/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $this->next = $next; $this->request = $request; $this->requestParser = new RequestParser($request); $this->permissionParser = new PermissionParser($this->requestParser); // Try to load permissions if (!$this->permissionParser->loadPermissions()) { $errors = $this->permissionParser->getErrors(); \Log::error('[Laraguard] ERROR - loading of permissions failed: ' . join(' # ', $errors)); return $this->returnError($errors); } if ($this->permissionParser->debugging()) { \Log::info('[Laraguard] REQUEST - ControllerPath: ' . $this->requestParser->getControllerMethodPath()); } // Handle sessions vars (laraguard_lastDenied) $this->updateSession(); // Always allow defaultNoPermissionRoute and permissionDenied method if ($this->isRequestToDefaultRouteOrPermissionDeniedMethod()) { return $next($request); } // Get permissions that allow this request $allowedPermissions = $this->permissionParser->getPermissionsForRequest($request); // Check if user has one of those permissions if ($this->checkUserPermissionsAgainstAllowedPermissions($allowedPermissions)) { return $this->allowRequest(); } return $this->denyRequest(); }
/** * Init permission parser and load permissions.yml */ public function __construct() { $this->permissionParser = new PermissionParser(); // Try to load permissions if (!$this->permissionParser->loadPermissions()) { $errors = $this->permissionParser->getErrors(); \Log::error('[Laraguard] ERROR - loading of permissions failed: ' . join(' # ', $errors)); } }