protected function checkUserAccess()
{
$currentUserId = Session::get('currentUser');
$currentUserRole = User::getCurrentUser($currentUserId);
$currentRole = Role::getCurrentRole($currentUserRole->role_id)->name;
if ($currentUserRole->role_id == 1 || $currentUserRole->role_id == 2) {
return true;
}
return App::abort(403, 'Access denied');
//return $currentUserID;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// Get the required roles from the route
$roles = $this->getRequiredRoleForRoute($request->route());
// Check if a role is required for the route, and
// if so, ensure that the user has that role.
$currentUserId = Session::get('currentUser');
$currentUserRole = User::getCurrentUser($currentUserId);
$currentRole = Role::getCurrentRole($currentUserRole->role_id)->name;
if (in_array($currentRole, $roles)) {
return $next($request);
}
// return response([
// 'error' => [
// 'code' => 'INSUFFICIENT_ROLE',
// 'description' => 'You are not authorized to access this resource.'
// ]
// ], 403);
return App::abort(403, 'Access denied');
}
