/** * Verifies the current user cannot delete his role. * * Request current user password before deletion of any User Roles. * * @param Request $request Current router request. * * @return void */ protected function beforeDelete(Request $request) { if (!$request->post('password') || !Crypt::hashCompare($this->user->password, $request->post('password'))) { if (!$request->is('xhr')) { Helpers\FlashMessage::set($this->labels['general']['not_authorized'], 'danger'); } $request->redirectTo('index'); } if ($this->user->role_id == $this->resource->getPrimaryKeyValue()) { if (!$request->is('xhr')) { Helpers\FlashMessage::set($this->labels['errors']['delete']['self'], 'danger'); } $request->redirectTo('index'); } parent::beforeDelete($request); }
/** * Loads Flash Messages. * * @return void */ protected function loadFlashMessage() { $this->renderer->set('flash', Helpers\FlashMessage::get()); }
/** * Ensure that the current requested resource is within the ownership scope. * * @param \Core\Modules\Router\Request $request Current Router Request. * * @return void */ protected function loadResource(Request $request) { parent::loadResource($request); $resourceModel = $this->resourceModel; if ($this->user->owns($resourceModel) && !Helpers\Ownership::check($this->resource)) { Helpers\FlashMessage::set($this->labels['errors']['not_exists'], 'danger'); $request->redirectTo('index', 404); } }