/** * Set permissions to be used in the controller. * * @param Request $request * @return void */ public function permissions(Request $request) { $this->lock->setRole(User::$userTypes); $user = $this->jwtAuth->user(); $owner = [User::class, 'userIsOwner', $user, last($request->segments())]; $this->lock->role(User::USER_TYPE_ADMIN)->permit(['readAll', 'readOne', 'update', 'delete']); $this->lock->role(User::USER_TYPE_GUEST)->permit(['readOne', 'update'], [$owner]); $this->middleware('permission:readAll', ['only' => 'getAllPaginated']); $this->middleware('permission:readOne', ['only' => 'getOne']); $this->middleware('permission:update', ['only' => 'patchOne']); $this->middleware('permission:delete', ['only' => 'deleteOne']); }