/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$userId = \Authorizer::getResourceOwnerId();
$projectId = $request->project;
if ($this->repository->isOwner($projectId, $userId) == false) {
return ['error' => 'Access Forbidden'];
}
return $next($request);
}
private function checkProjectOwner($porjectId)
{
$userId = Authorizer::getResourceOwnerId();
return $this->repository->isOwner($porjectId, $userId);
}
