Пример #1
0
 /**
  * @param $stringPermission
  *
  * @return mixed
  */
 public function can($stringPermission)
 {
     if ($stringPermission instanceof \App\Permission) {
         $stringPermission = $stringPermission->getAction();
     }
     return \App\Facades\Acl::isUserAllow($this, $stringPermission);
 }
Пример #2
0
 /**
  * @param          $request
  * @param \Closure $next
  * @param array    $permissions
  *
  * @see http://laravel.com/docs/5.1/middleware#middleware-parameters
  *
  * @return \Illuminate\Http\RedirectResponse|\Laravel\Lumen\Http\Redirector
  */
 public function handle($request, Closure $next, $permissions = [])
 {
     if (!is_array($permissions)) {
         $permissions = [$permissions];
     }
     // no permission required
     if (empty($permissions)) {
         return $next($request);
     }
     Clockwork::startEvent('acl.middleware', 'Acl middleware.');
     foreach ($permissions as $permission) {
         if (!Acl::isUserAllow(Auth::user(), $permission)) {
             Clockwork::stopEvent('acl.middleware');
             if (Request::is('api*')) {
                 return response('Not authorized', 403);
             } else {
                 return view('auth.notAuthorized');
             }
         }
     }
     Clockwork::stopEvent('acl.middleware');
     return $next($request);
 }