Get the resource owner ID of the current request.
public static getResourceOwnerId ( ) : string | ||
return | string |
public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->project; return $this->repository->isOwner($projectId, $userId) == false; return $next($request); }
public function index(Request $request) { if ($request->query->get('project_type', 'owner') == 'owner') { return $this->repository->findOwner(\Authorizer::getResourceOwnerId(), $request->query->get('limit')); } return $this->repository->findMember(\Authorizer::getResourceOwnerId(), $request->query->get('limit')); }
/** * Display a listing of the resource. * * @return Response */ public function index() { return $this->repository->findWhere(['owner_id' => \Authorizer::getResourceOwnerId()]); //return $this->repository->findWithOwnerAndMember(Authorizer::getResourceOwnerId()); //return $this->repository->all(); //return $this->repository->with(['client', 'user'])->all(); }
/** * Retorna o user logado no OAuth * @return int * @throws \Exception */ protected function getAuthUserId() { $userId = \Authorizer::getResourceOwnerId(); if (is_null($userId)) { $this->failedAuthorization(); } return $userId; }
/** * Display a listing of the resource. * * @return Response */ public function index(Request $request) { //return $this->repository->findWhere(['owner_id' => \Authorizer::getResourceOwnerId()]); //return $this->repository->findWithOwnerAndMember(\Authorizer::getResourceOwnerId()); return $this->repository->findOwner(\Authorizer::getResourceOwnerId(), $request->query->get('limit')); //return $this->repository->all(); //return $this->repository->with(['client', 'user'])->all(); }
public function all($limit = null) { try { return $this->repository->setPresenter($this->presenter)->findWithOwnerAndMember(\Authorizer::getResourceOwnerId(), $limit); } catch (\Exception $e) { return ["error" => true, "message" => 'Nenhum registro encontrado.', "messageDev" => $e->getMessage()]; } }
public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->project; if ($this->repository->isOwner($id, $userId) == false) { return ['error' => 'Access forbidden']; } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projeto = $request->projeto; if ($this->repository->isOwner($projeto, $userId) == false) { return ['error' => 'Access Forbbiden']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->projects; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => 'Access denied! You must be the project owner to access this resource']; } return $next($request); }
public function store(Requests\CheckoutRequest $request) { $data = $request->all(); $id = \Authorizer::getResourceOwnerId(); $clientId = $this->userRepository->find($id)->client->id; $data['client_id'] = $clientId; $order = $this->service->create($data); return $this->repository->with($this->with)->find($order->id); }
public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $project_id = $request->id; if (!$this->repository->isOwner($userId, $project_id)) { return ['error' => 'Access forbiden!']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->project; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => "Acesso negado"]; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->project; if ($this->service->isOwner($projectId, $userId) == false) { return ['sucess' => false]; } return $next($request); }
public function projectsMember(Request $request) { try { return $this->repository->findMember(\Authorizer::getResourceOwnerId(), $request->query->get('limit')); } catch (NoActiveAccessTokenException $e) { return $this->erroMsgm('Usuário não está logado.'); } catch (\Exception $e) { return $this->erroMsgm('Ocorreu um erro ao listar os projetos. Erro: ' . $e->getMessage()); } }
/** * Display a listing of the resource. * * @return \Illuminate\Http\Response */ public function index() { try { return $this->repository->with(['owner', 'client'])->findWhere(['owner_id' => \Authorizer::getResourceOwnerId()]); } catch (NoActiveAccessTokenException $e) { return $this->erroMsgm('Usuário não está logado.'); } catch (\Exception $e) { return $this->erroMsgm('Ocorreu um erro ao listar os projetos. Erro: ' . $e->getMessage()); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $user_id = \Authorizer::getResourceOwnerId(); $project_id = $request->project; $projects = $this->repository->skipPresenter()->findWhere(['id' => $project_id, 'owner_id' => $user_id]); if (count($projects) == false) { return ['error' => 'Access forbidden']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $project_id = $request->route('project') ? $request->route('project') : $request->all()['project_id']; $user_id = \Authorizer::getResourceOwnerId(); if (is_null(Project::find($project_id))) { return Errors::invalidId($project_id); } if (!$this->repository->isMember($project_id, $user_id)) { return Errors::basic('Acesso negado! Você não é membro deste projeto.'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $note_id = $request->note; $user_id = \Authorizer::getResourceOwnerId(); $note = ProjectNote::find($note_id); if (is_null($note)) { return Errors::invalidId($note_id); } if (!$this->repository->isMember($note->project_id, $user_id)) { return Errors::basic('Acesso negado! Você não é membro do projeto desta nota.'); } return $next($request); }
public function delete($id) { $pm = ProjectMember::find($id); if (is_null($pm)) { return Errors::invalidId($id); } // Lembrete: a verificacao se o usuario autenticado eh o dono do projeto ja foi // feita via middleware. Basta agora testar se o membro nao eh o usuario autenticado $user_id = \Authorizer::getResourceOwnerId(); if ($user_id == $pm->user_id) { return Errors::basic("Voce eh dono do projeto e portanto nao pode se excluir dele"); } $this->repository->delete($id); return ['message' => "Registro deletado!"]; }
