/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = Authorizer::getResourceOwnerId(); $projectId = $request->project; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => 'Access Denied!']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = Authorizer::getResourceOwnerId(); $projectId = $request->project; if ($this->repository->isOwner($projectId, $userId) == false) { return ['success' => false, 'userId' => 'Forbidden']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = Authorizer::getResourceOwnerId(); $projectId = $request->projects; if (!$this->repository->isOwner($projectId, $userId)) { return ['error' => 'Access forbidden']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->projects; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => 'Access denied! You must be the project owner to access this resource']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $request->id; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => true, 'message' => 'Access forbidden']; } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $userId = Authorizer::getResourceOwnerId(); $projectId = $request->project; $isOwner = $this->repository->isOwner($projectId, $userId); $isMember = $this->repository->hasMember($projectId, $userId); if ($isOwner || $isMember) { return $next($request); } return ['error' => 'Access Forbiden']; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //retorna o ID do usuário na tela para verificar se é o correto // return ['userId'=> \Authorizer::getResourceOwnerId()]; //pega o usuário logado de acordo com o access token $userId = \Authorizer::getResourceOwnerId(); //rodando o php artisan route:list, podemos ver que o resource criou um parametro //no caso do project criou como {project}, conforme abaixo /*| Domain | Method | URI | Name | Action | Middleware | *| | GET|HEAD | project/{project} | project.show | CodeProject\Http\Controllers\ProjectController@show | oauth | */ $projectId = $request->project; if ($this->repository->isOwner($projectId, $userId) == false) { return ['error' => 'Access forbidden']; } return $next($request); }
public function checkProjectOwner($projectId) { $userId = \Authorizer::getResourceOwnerId(); return $this->repository->isOwner($projectId, $userId); }
private function isNotOwner($id) { $userId = Authorizer::getResourceOwnerId(); return !$this->repository->isOwner($id, $userId); }
private function checkProjectOwner($projectId) { return $this->repository->isOwner($projectId, Authorizer::getResourceOwnerId()); }
public function checkProjectOwner($projectFileId) { $userId = \Authorizer::getResourceOwnerId(); $projectId = $this->repository->skipPresenter()->find($projectFileId)->project_id; return $this->projectRepository->isOwner($projectId, $userId); }
/** * @param $project_id * @return mixed */ private function checkProjectOwner($project_id) { $user_id = Authorizer::getResourceOwnerId(); return $this->repository->isOwner($project_id, $user_id); }