protected function checkUserAccess() { $currentUserId = Session::get('currentUser'); $currentUserRole = User::getCurrentUser($currentUserId); $currentRole = Role::getCurrentRole($currentUserRole->role_id)->name; if ($currentUserRole->role_id == 1 || $currentUserRole->role_id == 2) { return true; } return App::abort(403, 'Access denied'); //return $currentUserID; }
/** * Creates data provider instance with search query applied * * @param array $params * * @return ActiveDataProvider */ public function search($params) { $query = Role::find(); $dataProvider = new ActiveDataProvider(['query' => $query]); $this->load($params); if (!$this->validate()) { // uncomment the following line if you do not want to any records when validation fails // $query->where('0=1'); return $dataProvider; } $query->andFilterWhere(['id' => $this->id, 'created_at' => $this->created_at, 'updated_at' => $this->updated_at, 'weight' => $this->weight]); $query->andFilterWhere(['like', 'title', $this->title])->andFilterWhere(['like', 'description', $this->description]); return $dataProvider; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // Get the required roles from the route $roles = $this->getRequiredRoleForRoute($request->route()); // Check if a role is required for the route, and // if so, ensure that the user has that role. $currentUserId = Session::get('currentUser'); $currentUserRole = User::getCurrentUser($currentUserId); $currentRole = Role::getCurrentRole($currentUserRole->role_id)->name; if (in_array($currentRole, $roles)) { return $next($request); } // return response([ // 'error' => [ // 'code' => 'INSUFFICIENT_ROLE', // 'description' => 'You are not authorized to access this resource.' // ] // ], 403); return App::abort(403, 'Access denied'); }
protected function getCurrentRole($id) { $currentUserRole = Role::where('id', $id)->first(); return $currentUserRole; }
$factory->define(Rental::class, function (Faker\Generator $faker) { $array = ['property_id' => $faker->randomElement(Property::all()->all())->id, 'dailyAmount' => $faker->randomFloat(4, 500 / 30, 2000 / 30), 'from' => random_int(0, 1) === 0 ? null : $faker->dateTimeBetween('-10 years'), 'to' => random_int(0, 1) === 0 ? null : $faker->dateTimeBetween('now', '+10 years'), 'media_ids' => []]; for ($i = 0; $i < random_int(1, 10); $i++) { $array['media_ids'][] = $faker->randomElement(Media::all()->all())->id; } $array['media_ids'] = json_encode($array['media_ids']); return $array; }); $factory->define(AdminAccess::class, function (Faker\Generator $faker) { do { $array = ['rental_id' => $faker->randomElement(Rental::all()->all())->id, 'role_id' => $faker->randomElement(Role::all()->all())->id, 'canManage' => $faker->boolean(), 'canManage' => $faker->boolean(), 'canIssue' => $faker->boolean(), 'canDocument' => $faker->boolean(), 'canStatement' => $faker->boolean(), 'canMessage' => $faker->boolean()]; } while (AdminAccess::where(['rental_id' => $array['rental_id'], 'role_id' => $array['role_id']])->get()->count() > 0); return $array; }); $factory->define(Issue::class, function (Faker\Generator $faker) { return ['requester_user_id' => $faker->randomElement(User::all()->all())->id, 'rental_id' => $faker->randomElement(Rental::all()->all())->id, 'status' => $faker->words(random_int(1, 2), true)]; }); $factory->define(IssueDetail::class, function (Faker\Generator $faker) { $array = ['issue_id' => $faker->randomElement(Issue::all()->all())->id, 'content' => $faker->sentences(random_int(1, 200), true), 'type' => $faker->words(random_int(1, 2), true), '3rdParty' => $faker->url, 'priority' => $faker->numberBetween(0, 5), 'media_ids' => []]; for ($i = 0; $i < random_int(1, 10); $i++) { $array['media_ids'][] = $faker->randomElement(Media::all()->all())->id; } $array['media_ids'] = json_encode($array['media_ids']); return $array; }); $factory->define(IssueProgress::class, function (Faker\Generator $faker) { return ['issue_id' => $faker->randomElement(Issue::all()->all())->id, 'content' => $faker->sentences(random_int(1, 200), true)]; }); $factory->define(RentalUser::class, function (Faker\Generator $faker) { return ['user_id' => $faker->randomElement(User::all()->all())->id, 'role_id' => $faker->randomElement(Role::all()->all())->id, 'rental_id' => $faker->randomElement(Rental::all()->all())->id]; });
/** * Finds the Role model based on its primary key value. * If the model is not found, a 404 HTTP exception will be thrown. * @param integer $id * @return Role the loaded model * @throws NotFoundHttpException if the model cannot be found */ protected function findModel($id) { if (($model = Role::findOne($id)) !== null) { return $model; } else { throw new NotFoundHttpException('The requested page does not exist.'); } }