protected static function bootLogsActivity() { foreach (static::getRecordActivityEvents() as $eventName) { static::$eventName(function (LogsActivityInterface $model) use($eventName) { $activity = $model->getActivityDescriptionForEvent($eventName); $message = isset($activity['logs']) ? $activity['logs'] : ''; $attributes = isset($activity['attributes']) ? $activity['attributes'] : []; // Integration with lucadegasperi/oauth2-server-laravel $user_id = \Authorizer::getChecker()->getAccessToken() ? \Authorizer::getResourceOwnerId() : false; if ($message != '') { Activity::log($message, $user_id, $attributes); } }); } }
/** * Execute the console command. * * @return mixed */ public function handle() { $hash = $this->argument('hash'); $key = $this->argument('key'); try { \Authorizer::validateAccessToken(false, $key); $resourceOwnerId = \Authorizer::getResourceOwnerId(); $user = \Authorization::loginUsingId($resourceOwnerId); if ($user->hash === $hash) { $this->info('Authenticated'); } else { throw new \Exception('User hash does not match auth key'); } } catch (OAuthException $e) { throw new \Exception('Authentication error: invalid authentication key'); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //retorna o ID do usuário na tela para verificar se é o correto // return ['userId'=> \Authorizer::getResourceOwnerId()]; //pega o usuário logado de acordo com o access token $userId = \Authorizer::getResourceOwnerId(); //rodando o php artisan route:list, podemos ver que o resource criou um parametro //no caso do project criou como {project}, conforme abaixo /*| Domain | Method | URI | Name | Action | Middleware | *| | GET|HEAD | project/{project} | project.show | CodeProject\Http\Controllers\ProjectController@show | oauth | */ $projectId = $request->project; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => 'Access forbidden']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $user_id = \Authorizer::getResourceOwnerId(); $project_id = $request->project; $rtrn = $this->repository->checkOwnershipAndMembership($user_id, $project_id); #dd($user_id, $project_id, $rtrn); if ($rtrn) { return $next($request); } //return ['error'=>'Access denied']; abort(403, 'Você não tem permissão para acessar este projeto'); #inutilizado abaixo $project_id = $request->project; /*if( $this->repository->isMember($project_id,$user_id) == false){ return ['error'=>'Access forbidden']; }*/ if (count($this->repository->find($user_id)->projects()->where(['project_id' => $project_id])->get()) == false) { return ['error' => 'Access forbidden']; } return $next($request); }
private function checkProjectMember($projectId) { $userId = \Authorizer::getResourceOwnerId(); return $this->repository->hasMember($projectId, $userId); }
/** * Get the channels the event should broadcast on. * * @return array */ public function broadcastOn() { return ['user.' . \Authorizer::getResourceOwnerId()]; //return 1; }
public function transform(Project $project) { return ['project_id' => $project->id, 'client_id' => $project->client_id, 'owner_id' => $project->owner_id, 'name' => $project->name, 'description' => $project->description, 'progress' => (int) $project->progress, 'status' => (int) $project->status, 'due_date' => $project->due_date, 'is_member' => $project->owner_id != \Authorizer::getResourceOwnerId(), 'tasks_count' => $project->tasks->count(), 'tasks_opened' => $this->countTasksOpened($project)]; }
public function transform(Project $model) { return ['id' => (int) $model->id, 'client_id' => (int) $model->client_id, 'owner_id' => (int) $model->owner_id, 'name' => $model->name, 'description' => $model->description, 'progress' => (int) $model->progress, 'due_date' => $model->due_date, 'is_member' => $model->owner_id != \Authorizer::getResourceOwnerId(), 'status' => (int) $model->status, 'status_str' => $this->resolveStatus($model->status), 'tasks_count' => $model->tasks->count(), 'tasks_opened' => $this->countTasksOpened($model), 'created_at' => $model->created_at->format('Y-m-d H:i:s')]; }
$formParams['client_id'] = $authParams['client']->getId(); return view('oauth.authorization-form', ['params' => $formParams, 'client' => $authParams['client']]); }]); Route::post('oauth/authorize', ['as' => 'oauth.authorize.post', 'middleware' => ['check-authorization-params', 'auth'], function () { $params = Authorizer::getAuthCodeRequestParams(); $params['user_id'] = Auth::user()->id; $redirectUri = ''; // if the user has allowed the client to access its data, redirect back to the client with an auth code if (Input::get('approve') !== null) { $redirectUri = Authorizer::issueAuthCode('user', $params['user_id'], $params); } // if the user has denied the client to access its data, redirect back to the client with an error message if (Input::get('deny') !== null) { $redirectUri = Authorizer::authCodeRequestDeniedRedirectUri(); } return Redirect::to($redirectUri); }]); Route::post('oauth/access_token', function () { return Response::json(Authorizer::issueAccessToken()); }); Route::get('api/user', ['middleware' => 'oauth', function () { $user_id = Authorizer::getResourceOwnerId(); $user = \App\Droit\User\Entities\User::find($user_id); return Response::json(['first_name' => $user->first_name, 'last_name' => $user->last_name, 'email' => $user->email, 'id' => $user_id]); }]); /* * Only for development * */ if (App::environment('local')) { require app_path() . '/Http/dev.php'; }
public function show($id) { //['client','items.product','cupom','deliveryman'] $idUser = Authorizer::getResourceOwnerId(); return $this->orderRepository->skipPresenter(false)->with($this->whith)->findWhere(['client_id' => $idUser, 'id' => $id]); }
/** * Display a listing of the resource. * * @return \Illuminate\Http\Response */ public function index(Request $request) { return $this->repository->findOwner(\Authorizer::getResourceOwnerId(), $request->query->get('limit')); }