/**
* Handle an incoming request.
*
* @param Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
list($controller, $action) = $this->getControllerAndAction();
$bindings = $this->getBindings();
$authorized = false;
/** @var Roleable $user */
$user = $this->auth->user();
$args = func_get_args();
if (count($args) > 2) {
// Role based authorization
$roles = $this->getAllowedRoles(array_slice($args, 2));
if (!$user && in_array($this->getGuestRole(), $roles)) {
$authorized = true;
} elseif ($user && $user->hasRole($roles)) {
$authorized = true;
}
} else {
// Permission based authorization
if ($this->gate->forUser($user)->check($action, array_merge([$controller], $bindings))) {
$authorized = true;
}
}
// if user is not authorized, we will return errror response
if (!$authorized) {
$this->reportUnauthorizedAttempt($controller, $action, $request, $bindings);
return $this->errorResponse($request);
}
return $next($request);
}
/**
* Service Provider Boot
*
* @return void
*/
public function boot(GateContract $gate)
{
$this->app['xe.pluginRegister']->add(PermissionUIObject::class);
foreach ($this->policies as $class => $policy) {
$gate->policy($class, $policy);
}
}
/**
* Register any application authentication / authorization services.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function boot(GateContract $gate)
{
foreach (get_class_methods(new \App\Policies\GenericEntityPolicy()) as $method) {
$gate->define($method, "App\\Policies\\GenericEntityPolicy@{$method}");
}
$this->registerPolicies($gate);
}
/**
* Returns whether the logged in user is allowed to edit a page.
*
* @return bool
*/
public function allowedToEdit(Page $page = null)
{
if ($page === null) {
return true;
}
return Editor::isEnabled() && $this->gate->allows('edit', $page);
}
/**
* Service Provider Boot
*
* @return void
*/
public function boot(GateContract $gate)
{
$pluginRegister = $this->app['xe.pluginRegister'];
$pluginRegister->add(MenuType::class);
$pluginRegister->add(MenuSelect::class);
$pluginRegister->add(TypeSelect::class);
$pluginRegister->add(DirectLink::class);
foreach ($this->policies as $class => $policy) {
$gate->policy($class, $policy);
}
// 메뉴아이템의 링크를 편하게 제공하기 위한 resolver 등록
MenuItem::setLinkResolver(function (MenuItem $item) {
$title = xe_trans($item->getAttributeValue('title'));
if ($item->getRelationValue('basicImage')) {
if ($item->isSelected()) {
$image = $item->getSelectedImage();
} else {
$image = $item->basicImage;
}
$hoverImage = $item->getHoverImage();
return sprintf('<img src="%s" class="__xe_menu_image" data-hover="%s" alt="%s"/>', $image, $hoverImage, $title);
}
return $title;
});
}
/**
* Updates Denomination
*
* @param Request $request
* @param Gate $gate
* @return mixed|\Symfony\Component\HttpFoundation\Response
*/
public function updateDenomination(Request $request, Gate $gate)
{
if (!$gate->check('putPostDelete', new IncomeService())) {
return (new Response())->setContent('Unauthorized')->setStatusCode(401);
}
return $this->incomeService->updateDenomination($request->all());
}
/**
* Create a new stinter instance.
*
* @param GateContract $gate
* @param string|null $ability Name used to call the restriction
*/
public function __construct(GateContract $gate, $ability = null)
{
$this->stint = is_string($ability) ? $ability : static::class;
$gate->before([$this, 'before']);
$gate->define($this->stint, [$this, 'check']);
$gate->after([$this, 'after']);
}
/**
* Deletes members funds and recalculates total
*
* @param $incomeServiceId
* @param $memberId
* @return \Illuminate\Http\JsonResponse
*/
public function deleteMemberFund($incomeServiceId, $memberId, Response $response, Gate $gate)
{
if (!$gate->check('putPostDelete', new IncomeServiceMemberFund())) {
return $response->setContent('Unauthorized')->setStatusCode(401);
}
return response()->json($this->dispatch(new DeleteIncomeServiceMemberFundTotal($incomeServiceId, $memberId)));
}
/**
* Authorize the request at the given gate.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @param mixed $ability
* @param mixed|array $arguments
* @return \Illuminate\Auth\Access\Response
*
* @throws \Symfony\Component\HttpKernel\Exception\HttpException
*/
public function authorizeAtGate(Gate $gate, $ability, $arguments)
{
try {
return $gate->authorize($ability, $arguments);
} catch (UnauthorizedException $e) {
throw $this->createGateUnauthorizedException($ability, $arguments, $e->getMessage(), $e);
}
}
/**
* @param GateContract $gate
*/
protected function registerPermissions(GateContract $gate)
{
foreach ($this->getPermissions() as $permission) {
$gate->define($permission->name, function ($user) use($permission) {
return $user->hasPermission($permission);
});
}
}
/**
* Define the permissions
*/
protected function definePermissions()
{
foreach ($this->getPermissions() as $permission) {
$this->gate->define($permission->name, function ($user) use($permission) {
return $user->hasRole($permission->roles);
});
}
}
public function boot(GateContract $gate)
{
$this->loadTranslation();
$gate->before(function ($user, $ability, $model) {
$interceptor = new GateInterceptor($this->app['permission.store']);
return $interceptor->check($user, $ability, $model);
});
}
/**
* @param Gate $gate
* @param PermissionManager $manager
*/
protected function definePermissions(Gate $gate, PermissionManager $manager)
{
foreach ($manager->getPermissionsWithDotNotation() as $permission) {
$gate->define($permission, function (HasPermissions $user) use($permission) {
return $user->hasPermissionTo($permission);
});
}
}
