/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect('/home')->with('auth_message', 'Must be logged in.'); } } /** @var \JamylBot\User $user */ $user = $this->auth->user(); if ($user->admin) { return $next($request); } $groupId = $request->groupId ? $request->groupId : $request->groups; if ($groupId) { /** @var Group $group */ $group = Group::find($groupId); if ($group->isOwner($user->id)) { return $next($request); } } if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect('/home')->with('auth_message', 'Access Denied'); } }
public function removeOwnerFromGroup($groupId) { /** @var Group $group */ $group = Group::find($groupId); $group->removeOwner(\Request::input('owner')); return redirect('/admin/groups/' . $groupId); }