/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->service->isOwnerOrMember($request->projects, Authorizer::getResourceOwnerId())) { return $next($request); } else { return ['error' => 'access_denied', 'error_description' => 'Only the members and the owner can access this project.']; } }