private function definePolicies(GateContract $gate)
{
$gate->define('use-tags', function ($user) {
return $user->is_staff;
});
$gate->define('isStaff', function ($user) {
return $user->is_staff;
});
}
/**
* define all permissions
*
* @return void
*/
public function definePermissions(Gate $gate)
{
$permissions = Role::allPermissions();
foreach ($permissions as $permission => $value) {
$gate->define($permission, function (User $user) use($permission) {
return $user->hasPermission($permission);
});
}
}
/**
* checkPermission
*
* @return void
*/
protected function checkPermission()
{
$item = $this->getMenuItem();
$user = Auth::user();
$rating = $user->getRating();
if (!$item->activated || $rating !== 'super' && $this->gate->denies('access', $item)) {
throw new AccessDeniedHttpException();
}
}
/**
* Register any application authentication / authorization services.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function boot(GateContract $gate)
{
$gate->before(function ($user) {
if ($user->isAdmin()) {
return true;
}
});
parent::registerPolicies($gate);
}
protected function definePermission(Gate $gate)
{
$permissions = Permission::all();
foreach ($permissions as $permission) {
$gate->define($permission->name, function (HasRoleAndPermission $user) use($permission) {
return $user->hasPermission($permission);
});
}
}
/**
* Register any application authentication / authorization services.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function boot(GateContract $gate)
{
$gate->before(function ($user) {
if ($user->role === 'admin') {
return true;
}
});
$this->registerPolicies($gate);
//
}
/**
* Register any application authentication / authorization services.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function boot(GateContract $gate)
{
$gate->define('access-admin-area', function (User $user) {
return $user->hasRole('admin');
});
$gate->define('create-genre', function (User $user) {
return $user->hasRole('admin');
});
$this->registerPolicies($gate);
}
/**
* Define acl as gate permissions.
*
* @param Gate $gate
* @param Backend $backend
*/
public function boot(Gate $gate, Backend $backend)
{
$this->app->booted(function () use($gate, $backend) {
foreach ($backend->getAllAcl() as $acl => $label) {
$gate->define($acl, function ($user) use($acl) {
return $user instanceof User ? $user->hasAccess($acl) : false;
});
}
});
}
private function registerPolicies(GateContract $gate, AdminManager $admin)
{
$gate->before(function ($user, $ability) use($admin) {
if ($ability === "admin") {
if ($user && $admin->isAdmin($user)) {
return $user;
}
}
});
}
/**
* Register the clipboard at the given gate.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function registerAt(Gate $gate)
{
$gate->before(function ($user, $ability, $model = null, $additional = null) {
if (!is_null($additional)) {
return;
}
if ($id = $this->checkGetId($user, $ability, $model)) {
return $this->allow('Bouncer granted permission via ability #' . $id);
}
});
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot(Gate $gate)
{
$this->publishes([realpath(__DIR__ . '/../Database/Migrations') => $this->app->databasePath() . '/migrations'], 'migrations');
$this->publishes([__DIR__ . '/../Config' => config_path('larapress')], 'config');
if (!$this->app->routesAreCached()) {
require __DIR__ . '/../Routes/routes.php';
}
$this->loadViewsFrom(__DIR__ . '/../Resources/Views', 'larapress');
//roles
$gate->policy(Post::class, PostPolicy::class);
}
public function registerAcl(GateContract $gate)
{
if ($this->enabled()) {
// Dynamically register permissions with Laravel's Gate.
foreach ($this->getPermissions() as $permission) {
$gate->define($permission->name, function ($user) use($permission) {
return $user->hasPermission($permission);
});
}
}
}
/**
* Register the permissions.
*
* @return bool
*/
public function registerPermissions()
{
try {
foreach ($this->getPermissions() as $permission) {
$this->gate->define($permission->name, function ($user) use($permission) {
return $user->hasRole($permission->roles);
});
}
} catch (\Exception $e) {
}
}
private function registerPolicies(GateContract $gate)
{
$gate->before(function ($user, $ability) {
if ($ability === "sboard-write") {
return $user;
}
});
foreach ($this->policies as $key => $value) {
$gate->policy($key, $value);
}
}
/**
* Register the application's policies.
*
* @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void
*/
public function registerPolicies(GateContract $gate)
{
$gate->before(function ($user, $ability) {
if ($user->hasRole('SUPER')) {
return true;
}
});
foreach ($this->policies as $key => $value) {
$gate->policy($key, $value);
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
if ($this->page->aclEnabled()) {
if (!$this->guard->check()) {
return new RedirectResponse(route('login'));
}
if ($this->gate->denies('view', $this->page)) {
abort(403);
}
}
return $next($request);
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot(DispatcherContract $events, Gate $gate)
{
$this->publishes([realpath(__DIR__ . '/../Database/Migrations') => $this->app->databasePath() . '/migrations'], 'migrations');
$this->publishes([__DIR__ . '/../Config' => config_path('larapress')], 'config');
if (!$this->app->routesAreCached()) {
require __DIR__ . '/../Routes/routes.php';
}
$this->loadViewsFrom(__DIR__ . '/../Resources/Views', 'larapress');
parent::boot($events);
//roles
$gate->policy(Portfolio::class, PortfolioPolicy::class);
$events->listen(\Larapress\Portfolio\Events\PortfolioWasSaved::class, \Larapress\Portfolio\Listeners\TestListener::class);
}
