/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user_id = \Authorizer::getResourceOwnerId();
$project_id = $request->project;
$rtrn = $this->repository->checkOwnershipAndMembership($user_id, $project_id);
#dd($user_id, $project_id, $rtrn);
if ($rtrn) {
return $next($request);
}
//return ['error'=>'Access denied'];
abort(403, 'Você não tem permissão para acessar este projeto');
#inutilizado abaixo
$project_id = $request->project;
/*if( $this->repository->isMember($project_id,$user_id) == false){
return ['error'=>'Access forbidden'];
}*/
if (count($this->repository->find($user_id)->projects()->where(['project_id' => $project_id])->get()) == false) {
return ['error' => 'Access forbidden'];
}
return $next($request);
}
