/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//step1 check if the administrator has logged in
if (!session(config('app.admin_session'))) {
return redirect(url('admin', 'login'));
}
//step2 check the permissions of the current admin
$nav = "";
$current_route = collect(Route::getCurrentRoute())->first();
$permissions = array();
// to generate the sidebar menus
$my_permissions = array();
// all the permissions that the current admin has
$temp = array();
// filter the possible repeat menu
$user = Admin::user();
if ($user) {
foreach ($user->roles as $role) {
$permissions_all = $role->permissions;
foreach ($permissions_all as $key => $permission) {
if ($current_route == $permission->permission) {
$nav = $permission->permission_name;
}
/*
* to get sidebar menus by is_show column,
* if is_show == 1, the menu shows
*/
if ($permission->is_show == 1) {
if (in_array($permission->permission_name, $temp)) {
/*
* if a user has multi roles, and these roles has cross permissions, to avoid
* a repeated menu
* $temp array is for this
*/
continue;
}
$permissions[] = array('url' => substr($permission->permission, 6), 'permission_name' => $permission->permission_name);
$temp[] = $permission->permission_name;
}
$my_permissions[] = $permission->permission;
}
}
}
// array_unique used just like $temp array
if (!in_array($current_route, array_unique($my_permissions))) {
return redirect()->back()->withErrors("Permission Denied!!!");
}
view()->share('nav', $nav);
view()->share('permissions', $permissions);
return $next($request);
}
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$user = new User();
$user->name = 'Sudo';
$user->surname = 'Su';
$user->email = '*****@*****.**';
$user->password = '******';
$user->verified = true;
$user->save();
$admin = new Admin();
$admin->cert_auth = '*****@*****.**';
$admin->save();
$admin->user()->save($user);
}
