/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('auth/login');
}
}
/** @var User $user */
$user = $this->auth->user();
if ($user instanceof User && intval($user->blocked) == 1) {
Auth::logout();
return redirect()->route('index');
}
// if logged in, set user language:
$pref = Preferences::get('language', env('DEFAULT_LANGUAGE', 'en_US'));
App::setLocale($pref->data);
Carbon::setLocale(substr($pref->data, 0, 2));
$locale = explode(',', trans('config.locale'));
$locale = array_map('trim', $locale);
setlocale(LC_TIME, $locale);
setlocale(LC_MONETARY, $locale);
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
return redirect()->guest('/');
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
return response()->json(null, 401);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 403);
} else {
return redirect()->guest('auth/login');
}
}
if (!$request->user()->isAdmin() && $request->user()->cannot('dashboard_view')) {
$this->auth->logout();
return redirect()->guest('auth/login')->withErrors(trans('messages.permission_denied'));
}
$route_array = explode('.', $request->route()->getName());
$permission_name = array_search($route_array[2], array_dot($this->permission_fields));
if ($permission_name) {
$route_array[2] = explode('.', $permission_name)[0];
}
// $route_name = implode('_', $route_array);
$route_name = $route_array[1] . '_' . $route_array[2];
if (!$request->user()->isAdmin() && $request->user()->cannot($route_name)) {
//PATCH 为null
if ($request->ajax()) {
return response()->json(['status' => trans('messages.permission_denied'), 'type' => 'error', 'code' => 403]);
} else {
return view('errors.403');
}
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return view('redminportal::users.notauthorized');
} else {
return redirect()->guest('login');
}
}
$user = Auth::user();
// Check if user has permission
if ($user != null) {
if (!$user->activated) {
// User logged in but was deactivated after
// Log out this user and bring to login page
Auth::logout();
return redirect()->guest('login');
}
// Proceed to check user permission
if ($user->hasAccess($request)) {
// Save login time
$user->last_login = date('Y-m-d H:i:s');
$user->save();
return $next($request);
}
}
return redirect('login/unauthorized');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
abort(401);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next, $roleNames)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('auth/login');
}
}
$hasNew = str_contains($roleNames, 'new');
foreach (explode('+', $roleNames) as $role) {
if ($role == 'new') {
continue;
}
if ($this->auth->user()->access()->{$role}) {
return $next($request);
}
if ($hasNew) {
if ($this->auth->user()->access()->role == $role) {
return $next($request);
}
}
}
App::abort(403, 'Unauthorized action.');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('auth/login');
}
} elseif (session('role_id') == 3) {
$route = $request->route();
$routeName = $route->getName();
if ($routeName == 'activity.show') {
$activityId = $route->getParameter('activity');
$orgId = Activity::select('organization_id')->find($activityId)->organization_id;
} elseif ($routeName == 'organization.show') {
$orgId = $route->getParameter('organization');
} else {
$orgId = session('org_id');
}
if ($orgId && $this->auth->user()->isSuperAdmin()) {
$userId = User::select('id')->where('org_id', $orgId)->where('role_id', 1)->first()->id;
app(OrganizationController::class)->masqueradeOrganization($orgId, $userId);
} elseif (!$orgId && !isSuperAdminRoute()) {
return redirect(config('app.super_admin_dashboard'));
}
} elseif (isSuperAdminRoute()) {
$response = ['type' => 'warning', 'code' => ['message', ['message' => "You don't have correct privilege"]]];
return redirect(config('app.admin_dashboard'))->withResponse($response);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
// If the user is already logged in, we don't need to reauthenticate.
if (!$this->auth->check()) {
// Retrieve the SSO login attribute.
$auth = $this->getWindowsAuthAttribute();
// Retrieve the SSO input key.
$key = key($auth);
// Handle Windows Authentication.
if ($account = $request->server($auth[$key])) {
// Usernames may be prefixed with their domain,
// we just need their account name.
$username = explode('\\', $account);
if (count($username) === 2) {
list($domain, $username) = $username;
} else {
$username = $username[key($username)];
}
// Create a new user LDAP user query.
$query = $this->newAdldapUserQuery();
// Filter the query by the username attribute
$query->whereEquals($key, $username);
// Retrieve the first user result
$user = $query->first();
if ($user instanceof User) {
$model = $this->getModelFromAdldap($user, str_random());
if ($model instanceof Model && $this->auth->guest()) {
// Double check user instance before logging them in.
