/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$current = \Route::current();
$prefix = $current->getPrefix();
if ($prefix == "broadcaster/services") {
if (\Request::is('broadcaster/services/news*')) {
$model = "news";
} else {
if (\Request::is('broadcaster/services/channel*')) {
$model = "channel";
} else {
if (\Request::is('broadcaster/services/vod*')) {
$model = "vod";
} else {
return $next($request);
}
}
}
if ($model) {
if (!$this->broadcasterResource->hasService($model)) {
return response(['error' => ['description' => 'No service available']], 401);
}
}
$params = $current->parameters();
if ($params) {
if ($this->broadcasterResource->canAccess($model, $params)) {
return $next($request);
} else {
return response(['error' => ['code' => 'UNAUTHORIZED', 'description' => 'You are not authorized to access this resource.']], 401);
}
}
}
return $next($request);
}
/**
* Run the request filter.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$route = \Route::getCurrentRoute();
// $route->uri(), $request->path()
$roles = \Auth::user()->roles;
$allow = true;
try {
// Check if route has permission
foreach ($roles as $role) {
foreach ($role->permissions as $permission) {
$allow = $allow & !$this->denied($request, $route, $permission);
}
}
} catch (\Exception $e) {
\Log::error($e->getFile() . ':' . $e->getLine() . ' ' . $e->getMessage());
$allow = false;
}
// Apply access
\Log::info('ACCESS:' . \Auth::user()->name . ':' . $request->method() . ':' . $request->path() . ':' . ($allow ? 'ALLOWED' : 'DENIED'));
if (!$allow) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return response(view('admin/unauthorized'), 401);
}
} else {
return $next($request);
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
$currentRouteAction = \Route::currentRouteAction();
$c_a = explode('@', $currentRouteAction);
if (count($c_a) < 2) {
return $next($request);
}
list($controller, $action) = explode('@', $currentRouteAction);
$cname = substr($controller, strlen('App\\Http\\Controllers\\'));
$user = Auth::User();
if (!$user) {
$user_count = User::count();
if ($user_count == 0) {
if ($cname == 'Auth\\AuthController' && ($action == 'showRegistrationForm' || $action == 'register')) {
return $next($request);
} else {
return redirect()->action('Auth\\AuthController@showRegistrationForm')->with('message', 'You must create the 1st user(which would be super admin) before any tasks!')->with('message_type', 'warning');
}
} else {
if ($cname == 'Auth\\AuthController') {
if ($action == 'showRegistrationForm' || $action == 'register') {
return redirect()->action('Auth\\AuthController@showLoginForm')->with('message', 'Only super admin can create more users!')->with('message_type', 'warning');
} else {
if ($action == 'showLoginForm' || $action == 'login') {
return $next($request);
}
}
} else {
if ($cname == 'Auth\\PasswordController') {
return $next($request);
}
}
}
return redirect(action('Auth\\AuthController@showLoginForm') . '?continue=' . \Request::url())->with('message', 'You must login to visit this page!')->with('message_type', 'warning');
} else {
if ($user->type === 0) {
return $next($request);
}
//Super Admin!
if ($cname == 'PageController' || $cname == 'Auth\\AuthController' && $action == 'logout' || $cname == 'HomeController' && ($action == 'getIndex' || $action == 'getHome')) {
return $next($request);
}
}
return redirect('/');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$pass = $this->auth->check() ? true : false;
$currentRoute = \Route::getCurrentRoute()->getPath();
if (strpos($currentRoute, '[')) {
$currentRoute = preg_split('/[[]/', $currentRoute)[0];
}
if (strpos($currentRoute, ':')) {
$currentRoute = preg_split('/[:]/', $currentRoute)[0];
}
if (substr($currentRoute, -1) == 's') {
$currentRoute = substr($currentRoute, 0, -1);
}
$currentRoute = \Route::getCurrentRoute()->getPath() == "admin/users[edit:show]" ? "admin/users[edit:show]" : $currentRoute;
//echo $currentRoute;
if ($pass) {
$pass = false;
$role = DB::table('roles')->get();
foreach ($role as $rolerS) {
if (User::find($this->auth->user()->id)->hasRole($rolerS->name) == 1) {
$userRole = $rolerS->name;
$role_id = $rolerS->id;
}
}
$resultPermission = DB::table('permissions')->join('permission_role', 'permission_role.permission_id', '=', 'permissions.id')->join('roles', 'roles.id', '=', 'permission_role.role_id')->join('modules', 'modules.id', '=', 'permissions.action')->select('permission_role.permission_id as pID', 'permission_role.role_id as rID', 'roles.display_name as role_dn', 'permissions.name as per_name', 'permissions.display_name as per_dn', 'permissions.action as action', 'permissions.access as access', "modules.route as module_name", 'modules.id as mID')->where('permissions.type', 'module')->where('roles.id', $role_id)->get();
//->toSql();;
foreach ($resultPermission as $rsP) {
//echo $currentRoute . " = " . $rsP->module_name . " is " . ($currentRoute==$rsP->module_name) ."||";
if ($currentRoute == $rsP->module_name) {
$pass = true;
}
if ($currentRoute == "admin/form" || $currentRoute == "admin/filesList/{id}" || $currentRoute == "admin/setGrid") {
$pass = true;
}
}
}
if (!$pass) {
