/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$userId = \Authorizer::getResourceOwnerId();
$projetct_id = $request->project;
if ($this->repository->isOwner($projetct_id, $userId) == false) {
return ['error' => 'access forbidden'];
}
return $next($request);
}
/**
* @param $projectFileId
* @return mixed
*/
public function checkProjectOwner($projectFileId)
{
$userId = \Authorizer::getResourceOwnerId();
$projectId = $this->repository->SkipPresenter()->find($projectFileId)->project_id;
return $this->projectRepository->isOwner($projectId, $userId);
}
