Ejemplo n.º 1
0
 /**
  * Handle an incoming request.
  *
  * @param  Request $request
  * @param  \Closure $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     list($controller, $action) = $this->getControllerAndAction();
     $bindings = $this->getBindings();
     $authorized = false;
     /** @var Roleable $user */
     $user = $this->auth->user();
     $args = func_get_args();
     if (count($args) > 2) {
         // Role based authorization
         $roles = $this->getAllowedRoles(array_slice($args, 2));
         if (!$user && in_array($this->getGuestRole(), $roles)) {
             $authorized = true;
         } elseif ($user && $user->hasRole($roles)) {
             $authorized = true;
         }
     } else {
         // Permission based authorization
         if ($this->gate->forUser($user)->check($action, array_merge([$controller], $bindings))) {
             $authorized = true;
         }
     }
     // if user is not authorized, we will return errror response
     if (!$authorized) {
         $this->reportUnauthorizedAttempt($controller, $action, $request, $bindings);
         return $this->errorResponse($request);
     }
     return $next($request);
 }
Ejemplo n.º 2
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->user()->type->code !== 'ADT' && $this->auth->user()->type->code !== 'OPT') {
         return redirect('home');
     }
     return $next($request);
 }
Ejemplo n.º 3
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next, $role)
 {
     if (!$this->auth->user()->hasRole($role)) {
         throw new RoleDeniedException($role);
     }
     return $next($request);
 }
Ejemplo n.º 4
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!$this->auth->user()) {
         return redirect('/');
     }
     return $next($request);
 }
Ejemplo n.º 5
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!$this->auth->check() || !$this->auth->user()->hasRole($this->role)) {
         App::abort(401);
     }
     return $next($request);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->check() && $this->auth->user()->role_id == 1) {
         return new RedirectResponse(route('adminHome'));
     }
     return $next($request);
 }
Ejemplo n.º 7
0
 /**
  * We're verifying that the current user is logged in to Cachet and is an admin level.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure                 $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!$this->auth->check() || $this->auth->check() && !$this->auth->user()->isAdmin) {
         throw new HttpException(401);
     }
     return $next($request);
 }
Ejemplo n.º 8
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure                 $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->check()) {
         return new RedirectResponse($this->auth->user()->getHomeUrl());
     }
     return $next($request);
 }
 /**
  * updates Activity Document Link
  * @param array                $documentLink
  * @param ActivityDocumentLink $activityDocumentLink
  * @return bool
  */
 public function update(array $documentLink, ActivityDocumentLink $activityDocumentLink)
 {
     try {
         $this->database->beginTransaction();
         $documentLinkExists = $activityDocumentLink->exists;
         $activityId = $activityDocumentLink->activity_id;
         $documentManager = app(DocumentManager::class);
         if ($documentLinkExists) {
             $url = $activityDocumentLink->document_link['url'];
             $document = $documentManager->getDocument(session('org_id'), $url);
             $activities = (array) $document->activities;
             unset($activities[$activityId]);
             $document->activities = $activities;
             $documentManager->update($document);
         }
         $url = $documentLink[0]['url'];
         $document = $documentManager->getDocument(session('org_id'), $url);
         $activities = (array) $document->activities;
         $identifier = $activityDocumentLink->activity->identifier['activity_identifier'];
         $activities[$activityId] = $identifier;
         $document->activities = $activities;
         $documentManager->update($document);
         $this->DocumentLinkRepo->update($documentLink, $activityDocumentLink);
         $this->database->commit();
         $this->logger->info(sprintf('Activity Document Link %s!', $documentLinkExists ? 'updated' : 'saved'), ['for' => $documentLink]);
         $this->dbLogger->activity(sprintf("activity.document_link_%s", $documentLinkExists ? 'updated' : 'saved'), ['activity_id' => $activityDocumentLink->activity_id, 'document_link_id' => $activityDocumentLink->id, 'organization' => $this->auth->user()->organization->name, 'organization_id' => $this->auth->user()->organization->id]);
         return true;
     } catch (\Exception $exception) {
         $this->database->rollback();
         $this->logger->error($exception, ['documentLink' => $documentLink]);
     }
     return false;
 }
Ejemplo n.º 10
0
 /**
  * Handle an incoming request.
