/** * Initializer. * * @access public * @return \BaseController */ public function __construct() { $this->beforeFilter('csrf', array('on' => 'post')); $user = Auth::id(); if ($user > 0) { $result = IsAdminRoles::join('permission_role', 'assigned_roles.role_id', '=', 'permission_role.role_id')->join('permissions', 'permissions.id', '=', 'permission_role.permission_id')->where('assigned_roles.user_id', $user)->select('name')->get(); foreach ($result as $row) { View::share($row->name, $row->name); } $count = IsAdminRoles::join('permission_role', 'assigned_roles.role_id', '=', 'permission_role.role_id')->join('permissions', 'permissions.id', '=', 'permission_role.permission_id')->where('assigned_roles.user_id', $user)->where('permissions.is_admin', '1')->count(); if ($count > 0) { View::share('admin', 'admin'); } } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check()) { $admin = 0; $user_roles = AssignedRoles::join('roles', 'role_user.role_id', '=', 'roles.id')->where('user_id', $this->auth->user()->id)->select('roles.is_admin')->get(); foreach ($user_roles as $item) { if ($item->is_admin == 1) { $admin = 1; } } if ($admin == 0) { return $this->response->redirectTo('/'); } return $next($request); } return $this->response->redirectTo('/'); }
/** * Handle a login request to the application. * * @Post("auth/login") * * @param LoginRequest $request * @return Response */ public function login(LoginRequest $request) { if ($this->auth->attempt($request->only('email', 'password'))) { $count = IsAdminRoles::join('permission_role', 'assigned_roles.role_id', '=', 'permission_role.role_id')->join('permissions', 'permissions.id', '=', 'permission_role.permission_id')->where('assigned_roles.user_id', $this->auth->id())->where('permissions.is_admin', '1')->count(); if ($count > 0) { return redirect('admin/dashboard'); } return redirect('/'); } return redirect('/auth/login')->withErrors(['email' => 'These credentials do not match our records.']); }