public function getPerms($id)
 {
     $group = Groups::where('id', '=', $id)->live()->firstOrFail();
     $currentPerms = [];
     foreach (GroupPerms::where('group_id', '=', $group->id)->get() as $row => $p) {
         $controllername = strlen($p->controller) < 1 ? "all" : $p->controller;
         $actionname = strlen($p->action) < 1 ? "all" : $p->action;
         $currentPerms[$controllername . "___" . $actionname] = $p->id;
     }
     $ControllerFiles = PermsLib::mapSystemClasses(null, true);
     // true = just public func
     return view('cms.settings.groups.perms')->withGroup($group)->withControllers($ControllerFiles)->withCurrentperms($currentPerms);
 }
Esempio n. 2
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $route = app()->router->getRoutes()->match($request);
     if (is_string($route->getAction()['uses'])) {
         if (auth()->check() && isset(auth()->user()->id)) {
             list($controller, $method) = PermsLib::getControllerMethod($route->getAction()['uses']);
             if ($controller != "auth\\authcontroller") {
                 if (!PermsLib::isPermControl($controller, $method)) {
                     return response()->view('errors.custom', ['content' => trans('app.access_denied')]);
                 }
             }
         }
     } else {
         return response()->view('errors.custom', ['content' => trans('app.access_denied')]);
     }
     return $next($request);
 }
Esempio n. 3
0
 function isperms($url = "", $method = "get")
 {
     if (PermsLib::$userperms == false) {
         PermsLib::getPermsListforUser();
     }
     // First Call
     $userPerms = PermsLib::$userperms;
     try {
         $route = app()->router->getRoutes()->match(Request::create($url, $method));
         if (!isset($route->getAction()['controller'])) {
             return false;
         }
         $action = str_replace("app\\http\\controllers\\", "", strtolower($route->getAction()['controller']));
         $action = explode('@', $action);
         if (isset($userPerms['all___all']) || isset($userPerms[@$action[0] . "___all"]) || isset($userPerms[@$action[0] . "___" . @$action[1]])) {
             return true;
         } else {
             return false;
         }
     } catch (Exception $message) {
         return false;
     }
 }