/**
* this method to verify permission api
* @param stirng $method [description]
* @param stirng $permission [description]
*/
public function authorize($permission)
{
if (empty($this->tempStorage->get('id_company'))) {
$this->invalidateToken();
throw $this->response->error('Un Authorized, Please Re-Login', 401);
}
$user = JWTAuth::parseToken()->authenticate();
$permission = Permission::where('name', $permission)->select('id')->first();
if (count($permission) == 0) {
throw $this->response->error('No Permission', 404);
}
//set dynamic url or static url controller
if (empty($this->url)) {
$arrUrl = explode('/', Input::path());
array_shift($arrUrl);
$url = '/' . $arrUrl['0'] . '/' . $arrUrl['1'];
$menu = Menu::where('url', $url)->select('id')->first();
if (count($menu) == 0) {
throw $this->response->error('No Menu ' . $url, 404);
}
$rolePermission = RolePermission::where('id_role', $user->id_role)->where('id_permission', $permission->id)->where('id_menu', $menu->id)->get();
if (count($rolePermission) == 0) {
throw $this->response->error('Unauthorized action page', 404);
}
} else {
$url = $this->url;
$menu = Menu::where('url', $url)->select('id')->first();
if (count($menu) == 0) {
throw $this->response->error('No Menu ' . $url, 404);
}
}
}
