25 lines
555 B
PHP
25 lines
555 B
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use App\Exceptions\NotAuthorizedException;
|
|
|
|
class RoleMiddleware {
|
|
public function handle($request, Closure $next, $raw_roles) {
|
|
$user = $request->user;
|
|
$roles = explode('|', $raw_roles);
|
|
$has_permission = false;
|
|
|
|
foreach($roles as $role){
|
|
$has_permission = $has_permission || $user->hasRole($role);
|
|
}
|
|
|
|
if(!$has_permission) {
|
|
throw new NotAuthorizedException($request->user);
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|