/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$id = $request->route('id');
$referralInformation = ReferralInformation::findOrFail($id);
if (!($this->auth->user()->is('administrator') || $this->auth->user()->is('property_manager|normal_administrator') && $referralInformation->province == $this->auth->user()->profile->province) && $referralInformation->user_id != $this->auth->user()->id) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->back()->withErrors(['You are not authorized to do this action']);
}
}
return $next($request);
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function delete($id)
{
$user = Auth::user();
$referralInformation = ReferralInformation::findOrFail($id);
if ($user->is('property_manager')) {
abort(401, 'Unauthorized action.');
}
if (!$this->isEditable($referralInformation)) {
return redirect()->route($user->backendAccess . '.referrals.index')->withErrors(['Your referral can\'t be deleted because it has been followed up.']);
}
$referralInformation->delete();
return redirect()->route($user->backendAccess . '.referrals.index')->with('messages', ['Informasi referral dihapus.']);
}