$this->auth->login($model);
}
}
}
}
return $this->returnNextRequest($request, $next);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest() || !Auth::user()->site_admin) {
abort(404);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//check for user's role
$has_role = false;
if (!$this->auth->guest() && $this->auth->user() != null) {
$required_role = $request->route()->getAction()['role'];
if ($required_role == '*') {
$has_role = true;
} else {
$roles = $this->auth->user()->roles;
foreach ($roles as $role) {
if ($role->id_role == 'admin' || $role->id_role == $required_role) {
$has_role = true;
break;
}
}
}
}
if ($this->auth->guest() || !$has_role) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect(route('admin-login') . '?return_url=' . urlencode($request->url()));
}
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('auth/login');
}
} else {
if ($this->auth->user()->doctor) {
$queue = Queue::all();
$patient = Patient::all();
return view('doctor.dashboard')->with('queue', $queue)->with('patient', $patient);
} else {
if ($this->auth->user()->admin) {
$queue = Queue::all();
$patient = Patient::all();
return view('doctor.dashboard')->with('queue', $queue)->with('patient', $patient);
} else {
$queue = Queue::all();
$patient = Patient::all();
return view('staff.dashboard')->with('queue', $queue)->with('patient', $patient);
}
}
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest(route('_auth.login'));
}
}
$current_route = $request->route()->getName();
$user = Auth::user();
$user_groups = $user->getGroups();
$permits = array();
foreach ($user_groups as $key => $group) {
$perms = json_decode($group->permissions, true);
// debug($perms);
if (array_key_exists($current_route, $perms)) {
$permits[] = $current_route;
}
}
// debug(count($permits), $permits);
if (!count($permits)) {
Auth::logout();
// return redirect()->guest(route('_auth.login'))->with('STATUS_FAIL', 'fail');
return redirect(route('_auth.login'))->with('STATUS_FAIL', 'You do not have access to this page.');
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
// return redirect()->guest('auth/login');
return redirect()->guest('dangnhap');
}
}
if ($request->is('giangvien/*')) {
if (\Auth::user()->quyen != 'gv') {
return redirect()->guest('dangnhap');
}
}
if ($request->is('quantri/*')) {
if (\Auth::user()->quyen != 'qt') {
return redirect()->guest('dangnhap');
}
}
if ($request->is('sinhvien/*')) {
if (\Auth::user()->quyen != 'sv') {
return redirect()->guest('dangnhap');
}
}
/* $action = $request->route()->getActionName();
echo $action; */
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->route('auth.signin');
}
} else {
$user = $this->auth->user();
if ($user->ban) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
$this->auth->logout();
notify()->flash('Banned', 'error', ['text' => $user->ban_reason]);
return redirect()->route('auth.signin');
}
}
}
/*$ipInfo = getIpInfo($request->getClientIp());
if($ipInfo){
if(isset($ipInfo['timezone'])){
if($ipInfo['timezone'] != $this->auth->user()->timezone){
$this->auth->user()->update([
'timezone' => $ipInfo['timezone']
]);
}
}
}*/
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect('/home')->with('auth_message', 'Must be logged in.');
}
}
/** @var \JamylBot\User $user */
$user = $this->auth->user();
if ($user->admin) {
return $next($request);
}
$groupId = $request->groupId ? $request->groupId : $request->groups;
if ($groupId) {
/** @var Group $group */
$group = Group::find($groupId);
if ($group->isOwner($user->id)) {
return $next($request);
}
}
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect('/home')->with('auth_message', 'Access Denied');
}
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
if ($this->auth->guest()) {
return response('Unauthorized.', 401);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest() && !$request->session()->get('invitado', false)) {
return redirect()->guest('auth/login');
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next, $role = null, $permission = null)
{
// Check the user is logged in
if ($this->auth->guest()) {
return back(403)->withError(trans('ethereal-auth::middleware.403'));
}
// If empty role and empty permission, authenticated user get access
if (empty($role) && empty($permission)) {
return $next($request);
}
// Get the authenticated user
$user = $this->auth->user();
// Check the user has the role with the right permission
if (!empty($role) && !empty($permission)) {
if ($user->is($role) && $user->can($permission, $role)) {
return $next($request);
}
}
// Check the user has the right role
if (empty($role) && !empty($permission)) {
if ($user->is($role)) {
return $next($request);
}
}
// Check the user has the right permission
if (!empty($role) && empty($permission)) {
if ($user->can($permission)) {
return $next($request);
}
}
return back(403)->withError(trans('ethereal-auth::middleware.403'));
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next, $permission = null)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('login');
}
}
return $next($request);
/*if ($this->auth->guest()) {
if ($request->user()->can($permission)) {
return $next($request);
}
return $request->ajax ? response('Unauthorized.', 401) : redirect('admin/login');
}*/
//print_r($request->user()); exit();
/*if (! $request->user()->hasRole($role)) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('admin/login');
}
}
return $next($request);*/
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
// If the user isn't logged in or they are part of a different city
// deny access, otherwise go for it. Might be worth adding a message to
// explain what happened on redirect.