return redirect('unauthorized')->with('errors', 'Maaf anda harus login terlebih dahulu');
}
return $next($request);
}
public function handle($request, Closure $next, $guard = null)
{
\App::setLocale(config('gtcmslang.defaultAdminLocale'));
$showLoginMessage = true;
if (config('gtcms.adminAutoLogin') && \Auth::guest()) {
$user = User::where('role', 'admin')->first();
\Auth::login($user);
$showLoginMessage = false;
}
$allowedUserRoles = config('gtcms.allowedUserRoles');
if (\Auth::guest() || !in_array(\Auth::user()->role, $allowedUserRoles)) {
if (\Route::current()->uri() != "admin/login") {
if (\Request::ajax() && \Request::get('getIgnore_isAjax')) {
$data = array('success' => false, 'message' => "Session timeout", 'redirectToLogin' => true);
return \Response::json($data);
} else {
return \Redirect::to('/admin/login');
}
}
} else {
if (\Route::current()->uri() == "admin/login") {
if ($showLoginMessage) {
MessageManager::setError(trans('gtcms.alreadyLoggedIn'));
}
return \Redirect::to("/admin");
}
}
if (\Session::get('accessDenied')) {
if (\Route::currentRouteName() != "restricted") {
\Session::put('accessDenied', true);
return \Redirect::to('/access-denied');
}
} else {
if (\Route::currentRouteName() == "restricted") {
MessageManager::setError(trans('gtcms.accessGranted'));
\Session::put('accessDenied', false);
return \Redirect::to("/admin");
}
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('/admin/login');
}
} else {
//role id == 1 is an admin else 2 is not an admin
if ($this->auth->user()->role_id == 1 || $this->auth->user()->role_id == 2) {
} else {
if (\Route::get('/admin')) {
return redirect()->guest('login/admin');
} else {
return redirect()->guest('auth/login');
}
}
}
return $next($request);
}
public function handle($request, Closure $next)
{
$this->filter(\Route::getCurrentRoute(), $request);
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$authorized = false;
// Default to protect all routes.
$errorCode = 0;
// Default to something bogus...
$method = null;
$path = null;
$actionName = null;
$user = null;
$username = null;
$guest = false;
// Get current route from Laravel.
$laravelRoute = LaravelRoute::current();
// If not set we will fallback to error HTTP 500. This should never occur. TODO: remove this check...
if (isset($laravelRoute)) {
// Get route info.
$method = $laravelRoute->getMethods()[0];
$path = $laravelRoute->getPath();
$actionName = $laravelRoute->getActionName();
// Get current user or set guest to true for unauthenticated users.
if ($this->auth->check()) {
$user = $this->auth->user();
$username = $user->username;
} elseif ($this->auth->guest()) {
$guest = true;
}
// AuthController and PasswordController are exempt from authorization.
// TODO: Get list of controllers exempt from config.
if (str_contains($actionName, 'AuthController@') || str_contains($actionName, 'PasswordController@')) {
$authorized = true;
} elseif (!$guest && isset($user) && 'root' == $user->username) {
$authorized = true;
} elseif (!$guest && isset($user) && $user->hasRole('admins')) {
$authorized = true;
} else {
// if ($user->enabled)
// {
// Get application route based on info from Laravel route.
$appRoute = AppRoute::ofMethod($method)->ofActionName($actionName)->ofPath($path)->enabled()->with('permission')->first();
// If found, proceed with authorization
if (isset($appRoute)) {
// Permission set for route.
if (isset($appRoute->permission)) {
// Route is open to all.
// TODO: Get 'open-to-all' role name from config, and replace all occurrences.
if ('open-to-all' == $appRoute->permission->name) {
$authorized = true;
} elseif ($guest && 'guest-only' == $appRoute->permission->name) {
$authorized = true;
} elseif (!$guest && isset($user) && $user->enabled && 'basic-authenticated' == $appRoute->permission->name) {
$authorized = true;
} elseif (!$guest && isset($user) && $user->enabled && $user->can($appRoute->permission->name)) {
$authorized = true;
} else {
Log::error("Authorization denied for request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "], guest [" . $guest . "], username [" . $username . "].");
$errorCode = 403;
}
} else {
Log::error("No permission set for the requested route, path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "], guest [" . $guest . "], username [" . $username . "].");
$errorCode = 403;
}
} else {
Log::error("No application route found in AuthorizeRoute module for request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "].");
$errorCode = 403;
}
// if ( isset($appRoute) )
// }
// else
// {
// return redirect( route('logout') );
// }
}
}
// If authorize, proceed
if ($authorized) {
return $next($request);
// Else if error code was set abort with that.
} elseif (0 != $errorCode) {
if (!$guest && isset($user) && !$user->enabled) {
Log::error("User [" . $user->username . "] disabled, forcing logout.");
return redirect(route('logout'));
} else {
abort($errorCode);
}
// Lastly Fallback to error HTTP 500: Internal server error. We should not get to this!
} else {
Log::error("Server error while trying to authorize route, request path [" . $request->path() . "], method [" . $method . "] and action name [" . $actionName . "].");
abort(500);
}
}
