/** * Check if user has permission. * * @param Request $request * @param Closure $next * @param string|array $permission * * @return \Illuminate\Http\RedirectResponse */ public function handle(Request $request, Closure $next, $permission) { // Check to see if the user is logged in. if (!($user = $this->auth->getActiveUser())) { Flash::error(trans('dashboard::dashboard.flash.access_denied')); return redirect()->route('auth.login'); } if (!$user->hasAccess($permission)) { Flash::error(trans('dashboard::dashboard.flash.access_denied')); // Redirect back to the previous page where request was made. return redirect()->back(); } return $next($request); }
/** * Check if user belongs to the specified role. * * @param Request $request * @param Closure $next * @param string|array $role * * @return \Illuminate\Http\RedirectResponse */ public function handle(Request $request, Closure $next, $role) { if (!($user = $this->auth->getActiveUser())) { Flash::error(trans('dashboard::dashboard.flash.access_denied')); return redirect()->route('auth.login'); } if (!($role = $this->role->slug($role))) { Flash::error(trans('dashboard::dashboard.flash.access_denied')); // Redirect back to the previous page where request was made. return redirect()->back(); } if (!$user->inRole($role)) { Flash::error(trans('dashboard::dashboard.flash.access_denied')); // Redirect back to the previous page where request was made. return redirect()->back(); } return $next($request); }