/** * Handle an incoming request. * * @param Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { list($controller, $action) = $this->getControllerAndAction(); $bindings = $this->getBindings(); $authorized = false; /** @var Roleable $user */ $user = $this->auth->user(); $args = func_get_args(); if (count($args) > 2) { // Role based authorization $roles = $this->getAllowedRoles(array_slice($args, 2)); if (!$user && in_array($this->getGuestRole(), $roles)) { $authorized = true; } elseif ($user && $user->hasRole($roles)) { $authorized = true; } } else { // Permission based authorization if ($this->gate->forUser($user)->check($action, array_merge([$controller], $bindings))) { $authorized = true; } } // if user is not authorized, we will return errror response if (!$authorized) { $this->reportUnauthorizedAttempt($controller, $action, $request, $bindings); return $this->errorResponse($request); } return $next($request); }
/** * Service Provider Boot * * @return void */ public function boot(GateContract $gate) { $this->app['xe.pluginRegister']->add(PermissionUIObject::class); foreach ($this->policies as $class => $policy) { $gate->policy($class, $policy); } }
/** * Register any application authentication / authorization services. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function boot(GateContract $gate) { foreach (get_class_methods(new \App\Policies\GenericEntityPolicy()) as $method) { $gate->define($method, "App\\Policies\\GenericEntityPolicy@{$method}"); } $this->registerPolicies($gate); }
/** * Returns whether the logged in user is allowed to edit a page. * * @return bool */ public function allowedToEdit(Page $page = null) { if ($page === null) { return true; } return Editor::isEnabled() && $this->gate->allows('edit', $page); }
/** * Service Provider Boot * * @return void */ public function boot(GateContract $gate) { $pluginRegister = $this->app['xe.pluginRegister']; $pluginRegister->add(MenuType::class); $pluginRegister->add(MenuSelect::class); $pluginRegister->add(TypeSelect::class); $pluginRegister->add(DirectLink::class); foreach ($this->policies as $class => $policy) { $gate->policy($class, $policy); } // 메뉴아이템의 링크를 편하게 제공하기 위한 resolver 등록 MenuItem::setLinkResolver(function (MenuItem $item) { $title = xe_trans($item->getAttributeValue('title')); if ($item->getRelationValue('basicImage')) { if ($item->isSelected()) { $image = $item->getSelectedImage(); } else { $image = $item->basicImage; } $hoverImage = $item->getHoverImage(); return sprintf('<img src="%s" class="__xe_menu_image" data-hover="%s" alt="%s"/>', $image, $hoverImage, $title); } return $title; }); }
/** * Updates Denomination * * @param Request $request * @param Gate $gate * @return mixed|\Symfony\Component\HttpFoundation\Response */ public function updateDenomination(Request $request, Gate $gate) { if (!$gate->check('putPostDelete', new IncomeService())) { return (new Response())->setContent('Unauthorized')->setStatusCode(401); } return $this->incomeService->updateDenomination($request->all()); }
/** * Create a new stinter instance. * * @param GateContract $gate * @param string|null $ability Name used to call the restriction */ public function __construct(GateContract $gate, $ability = null) { $this->stint = is_string($ability) ? $ability : static::class; $gate->before([$this, 'before']); $gate->define($this->stint, [$this, 'check']); $gate->after([$this, 'after']); }
/** * Deletes members funds and recalculates total * * @param $incomeServiceId * @param $memberId * @return \Illuminate\Http\JsonResponse */ public function deleteMemberFund($incomeServiceId, $memberId, Response $response, Gate $gate) { if (!$gate->check('putPostDelete', new IncomeServiceMemberFund())) { return $response->setContent('Unauthorized')->setStatusCode(401); } return response()->json($this->dispatch(new DeleteIncomeServiceMemberFundTotal($incomeServiceId, $memberId))); }
/** * Authorize the request at the given gate. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @param mixed $ability * @param mixed|array $arguments * @return \Illuminate\Auth\Access\Response * * @throws \Symfony\Component\HttpKernel\Exception\HttpException */ public function authorizeAtGate(Gate $gate, $ability, $arguments) { try { return $gate->authorize($ability, $arguments); } catch (UnauthorizedException $e) { throw $this->createGateUnauthorizedException($ability, $arguments, $e->getMessage(), $e); } }
/** * @param GateContract $gate */ protected function registerPermissions(GateContract $gate) { foreach ($this->getPermissions() as $permission) { $gate->define($permission->name, function ($user) use($permission) { return $user->hasPermission($permission); }); } }
/** * Define the permissions */ protected function definePermissions() { foreach ($this->getPermissions() as $permission) { $this->gate->define($permission->name, function ($user) use($permission) { return $user->hasRole($permission->roles); }); } }
public function boot(GateContract $gate) { $this->loadTranslation(); $gate->before(function ($user, $ability, $model) { $interceptor = new GateInterceptor($this->app['permission.store']); return $interceptor->check($user, $ability, $model); }); }
/** * @param Gate $gate * @param PermissionManager $manager */ protected function definePermissions(Gate $gate, PermissionManager $manager) { foreach ($manager->getPermissionsWithDotNotation() as $permission) { $gate->define($permission, function (HasPermissions $user) use($permission) { return $user->hasPermissionTo($permission); }); } }
