/** * Handle an incoming request. * * @param Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { list($controller, $action) = $this->getControllerAndAction(); $bindings = $this->getBindings(); $authorized = false; /** @var Roleable $user */ $user = $this->auth->user(); $args = func_get_args(); if (count($args) > 2) { // Role based authorization $roles = $this->getAllowedRoles(array_slice($args, 2)); if (!$user && in_array($this->getGuestRole(), $roles)) { $authorized = true; } elseif ($user && $user->hasRole($roles)) { $authorized = true; } } else { // Permission based authorization if ($this->gate->forUser($user)->check($action, array_merge([$controller], $bindings))) { $authorized = true; } } // if user is not authorized, we will return errror response if (!$authorized) { $this->reportUnauthorizedAttempt($controller, $action, $request, $bindings); return $this->errorResponse($request); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->user()->type->code !== 'ADT' && $this->auth->user()->type->code !== 'OPT') { return redirect('home'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next, $role) { if (!$this->auth->user()->hasRole($role)) { throw new RoleDeniedException($role); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$this->auth->user()) { return redirect('/'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$this->auth->check() || !$this->auth->user()->hasRole($this->role)) { App::abort(401); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check() && $this->auth->user()->role_id == 1) { return new RedirectResponse(route('adminHome')); } return $next($request); }
/** * We're verifying that the current user is logged in to Cachet and is an admin level. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if (!$this->auth->check() || $this->auth->check() && !$this->auth->user()->isAdmin) { throw new HttpException(401); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check()) { return new RedirectResponse($this->auth->user()->getHomeUrl()); } return $next($request); }
/** * updates Activity Document Link * @param array $documentLink * @param ActivityDocumentLink $activityDocumentLink * @return bool */ public function update(array $documentLink, ActivityDocumentLink $activityDocumentLink) { try { $this->database->beginTransaction(); $documentLinkExists = $activityDocumentLink->exists; $activityId = $activityDocumentLink->activity_id; $documentManager = app(DocumentManager::class); if ($documentLinkExists) { $url = $activityDocumentLink->document_link['url']; $document = $documentManager->getDocument(session('org_id'), $url); $activities = (array) $document->activities; unset($activities[$activityId]); $document->activities = $activities; $documentManager->update($document); } $url = $documentLink[0]['url']; $document = $documentManager->getDocument(session('org_id'), $url); $activities = (array) $document->activities; $identifier = $activityDocumentLink->activity->identifier['activity_identifier']; $activities[$activityId] = $identifier; $document->activities = $activities; $documentManager->update($document); $this->DocumentLinkRepo->update($documentLink, $activityDocumentLink); $this->database->commit(); $this->logger->info(sprintf('Activity Document Link %s!', $documentLinkExists ? 'updated' : 'saved'), ['for' => $documentLink]); $this->dbLogger->activity(sprintf("activity.document_link_%s", $documentLinkExists ? 'updated' : 'saved'), ['activity_id' => $activityDocumentLink->activity_id, 'document_link_id' => $activityDocumentLink->id, 'organization' => $this->auth->user()->organization->name, 'organization_id' => $this->auth->user()->organization->id]); return true; } catch (\Exception $exception) { $this->database->rollback(); $this->logger->error($exception, ['documentLink' => $documentLink]); } return false; }
/** * Handle an incoming request. * This middleware must be handled after the * Authentication middleware. * * @param Request $request * @param \Closure $next * * @return mixed */ public function handle(Request $request, Closure $next) { if ($this->auth->user()->level() < 3) { return abort(401, 'Non sei autorizzato'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next, $role = null, $permission = null) { // Check the user is logged in if ($this->auth->guest()) { return back(403)->withError(trans('ethereal-auth::middleware.403')); } // If empty role and empty permission, authenticated user get access if (empty($role) && empty($permission)) { return $next($request); } // Get the authenticated user $user = $this->auth->user(); // Check the user has the role with the right permission if (!empty($role) && !empty($permission)) { if ($user->is($role) && $user->can($permission, $role)) { return $next($request); } } // Check the user has the right role if (empty($role) && !empty($permission)) { if ($user->is($role)) { return $next($request); } } // Check the user has the right permission if (!empty($role) && empty($permission)) { if ($user->can($permission)) { return $next($request); } } return back(403)->withError(trans('ethereal-auth::middleware.403')); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->route('auth.signin'); } } else { $user = $this->auth->user(); if ($user->ban) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { $this->auth->logout(); notify()->flash('Banned', 'error', ['text' => $user->ban_reason]); return redirect()->route('auth.signin'); } } } /*$ipInfo = getIpInfo($request->getClientIp()); if($ipInfo){ if(isset($ipInfo['timezone'])){ if($ipInfo['timezone'] != $this->auth->user()->timezone){ $this->auth->user()->update([ 'timezone' => $ipInfo['timezone'] ]); } } }*/ return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check()) { return redirect($this->auth->user()->role->redirect); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return void|mixed */ public function handle(Request $request, Closure $next) { if (!