private function checkUserPermissionsAgainstAllowedPermissions($allowedPermissions) { $user = $this->auth->user(); if ($user === null) { $userPermissions = ['guest']; } else { $userPermissions = $user->getPermissions(); } // Check if app is in testing mode if ($this->permissionParser->isAppInTestingMode()) { // Merge testing permissions with userPermissions $testPerm = array_filter($this->permissionParser->getTestingModePermissions()); if ($this->permissionParser->debugging()) { \Log::info('[Laraguard] TESTING permissions: ' . join(',', $testPerm)); } $userPermissions = array_merge($userPermissions, $testPerm); } // Remove null values $userPermissions = array_filter($userPermissions); $allowedPermissions = array_filter($allowedPermissions); // Intersect permissions $validPermissions = array_intersect($userPermissions, $allowedPermissions); if (count($validPermissions) > 0) { if ($this->permissionParser->debugging()) { \Log::info('[Laraguard] ALLOW - Allowed permissions: ' . join(',', $allowedPermissions) . ' - User: '******',', $userPermissions)); } return true; } if ($this->permissionParser->debugging()) { \Log::info('[Laraguard] DENY - Allowed permissions: ' . join(',', $allowedPermissions) . ' - User: '******',', $userPermissions)); } return false; }
/** * Returns an array with all permissions and their respective * children (regex or controller action string) * * @return array */ public function getPermissionArray() { return $this->permissionParser->getPermissionArray(); }