29 lines
833 B
PHP
29 lines
833 B
PHP
<?php
|
|
|
|
namespace Spatie\Permission\Middlewares;
|
|
|
|
use Closure;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Spatie\Permission\Exceptions\UnauthorizedException;
|
|
|
|
class RoleOrPermissionMiddleware
|
|
{
|
|
public function handle($request, Closure $next, $roleOrPermission, $guard = null)
|
|
{
|
|
$authGuard = Auth::guard($guard);
|
|
if ($authGuard->guest()) {
|
|
throw UnauthorizedException::notLoggedIn();
|
|
}
|
|
|
|
$rolesOrPermissions = is_array($roleOrPermission)
|
|
? $roleOrPermission
|
|
: explode('|', $roleOrPermission);
|
|
|
|
if (! $authGuard->user()->hasAnyRole($rolesOrPermissions) && ! $authGuard->user()->hasAnyPermission($rolesOrPermissions)) {
|
|
throw UnauthorizedException::forRolesOrPermissions($rolesOrPermissions);
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|