private function definePolicies(GateContract $gate) { $gate->define('use-tags', function ($user) { return $user->is_staff; }); $gate->define('isStaff', function ($user) { return $user->is_staff; }); }
/** * define all permissions * * @return void */ public function definePermissions(Gate $gate) { $permissions = Role::allPermissions(); foreach ($permissions as $permission => $value) { $gate->define($permission, function (User $user) use($permission) { return $user->hasPermission($permission); }); } }
/** * checkPermission * * @return void */ protected function checkPermission() { $item = $this->getMenuItem(); $user = Auth::user(); $rating = $user->getRating(); if (!$item->activated || $rating !== 'super' && $this->gate->denies('access', $item)) { throw new AccessDeniedHttpException(); } }
/** * Register any application authentication / authorization services. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function boot(GateContract $gate) { $gate->before(function ($user) { if ($user->isAdmin()) { return true; } }); parent::registerPolicies($gate); }
protected function definePermission(Gate $gate) { $permissions = Permission::all(); foreach ($permissions as $permission) { $gate->define($permission->name, function (HasRoleAndPermission $user) use($permission) { return $user->hasPermission($permission); }); } }
/** * Register any application authentication / authorization services. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function boot(GateContract $gate) { $gate->before(function ($user) { if ($user->role === 'admin') { return true; } }); $this->registerPolicies($gate); // }
/** * Register any application authentication / authorization services. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function boot(GateContract $gate) { $gate->define('access-admin-area', function (User $user) { return $user->hasRole('admin'); }); $gate->define('create-genre', function (User $user) { return $user->hasRole('admin'); }); $this->registerPolicies($gate); }
/** * Define acl as gate permissions. * * @param Gate $gate * @param Backend $backend */ public function boot(Gate $gate, Backend $backend) { $this->app->booted(function () use($gate, $backend) { foreach ($backend->getAllAcl() as $acl => $label) { $gate->define($acl, function ($user) use($acl) { return $user instanceof User ? $user->hasAccess($acl) : false; }); } }); }
private function registerPolicies(GateContract $gate, AdminManager $admin) { $gate->before(function ($user, $ability) use($admin) { if ($ability === "admin") { if ($user && $admin->isAdmin($user)) { return $user; } } }); }
/** * Register the clipboard at the given gate. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function registerAt(Gate $gate) { $gate->before(function ($user, $ability, $model = null, $additional = null) { if (!is_null($additional)) { return; } if ($id = $this->checkGetId($user, $ability, $model)) { return $this->allow('Bouncer granted permission via ability #' . $id); } }); }
/** * Bootstrap any application services. * * @return void */ public function boot(Gate $gate) { $this->publishes([realpath(__DIR__ . '/../Database/Migrations') => $this->app->databasePath() . '/migrations'], 'migrations'); $this->publishes([__DIR__ . '/../Config' => config_path('larapress')], 'config'); if (!$this->app->routesAreCached()) { require __DIR__ . '/../Routes/routes.php'; } $this->loadViewsFrom(__DIR__ . '/../Resources/Views', 'larapress'); //roles $gate->policy(Post::class, PostPolicy::class); }
public function registerAcl(GateContract $gate) { if ($this->enabled()) { // Dynamically register permissions with Laravel's Gate. foreach ($this->getPermissions() as $permission) { $gate->define($permission->name, function ($user) use($permission) { return $user->hasPermission($permission); }); } } }
/** * Register the permissions. * * @return bool */ public function registerPermissions() { try { foreach ($this->getPermissions() as $permission) { $this->gate->define($permission->name, function ($user) use($permission) { return $user->hasRole($permission->roles); }); } } catch (\Exception $e) { } }
private function registerPolicies(GateContract $gate) { $gate->before(function ($user, $ability) { if ($ability === "sboard-write") { return $user; } }); foreach ($this->policies as $key => $value) { $gate->policy($key, $value); } }
/** * Register the application's policies. * * @param \Illuminate\Contracts\Auth\Access\Gate $gate * @return void */ public function registerPolicies(GateContract $gate) { $gate->before(function ($user, $ability) { if ($user->hasRole('SUPER')) { return true; } }); foreach ($this->policies as $key => $value) { $gate->policy($key, $value); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle(Request $request, Closure $next) { if ($this->page->aclEnabled()) { if (!$this->guard->check()) { return new RedirectResponse(route('login')); } if ($this->gate->denies('view', $this->page)) { abort(403); } } return $next($request); }
/** * Bootstrap any application services. * * @return void */ public function boot(DispatcherContract $events, Gate $gate) { $this->publishes([realpath(__DIR__ . '/../Database/Migrations') => $this->app->databasePath() . '/migrations'], 'migrations'); $this->publishes([__DIR__ . '/../Config' => config_path('larapress')], 'config'); if (!$this->app->routesAreCached()) { require __DIR__ . '/../Routes/routes.php'; } $this->loadViewsFrom(__DIR__ . '/../Resources/Views', 'larapress'); parent::boot($events); //roles $gate->policy(Portfolio::class, PortfolioPolicy::class); $events->listen(\Larapress\Portfolio\Events\PortfolioWasSaved::class, \Larapress\Portfolio\Listeners\TestListener::class); }