$this->app->isDownForMaintenance()) { return $next($request); } if ($request->segment(1) == 'admin') { return $next($request); } if (in_array($request->getClientIp(), $this->config->get('streams::maintenance.ip_whitelist', []))) { return $next($request); } /* @var UserInterface $user */ $user = $this->guard->user(); if ($user && $user->isAdmin()) { return $next($request); } if ($user && $this->authorizer->authorize('streams::maintenance.access')) { return $next($request); } if (!$user && $this->config->get('streams::maintenance.auth')) { /* @var Response|null $response */ $response = $this->guard->onceBasic(); if (!$response) { return $next($request); } $response->setContent(view('streams::errors.401')); return $response; } abort(503); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$this->auth->check() or !$this->auth->user()->canAccessAdminPanel()) { return redirect('/auth/login?ref=admin'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next, $roleNames) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->guest('auth/login'); } } $hasNew = str_contains($roleNames, 'new'); foreach (explode('+', $roleNames) as $role) { if ($role == 'new') { continue; } if ($this->auth->user()->access()->{$role}) { return $next($request); } if ($hasNew) { if ($this->auth->user()->access()->role == $role) { return $next($request); } } } App::abort(403, 'Unauthorized action.'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param int|string $role * @return view */ public function handle($request, Closure $next, $role) { if ($this->auth->check() && $this->auth->user()->is($role)) { return $next($request); } return $this->auth->check() ? view('lcp::auth.errors.role')->withError($role) : view('lcp::auth.login'); }
/** * @param EntryStoreRequest $request * @return \Illuminate\Http\RedirectResponse */ public function store(EntryStoreRequest $request) { $input = $request->only(['title', 'body']); $input['user_id'] = $this->guard->user()->id; $this->entry->addEntry($input); return redirect()->route('admin.entry.index'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param int $level * @return mixed * @throws \Bican\Roles\Exceptions\LevelDeniedException */ public function handle($request, Closure $next, $level) { if ($this->auth->check() && $this->auth->user()->level() >= $level) { return $next($request); } throw new LevelDeniedException($level); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { // If the user isn't logged in or they are part of a different city // deny access, otherwise go for it. Might be worth adding a message to // explain what happened on redirect. $city = City::findByIATA($request->route()->getParameter('city'))->first(); if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { Notification::error('You need to be logged in to view that.'); return redirect()->guest('auth/login'); } } else { if ($city && $this->auth->user()->city_id !== $city->id) { Notification::error('You don\'t have permissions for that city.'); if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect('/' . $city->iata); } } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param int|string $permission * @return mixed * @throws \Bican\Roles\Exceptions\PermissionDeniedException */ public function handle($request, Closure $next, $permission) { if ($this->auth->check() && $this->auth->user()->may($permission)) { return $next($request); } throw new PermissionDeniedException($permission); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->user()->uncompleteProfile) { return redirect()->route('user.edit', $this->auth->id())->with('message', 'Debe completar sus datos en el perfil'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$this->auth->user()->isAdmin()) { return response('Unauthorized.', 401); } return $next($request); }
/** * Check permission * * @return boolean */ protected function checkPermission($permission = 'manage', $role = 'admin') { if ($this->auth->guest()) { return false; } return $this->auth->user()->can($permission) || $this->auth->user()->hasRole($role); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (is_null($this->auth->user()->household)) { return redirect(route('household.create')); } return $next($request); }
/** * Handle an incoming request. * only allow if the user role is Admin * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->guest() || !$this->auth->user()->isAdmin()) { abort(404); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param int|string $role * @return mixed * @throws \FWM\Roles\Exceptions\RoleDeniedException */ public function handle($request, Closure $next, $role) { if ($this->auth->check() && $this->auth->user()->is($role)) { return $next($request); } throw new RoleDeniedException($role); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check() and $this->auth->user()->is('admin')) { return new RedirectResponse(route('home')); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check() && $this->auth->user()->isRestricted()) { return error_popup(trans('errors.no_restricted_access')); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$this->auth->user()->is_active) { return redirect(route('disabled')); } return $next($request); }