/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$userId = Authorizer::getResourceOwnerId();
$projectId = $request->project;
if ($this->repository->isOwner($projectId, $userId) == false) {
return ['error' => true, 'message' => 'Access forbidden'];
}
return $next($request);
}
private function checkProjectMember($projectId)
{
$userId = Authorizer::getResourceOwnerId();
return $this->repository->isMember($projectId, $userId);
}