$city = City::findByIATA($request->route()->getParameter('city'))->first();
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
Notification::error('You need to be logged in to view that.');
return redirect()->guest('auth/login');
}
} else {
if ($city && $this->auth->user()->city_id !== $city->id) {
Notification::error('You don\'t have permissions for that city.');
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect('/' . $city->iata);
}
}
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
// we expect a url in the form /groups/{group_id}
if ($request->segment(1) == 'groups') {
if ($this->auth->guest()) {
$group = \App\Group::findOrFail($request->segment(2));
if ($group->isPublic()) {
return $next($request);
} else {
return redirect()->back()->with('message', trans('messages.not_allowed'));
}
} else {
$group = \App\Group::findOrFail($request->segment(2));
if ($group->isPublic()) {
return $next($request);
} elseif ($group->isMember()) {
return $next($request);
} elseif ($request->user()->isAdmin()) {
return $next($request);
// user is admin, and sees everything, fine (at least in sync with current policies for admins)
} else {
return redirect()->back()->with('message', trans('messages.not_allowed'));
}
}
} else {
return redirect()->back()->with('message', 'Are you in a group at all !? (url doesnt start with group/something). This is a bug');
}
}
/**
* Check permission
*
* @return boolean
*/
protected function checkPermission($permission = 'manage', $role = 'admin')
{
if ($this->auth->guest()) {
return false;
}
return $this->auth->user()->can($permission) || $this->auth->user()->hasRole($role);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
//return redirect()->guest('auth/login')
//tsipizic for SAML
//login user and get attributes
$as = new \SimpleSAML_Auth_Simple('default-sp');
$as->requireAuth();
$attributes = $as->getAttributes();
//create user if he does not exist and log him in
$mail = $attributes['mail'][0];
$db_user = User::where('mail', $mail)->first();
if ($db_user) {
Auth::login($db_user);
} else {
$user = new User();
$user->mail = $mail;
$user->save();
Auth::login($user);
}
}
}
return $next($request);
}
/**
* Handle an incoming request.
* only allow if the user role is Admin
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest() || !$this->auth->user()->isAdmin()) {
abort(404);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
return response()->json(['status' => \App\Http\HttpResponse::Unauthorized, 'message' => trans('auth.not_logged_in')], \App\Http\HttpResponse::Unauthorized);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
return $next($request);
}
if ($this->auth->user()->checkRole(['admin'])) {
return $next($request);
}
if ($request->segment(1) == "claim" && in_array('create', $request->segments()) && !$this->auth->user()->checkRole(['operator', 'manager'])) {
return redirect(url('/'));
}
if ($request->segment(1) == "claim" && (count($request->segments()) == 1 && $request->method('POST')) && $this->auth->user()->checkRole(['operator'])) {
return $next($request);
}
if ($request->segment(1) == "claim" && (count($request->segments()) == 1 || count($request->segments()) == 2 && is_numeric($request->segment(2))) && !$this->auth->user()->checkRole(['client', 'manager'])) {
return redirect(url('/'));
}
if ($request->segment(1) == "claim" && in_array('edit', $request->segments()) && !$this->auth->user()->checkRole(['manager'])) {
return redirect(url('/'));
}
if ($request->method() == 'DELETE' && !$this->auth->user()->checkRole(['manager'])) {
return redirect(url('/'));
}
return $next($request);
}
/**
* @param Request $request
* @param callable $next
* @return mixed
*/
public function handle($request, callable $next)
{
if ($this->auth->guest()) {
return $request->ajax() ? response('Unauthorized', 401) : redirect()->guest('auth/login');
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
throw new HttpException(401);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->is('auth/*') && !$request->is('api/*') && $this->auth->guest()) {
return redirect()->guest('auth/login');
}
return $next($request);
}
