/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect('/home')->with('auth_message', 'Must be logged in.');
}
}
/** @var \JamylBot\User $user */
$user = $this->auth->user();
if ($user->admin) {
return $next($request);
}
$groupId = $request->groupId ? $request->groupId : $request->groups;
if ($groupId) {
/** @var Group $group */
$group = Group::find($groupId);
if ($group->isOwner($user->id)) {
return $next($request);
}
}
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect('/home')->with('auth_message', 'Access Denied');
}
}
public function removeOwnerFromGroup($groupId)
{
/** @var Group $group */
$group = Group::find($groupId);
$group->removeOwner(\Request::input('owner'));
return redirect('/admin/groups/' . $groupId);
}
