/**
* Handle middleware
*
* @param Request $request
* @param callable $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
//Get account
$account = $this->getAccountFromRouting();
//Set account in context
$this->context->setAccount($account);
//If the owner type is User
if ($this->authorizer->getResourceOwnerType() == 'user') {
//Find the user
$user = $this->userRepository->find($this->authorizer->getResourceOwnerId());
//If we have account in the route
if ($account) {
//Check if the user has access to the account
if (!$user->isAssociateToAccount($account)) {
return $this->response->errorUnauthorized("You don't have access to the account {$account->uuid}");
}
}
//Add context processor to log
$this->log->addProcessors([new ContextProcessor($user, isset($account) ? $account : null)]);
//Set the user in context
$this->context->setUser($user);
}
// Set application locale
$this->setApplicationLocale();
return $next($request);
}
/**
* @param $attribute
* @param $value
* @param $parameters
* @return bool
*/
public function validate($attribute, $value, $parameters)
{
//If the email already exist in the account, the validation must fail !!
if ($this->userRepository->isEmailExistForThisAccount($this->context->account(), $value)) {
return false;
}
return true;
}
/**
* @param $userId
* @return mixed
*/
public function show($userId)
{
$this->authorize('current', $this->userRepository->findByUuid($userId));
return $this->response->withItem($this->userRepository->findByUuid($userId), new UserTransformer());
}
/**
* @param UserRepository $userRepository
*/
public function handle(UserRepository $userRepository, Dispatcher $dispatcher)
{
$user = $userRepository->create(['firstname' => $this->firstName, 'lastname' => $this->lastName, 'email' => $this->email, 'password' => $this->password, 'timezone' => $this->timezone]);
$dispatcher->fire(new UserWasCreated($user));
return $user;
}
