/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $id = $request->route('id'); $referralInformation = ReferralInformation::findOrFail($id); if (!($this->auth->user()->is('administrator') || $this->auth->user()->is('property_manager|normal_administrator') && $referralInformation->province == $this->auth->user()->profile->province) && $referralInformation->user_id != $this->auth->user()->id) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->back()->withErrors(['You are not authorized to do this action']); } } return $next($request); }
/** * Get the validation rules that apply to the request. * * @return array */ public function rules() { $user = Auth::user(); $propertyTypeAllowedValues = implode(',', PropertyType::lists('id')->all()); $statusAllowedValues = implode(',', array_keys(ReferralInformation::getStatusOptions())); if ($user->is('administrator')) { $rules['status'] = 'required|in:' . $statusAllowedValues; $rules['followed_up'] = 'required|boolean'; } $rules['name'] = 'required'; $rules['contact_number'] = 'required'; $rules['email'] = 'email'; $rules['province'] = 'required'; $rules['city'] = 'required'; $rules['subdistrict'] = 'required'; $rules['address'] = 'required'; $rules['postal_code'] = ''; $rules['property_type_id'] = 'required|in:' . $propertyTypeAllowedValues; if (!$user->is('administrator')) { $rules['owner_notified'] = 'required|boolean'; } return $rules; }
/** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Http\Response */ public function delete($id) { $user = Auth::user(); $referralInformation = ReferralInformation::findOrFail($id); if ($user->is('property_manager')) { abort(401, 'Unauthorized action.'); } if (!$this->isEditable($referralInformation)) { return redirect()->route($user->backendAccess . '.referrals.index')->withErrors(['Your referral can\'t be deleted because it has been followed up.']); } $referralInformation->delete(); return redirect()->route($user->backendAccess . '.referrals.index')->with('messages', ['Informasi referral dihapus.']); }