public function afterStore($data)
{
$id_role = $data['id'];
$model = new RolePermission();
$model = $model->where('id_role', '=', $id_role);
$model->delete();
$rolePermission = Request::get('rolePermission');
if (Request::has('rolePermission')) {
foreach ($rolePermission as $keys => $values) {
foreach ($values as $key => $value) {
$model = new RolePermission();
$status = $model->create(['id_menu' => $keys, 'id_permission' => $key, 'id_role' => $id_role]);
if (!$status) {
DB::rollback();
throw $this->response->error(trans('response.update_failed'), 404);
}
}
}
}
}
/**
* this method to verify permission api
* @param stirng $method [description]
* @param stirng $permission [description]
*/
public function authorize($permission)
{
if (empty($this->tempStorage->get('id_company'))) {
$this->invalidateToken();
throw $this->response->error('Un Authorized, Please Re-Login', 401);
}
$user = JWTAuth::parseToken()->authenticate();
$permission = Permission::where('name', $permission)->select('id')->first();
if (count($permission) == 0) {
throw $this->response->error('No Permission', 404);
}
//set dynamic url or static url controller
if (empty($this->url)) {
$arrUrl = explode('/', Input::path());
array_shift($arrUrl);
$url = '/' . $arrUrl['0'] . '/' . $arrUrl['1'];
$menu = Menu::where('url', $url)->select('id')->first();
if (count($menu) == 0) {
throw $this->response->error('No Menu ' . $url, 404);
}
$rolePermission = RolePermission::where('id_role', $user->id_role)->where('id_permission', $permission->id)->where('id_menu', $menu->id)->get();
if (count($rolePermission) == 0) {
throw $this->response->error('Unauthorized action page', 404);
}
} else {
$url = $this->url;
$menu = Menu::where('url', $url)->select('id')->first();
if (count($menu) == 0) {
throw $this->response->error('No Menu ' . $url, 404);
}
}
}
