break;
case 'put':
case 'delete':
$user = User::getIndex(Session::get('user_uid'));
if ($route->getParameter('project_uuid') && (!$user || !$user->isAdmin() && !$user->isProjectAdmin($route->getParameter('project_uuid')))) {
return Response::make('Insufficient privilages.', 401);
}
break;
}
});
Route::when('projects*', 'filter_projects');
/**
* Validation of tool routes.
*/
Route::filter('filter_tools', function ($route, $request) {
$method = FiltersHelper::method();
switch ($method) {
case 'get':
case 'post':
case 'put':
case 'delete':
// check tool routes
//
$toolUuid = $route->getParameter('tool_uuid');
$isToolVersionRoute = $request->segment(3) == 'versions' || $request->segment(4) == 'versions';
if ($toolUuid && !$isToolVersionRoute) {
// get relevant attributes
//
$user = User::getIndex(Session::get('user_uid'));
$tool = Tool::where('tool_uuid', '=', $toolUuid)->first();
$isPublic = $tool->tool_sharing_status == 'public' || $tool->tool_sharing_status == 'PUBLIC';
if (!$user->isAdmin() && !$user->isProjectAdmin($request->input('project_uid'))) {
return Response::make('Unable to change project membership. Insufficient privilages.', 401);
}
$project = Project::where('project_uid', '=', $request->input('project_uid'))->first();
if ($project->trial_project_flag) {
return Response::make('Unable to change project membership. Insufficient privilages.', 401);
}
break;
}
});
Route::when('invitations*', 'filter_project_invitations');
/**
* Validation of restricted domain paths.
*/
Route::filter('filter_restricted_domains', function ($route, $request) {
switch (FiltersHelper::method()) {
case 'post':
case 'put':
case 'delete':
$user = User::getIndex(Session::get('user_uid'));
if (!$user || !$user->isAdmin()) {
return Response::make('Unable to access route. Current user is not an administrator.', 401);
}
break;
case 'get':
break;
}
});
Route::when('restricted-domains*', 'filter_restricted_domains');
/*
|--------------------------------------------------------------------------
