/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->next = $next;
$this->request = $request;
$this->requestParser = new RequestParser($request);
$this->permissionParser = new PermissionParser($this->requestParser);
// Try to load permissions
if (!$this->permissionParser->loadPermissions()) {
$errors = $this->permissionParser->getErrors();
\Log::error('[Laraguard] ERROR - loading of permissions failed: ' . join(' # ', $errors));
return $this->returnError($errors);
}
if ($this->permissionParser->debugging()) {
\Log::info('[Laraguard] REQUEST - ControllerPath: ' . $this->requestParser->getControllerMethodPath());
}
// Handle sessions vars (laraguard_lastDenied)
$this->updateSession();
// Always allow defaultNoPermissionRoute and permissionDenied method
if ($this->isRequestToDefaultRouteOrPermissionDeniedMethod()) {
return $next($request);
}
// Get permissions that allow this request
$allowedPermissions = $this->permissionParser->getPermissionsForRequest($request);
// Check if user has one of those permissions
if ($this->checkUserPermissionsAgainstAllowedPermissions($allowedPermissions)) {
return $this->allowRequest();
}
return $this->denyRequest();
}
/**
* Init permission parser and load permissions.yml
*/
public function __construct()
{
$this->permissionParser = new PermissionParser();
// Try to load permissions
if (!$this->permissionParser->loadPermissions()) {
$errors = $this->permissionParser->getErrors();
\Log::error('[Laraguard] ERROR - loading of permissions failed: ' . join(' # ', $errors));
}
}
