/** * Update the specified resource in storage. * * @param Request $request * @param int $id * @return Response */ public function update(UpdateUserRequest $request, $id) { $user = User::find($id); if ($user && ($user->id == $request->user()->id || $request->user()->hasPermission('admin'))) { //If permissions are set and user have admin permissions if ($request->permissions !== null && $request->user()->hasPermission('admin')) { $user->permissions()->sync($request->permissions); //If permissions were not sent and user have admin permissions it means that permissions were taken off } else { if ($request->permission === null && $request->user()->hasPermission('admin')) { $user->permissions()->detach(); } } $user->firstname = $request->input('firstname'); $user->surname = $request->input('surname'); $user->email = $request->input('email'); //If password field was touched / was not left empty if ($request->input('password') !== '') { $user->password = bcrypt($request->input('password')); } $user->save(); return redirect('/home')->withMessage('Changes saved successfuly'); } else { return redirect('/home')->withErrors('You do not have sufficient permissions'); } }