  * This middleware must be handled after the
  * Authentication middleware.
  *
  * @param  Request $request
  * @param  \Closure $next
  *
  * @return mixed
  */
 public function handle(Request $request, Closure $next)
 {
     if ($this->auth->user()->level() < 3) {
         return abort(401, 'Non sei autorizzato');
     }
     return $next($request);
 }
Ejemplo n.º 11
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle($request, Closure $next, $role = null, $permission = null)
 {
     // Check the user is logged in
     if ($this->auth->guest()) {
         return back(403)->withError(trans('ethereal-auth::middleware.403'));
     }
     // If empty role and empty permission, authenticated user get access
     if (empty($role) && empty($permission)) {
         return $next($request);
     }
     // Get the authenticated user
     $user = $this->auth->user();
     // Check the user has the role with the right permission
     if (!empty($role) && !empty($permission)) {
         if ($user->is($role) && $user->can($permission, $role)) {
             return $next($request);
         }
     }
     // Check the user has the right role
     if (empty($role) && !empty($permission)) {
         if ($user->is($role)) {
             return $next($request);
         }
     }
     // Check the user has the right permission
     if (!empty($role) && empty($permission)) {
         if ($user->can($permission)) {
             return $next($request);
         }
     }
     return back(403)->withError(trans('ethereal-auth::middleware.403'));
 }
Ejemplo n.º 12
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->guest()) {
         if ($request->ajax()) {
             return response('Unauthorized.', 401);
         } else {
             return redirect()->route('auth.signin');
         }
     } else {
         $user = $this->auth->user();
         if ($user->ban) {
             if ($request->ajax()) {
                 return response('Unauthorized.', 401);
             } else {
                 $this->auth->logout();
                 notify()->flash('Banned', 'error', ['text' => $user->ban_reason]);
                 return redirect()->route('auth.signin');
             }
         }
     }
     /*$ipInfo = getIpInfo($request->getClientIp());
       if($ipInfo){
           if(isset($ipInfo['timezone'])){
               if($ipInfo['timezone'] != $this->auth->user()->timezone){
                   $this->auth->user()->update([
                       'timezone' => $ipInfo['timezone']
                   ]);
               }
           }
       }*/
     return $next($request);
 }
Ejemplo n.º 13
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->check()) {
         return redirect($this->auth->user()->role->redirect);
     }
     return $next($request);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure                 $next
  * @return void|mixed
  */
 public function handle(Request $request, Closure $next)
 {
     if (!$this->app->isDownForMaintenance()) {
         return $next($request);
     }
     if ($request->segment(1) == 'admin') {
         return $next($request);
     }
     if (in_array($request->getClientIp(), $this->config->get('streams::maintenance.ip_whitelist', []))) {
         return $next($request);
     }
     /* @var UserInterface $user */
     $user = $this->guard->user();
     if ($user && $user->isAdmin()) {
         return $next($request);
     }
     if ($user && $this->authorizer->authorize('streams::maintenance.access')) {
         return $next($request);
     }
     if (!$user && $this->config->get('streams::maintenance.auth')) {
         /* @var Response|null $response */
         $response = $this->guard->onceBasic();
         if (!$response) {
             return $next($request);
         }
         $response->setContent(view('streams::errors.401'));
         return $response;
     }
     abort(503);
 }
Ejemplo n.º 15
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!$this->auth->check() or !$this->auth->user()->canAccessAdminPanel()) {
         return redirect('/auth/login?ref=admin');
     }
     return $next($request);
 }
Ejemplo n.º 16
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next, $roleNames)
 {
     if ($this->auth->guest()) {
         if ($request->ajax()) {
             return response('Unauthorized.', 401);
         } else {
             return redirect()->guest('auth/login');
         }
     }
     $hasNew = str_contains($roleNames, 'new');
     foreach (explode('+', $roleNames) as $role) {
         if ($role == 'new') {
             continue;
         }
         if ($this->auth->user()->access()->{$role}) {
             return $next($request);
         }
         if ($hasNew) {
             if ($this->auth->user()->access()->role == $role) {
                 return $next($request);
             }
         }
     }
     App::abort(403, 'Unauthorized action.');
 }
Ejemplo n.º 17
