/** * Handle middleware * * @param Request $request * @param callable $next * @return mixed */ public function handle(Request $request, Closure $next) { //Get account $account = $this->getAccountFromRouting(); //Set account in context $this->context->setAccount($account); //If the owner type is User if ($this->authorizer->getResourceOwnerType() == 'user') { //Find the user $user = $this->userRepository->find($this->authorizer->getResourceOwnerId()); //If we have account in the route if ($account) { //Check if the user has access to the account if (!$user->isAssociateToAccount($account)) { return $this->response->errorUnauthorized("You don't have access to the account {$account->uuid}"); } } //Add context processor to log $this->log->addProcessors([new ContextProcessor($user, isset($account) ? $account : null)]); //Set the user in context $this->context->setUser($user); } // Set application locale $this->setApplicationLocale(); return $next($request); }
/** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\Response */ public function store(Request $request) { $data = $request->all(); $userId = $this->authorizer->getResourceOwnerId(); $data['client_id'] = $this->userRepository->find($userId)->client->id; $order = $this->orderService->create($data); return $this->orderRepository->with('items')->find($order->id); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $user = $this->userRepository->find($this->authorizer->getResourceOwnerId()); App::singleton('user', function () use($user) { return $user->toArray(); }); return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @throws \League\OAuth2\Server\Exception\AccessDeniedException * * @return mixed */ public function handle($request, Closure $next) { $this->authorizer->setRequest($request); $user = $this->authorizer->getResourceOwnerId(); $user = json_decode($user, true)['data']; if (in_array($user['role'], ['store_manager', 'admin'])) { return $next($request); } throw new AccessDeniedException(); }
public function update(Request $request, $id) { $deliverymanId = $this->authorizer->getResourceOwnerId(); if ($this->orderService->update(['id' => $id, 'user_deliveryman_id' => $deliverymanId], $request)) { $type = ['type' => 'success']; $code = Response::HTTP_OK; } $type = !$type ? ['type' => 'not found'] : $type; $code = !$code ? Response::HTTP_NOT_FOUND : $code; return response($type, $code)->header('Content-Type', 'application/json'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // if (env('APP_ENV') != 'testing') { $this->authorizer->validateAccessToken($this->httpHeadersOnly); $this->validateScopes(); // } $owner_id = $this->authorizer->getResourceOwnerId(); if ($owner_id) { list($user_type, $id) = explode(':', $owner_id); switch ($user_type) { case 'admin': $request->user = Admin::find($id); break; default: $request->user = User::find($id); break; } } else { $request->user = new Guest(); } return $next($request); }
/** * Get the resource owner ID of the current request. * * @return string * @static */ public static function getResourceOwnerId() { return \LucaDegasperi\OAuth2Server\Authorizer::getResourceOwnerId(); }