethod($method)->ofActionName($actionName)->ofPath($path)->enabled()->with('permission')->first();
// If found, proceed with authorization
if (isset($appRoute)) {
// Permission set for route.
if (isset($appRoute->permission)) {
// Route is open to all.
// TODO: Get 'open-to-all' role name from config, and replace all occurrences.
if ('open-to-all' == $appRoute->permission->name) {
$authorized = true;
} elseif ($guest && 'guest-only' == $appRoute->permission->name) {
$authorized = true;
} elseif (!$guest && isset($user) && $user->enabled && 'basic-authenticated' == $appRoute->permission->name) {
$authorized = true;
} elseif (!$guest && isset($user) && $user->enabled && $user->can($appRoute->permission->name)) {
$authorized = true;
} else {
Log::error("Authorization denied for request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "], guest [" . $guest . "], username [" . $username . "].");
$errorCode = 403;
}
} else {
Log::error("No permission set for the requested route, path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "], guest [" . $guest . "], username [" . $username . "].");
$errorCode = 403;
}
} else {
Log::error("No application route found in AuthorizeRoute module for request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "].");
$errorCode = 403;
}
// if ( isset($appRoute) )
// }
// else
// {
// return redirect( route('logout') );
// }
}
}
// If authorize, proceed
if ($authorized) {
return $next($request);
// Else if error code was set abort with that.
} elseif (0 != $errorCode) {
if (!$guest && isset($user) && !$user->enabled) {
Log::error("User [" . $user->username . "] disabled, forcing logout.");
return redirect(route('logout'));
} else {
abort($errorCode);
}
// Lastly Fallback to error HTTP 500: Internal server error. We should not get to this!
} else {
Log::error("Server error while trying to authorize route, request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "].");
abort(500);
}
}
/**
* @return \Illuminate\View\View
*/
public function load()
{
$AppRoutes = \Route::getRoutes();
$cnt = 0;
foreach ($AppRoutes as $appRoute) {
$name = $appRoute->getName();
$methods = $appRoute->getMethods();
$path = $appRoute->getPath();
$actionName = $appRoute->getActionName();
if (!str_contains($actionName, 'AuthController') && !str_contains($actionName, 'PasswordController')) {
foreach ($methods as $method) {
$route = null;
if ('HEAD' !== $method && !starts_with($path, '_debugbar')) {
// TODO: Use Repository 'findWhere' when its fixed!!
// $route = $this->route->findWhere([
// 'method' => $method,
// 'action_name' => $actionName,
// ])->first();
$route = \App\Models\Route::ofMethod($method)->ofActionName($actionName)->ofPath($path)->first();
if (!isset($route)) {
$cnt++;
$newRoute = $this->route->create(['name' => $name, 'method' => $method, 'path' => $path, 'action_name' => $actionName]);
}
}
}
}
}
Flash::success(trans('admin/routes/general.status.loaded', ['number' => $cnt]));
return redirect('/admin/routes');
}
