protected function checkRoleInheritance(User $user = null, $roleName) { //未登入直接不通過 if (!$user) { return false; } //直接擁有該角色 if ($user->hasRole($roleName)) { return true; } //檢查角色是否存在 $role = Role::where('name', $roleName)->first(); if (!$role) { return false; } //檢查擁有的角色,是否繼承欲檢查之角色 $roleList = $user->roles; foreach ($roleList as $roleItem) { if (isset(static::$inheritance[$roleItem->name]) || array_key_exists($roleItem->name, static::$inheritance)) { //繼承表有該角色 $roleInheritanceList = static::$inheritance[$roleItem->name]; if (is_array($roleInheritanceList)) { foreach ($roleInheritanceList as $roleInheritance) { if ($roleInheritance = $role->name) { return true; } } } } } return false; }
public function store(Request $request, $id = null) { if (isset($id)) { if ($request->input('password')) { $validator = Validator::make($request->only('username', 'email', 'password', 'password_confirmation'), $this->user->update_rules_with_password); } else { $validator = Validator::make($request->only('username', 'email', 'password', 'password_confirmation'), $this->user->update_rules); } } else { $validator = Validator::make($request->only('username', 'email', 'password', 'password_confirmation'), $this->user->create_rules); } if ($validator->passes()) { if (isset($id)) { $user = $this->user->find($id); } else { $user = new User(); } $user->username = $request->input('username'); $user->email = $request->input('email'); if ($request->input('password')) { $user->password = Hash::make($request->input('password')); } $user->save(); $role = Role::where('role_name', 'admin')->first(); if ($request->input('admin')) { $user->roles()->attach($role); } else { if ($user->hasRole('admin')) { $user->roles()->detach($role); } } return redirect()->to('users')->with(['success' => 'Saved ' . $user->username]); } else { return redirect()->back()->withInput()->withErrors($validator->messages()); } }
public function show(User $user, Group $group) { return $user->hasRole('manager') && $user->organization->id === $group->organization->id; }
public function pdf(User $user, Report $report) { return $user->hasRole('manager') && $user->id === $report->owner->id; }
/** * Determine if user is admin then bypass all checks * * @param \App\User $user * @param \App\Model\Permission $permission * @return bool */ public function before($user, $ability) { if ($user->hasRole('admin')) { return true; } }
/** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Http\Response */ public function destroy(User $user, $role_id) { if (!Auth::user()->can('administrate-permissions')) { abort(401, "You can not edit user permissions"); } $role = Role::where('id', '=', $role_id)->firstOrFail(); if (!$user->hasRole($role->name)) { abort(403, "User doesn't have the role id of ({$role_id})"); } $user->removeUserRole($role_id); return $user; }
public function authenticated($request, User $user) { if ($user->hasRole('customer')) { $this->redirectTo = '/customer/'; } return redirect()->intended($this->redirectPath()); }