/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
$roleId = $request->get('role-id');
foreach ($request->all() as $key => $val) {
//condider only the checkboxes
if ($key !== '_token' && $key !== 'role-id') {
$roleDetail = RoleDetail::firstOrNew(['id_role' => $roleId, 'id_module' => $key]);
$modActions = $this->getActionsArray($val);
$roleDetail->fill(['mod_show' => $modActions['mod_show'], 'mod_insert' => $modActions['mod_insert'], 'mod_update' => $modActions['mod_update'], 'mod_delete' => $modActions['mod_delete']]);
$roleDetail->save();
}
}
//Rate::create($request->all());
return \Redirect::route('admin.roles.index');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$actions = array();
//Get the controller and the action from the route
$controller = explode("@", $request->route()->getActionName());
$controllerName = explode('Controllers\\', $controller[0])[1] . ".php";
$controllerAction = $controller[1];
//find module with the same name of the controller
$module = Module::where('name', $controllerName)->first();
//Get the role detail for the corresponing user role and module
$roleDetail = RoleDetail::where('id_role', $this->auth->user()->role->id)->where('id_module', $module->id)->first();
//Check if action is allowed according to roleDetails mod_show, mod_insert, mod_update, mod_delete
$this->checkAction($controllerAction, $roleDetail, $request);
return $next($request);
}
private static function checkAction($roleId, $item)
{
//if($item->id_module == 0 )
// return true;
$roleDetail = RoleDetail::where('id_role', $roleId)->where('id_module', $item->id_module)->first();
if ($roleDetail !== null) {
if ($item->action === 'index' || $item->action === 'show') {
if ($roleDetail->mod_show == 0) {
return false;
} else {
return true;
}
} else {
if ($item->action === 'create' || $item->action === 'store') {
if ($roleDetail->mod_insert == 0) {
return false;
} else {
return true;
}
} else {
if ($item->action === 'edit' || $item->action === 'update') {
if ($roleDetail->mod_update == 0) {
return false;
} else {
return true;
}
} else {
if ($item->action === 'delete') {
if ($roleDetail->mod_delete == 0) {
return false;
} else {
return true;
}
}
}
}
}
}
return false;
}