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure $next
  * @param int|string $role
  * @return view
  */
 public function handle($request, Closure $next, $role)
 {
     if ($this->auth->check() && $this->auth->user()->is($role)) {
         return $next($request);
     }
     return $this->auth->check() ? view('lcp::auth.errors.role')->withError($role) : view('lcp::auth.login');
 }
 /**
  * @param EntryStoreRequest $request
  * @return \Illuminate\Http\RedirectResponse
  */
 public function store(EntryStoreRequest $request)
 {
     $input = $request->only(['title', 'body']);
     $input['user_id'] = $this->guard->user()->id;
     $this->entry->addEntry($input);
     return redirect()->route('admin.entry.index');
 }
Ejemplo n.º 19
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure $next
  * @param int $level
  * @return mixed
  * @throws \Bican\Roles\Exceptions\LevelDeniedException
  */
 public function handle($request, Closure $next, $level)
 {
     if ($this->auth->check() && $this->auth->user()->level() >= $level) {
         return $next($request);
     }
     throw new LevelDeniedException($level);
 }
Ejemplo n.º 20
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure                 $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     // If the user isn't logged in or they are part of a different city
     // deny access, otherwise go for it. Might be worth adding a message to
     // explain what happened on redirect.
     $city = City::findByIATA($request->route()->getParameter('city'))->first();
     if ($this->auth->guest()) {
         if ($request->ajax()) {
             return response('Unauthorized.', 401);
         } else {
             Notification::error('You need to be logged in to view that.');
             return redirect()->guest('auth/login');
         }
     } else {
         if ($city && $this->auth->user()->city_id !== $city->id) {
             Notification::error('You don\'t have permissions for that city.');
             if ($request->ajax()) {
                 return response('Unauthorized.', 401);
             } else {
                 return redirect('/' . $city->iata);
             }
         }
     }
     return $next($request);
 }
Ejemplo n.º 21
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure $next
  * @param int|string $permission
  * @return mixed
  * @throws \Bican\Roles\Exceptions\PermissionDeniedException
  */
 public function handle($request, Closure $next, $permission)
 {
     if ($this->auth->check() && $this->auth->user()->may($permission)) {
         return $next($request);
     }
     throw new PermissionDeniedException($permission);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->user()->uncompleteProfile) {
         return redirect()->route('user.edit', $this->auth->id())->with('message', 'Debe completar sus datos en el perfil');
     }
     return $next($request);
 }
Ejemplo n.º 23
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!$this->auth->user()->isAdmin()) {
         return response('Unauthorized.', 401);
     }
     return $next($request);
 }
Ejemplo n.º 24
0
 /**
  * Check permission
  * 
  * @return boolean
  */
 protected function checkPermission($permission = 'manage', $role = 'admin')
 {
     if ($this->auth->guest()) {
         return false;
     }
     return $this->auth->user()->can($permission) || $this->auth->user()->hasRole($role);
 }
Ejemplo n.º 25
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (is_null($this->auth->user()->household)) {
         return redirect(route('household.create'));
     }
     return $next($request);
 }
Ejemplo n.º 26
0
 /**
  * Handle an incoming request.
  * only allow if the user role is Admin
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->guest() || !$this->auth->user()->isAdmin()) {
         abort(404);
     }
     return $next($request);
 }
Ejemplo n.º 27
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure $next
  * @param int|string $role
  * @return mixed
  * @throws \FWM\Roles\Exceptions\RoleDeniedException
  */
 public function handle($request, Closure $next, $role)
 {
     if ($this->auth->check() && $this->auth->user()->is($role)) {
         return $next($request);
     }
     throw new RoleDeniedException($role);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->check() and $this->auth->user()->is('admin')) {
         return new RedirectResponse(route('home'));
     }
     return $next($request);
 }
Ejemplo n.º 29
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure                 $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->auth->check() && $this->auth->user()->isRestricted()) {
         return error_popup(trans('errors.no_restricted_access'));
     }
     return $next($request);
 }
Ejemplo n.º 30
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!$this->auth->user()->is_active) {
         return redirect(route('disabled'));
     }
     return $next($request);
 }