/**
* Handle middleware
*
* @param Request $request
* @param callable $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
//Get account
$account = $this->getAccountFromRouting();
//Set account in context
$this->context->setAccount($account);
//If the owner type is User
if ($this->authorizer->getResourceOwnerType() == 'user') {
//Find the user
$user = $this->userRepository->find($this->authorizer->getResourceOwnerId());
//If we have account in the route
if ($account) {
//Check if the user has access to the account
if (!$user->isAssociateToAccount($account)) {
return $this->response->errorUnauthorized("You don't have access to the account {$account->uuid}");
}
}
//Add context processor to log
$this->log->addProcessors([new ContextProcessor($user, isset($account) ? $account : null)]);
//Set the user in context
$this->context->setUser($user);
}
// Set application locale
$this->setApplicationLocale();
return $next($request);
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
*
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
$data = $request->all();
$userId = $this->authorizer->getResourceOwnerId();
$data['client_id'] = $this->userRepository->find($userId)->client->id;
$order = $this->orderService->create($data);
return $this->orderRepository->with('items')->find($order->id);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = $this->userRepository->find($this->authorizer->getResourceOwnerId());
App::singleton('user', function () use($user) {
return $user->toArray();
});
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @throws \League\OAuth2\Server\Exception\AccessDeniedException
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->authorizer->setRequest($request);
$user = $this->authorizer->getResourceOwnerId();
$user = json_decode($user, true)['data'];
if (in_array($user['role'], ['store_manager', 'admin'])) {
return $next($request);
}
throw new AccessDeniedException();
}
public function update(Request $request, $id)
{
$deliverymanId = $this->authorizer->getResourceOwnerId();
if ($this->orderService->update(['id' => $id, 'user_deliveryman_id' => $deliverymanId], $request)) {
$type = ['type' => 'success'];
$code = Response::HTTP_OK;
}
$type = !$type ? ['type' => 'not found'] : $type;
$code = !$code ? Response::HTTP_NOT_FOUND : $code;
return response($type, $code)->header('Content-Type', 'application/json');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// if (env('APP_ENV') != 'testing') {
$this->authorizer->validateAccessToken($this->httpHeadersOnly);
$this->validateScopes();
// }
$owner_id = $this->authorizer->getResourceOwnerId();
if ($owner_id) {
list($user_type, $id) = explode(':', $owner_id);
switch ($user_type) {
case 'admin':
$request->user = Admin::find($id);
break;
default:
$request->user = User::find($id);
break;
}
} else {
$request->user = new Guest();
}
return $next($request);
}
/**
* Get the resource owner ID of the current request.
*
* @return string
* @static
*/
public static function getResourceOwnerId()
{
return \LucaDegasperi\OAuth2Server\Authorizer::getResourceOwnerId();
}
