/** * Allow a request to proceed only if we have board-level permissions * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!App\Http\Helpers\OAuth::valid()) { App::abort(500, 'Attempted board authorization without a valid session'); } if (App\Http\Helpers\OAuth::isBoardMember()) { // Proceed with request return $next($request); } else { App::abort(403, 'Access denied: you\'re not authorized to access this'); } }
/** * Format the main navigation into proper HTML * @return string rendered HTML */ public static function show() { $output = ''; // Determine which elements to show $level = 0; if (OAuth::valid()) { $level = 1; if (OAuth::isBoardMember()) { $level = 2; } } foreach (self::$menu as $entry) { if ($level >= $entry['level']) { $entry['current'] = self::isCurrent($entry['url']); $output .= view('navigation/item')->with($entry); } } return $output; }