Skip to content

Instantly share code, notes, and snippets.

@programarivm
Last active December 28, 2019 12:20
Show Gist options
  • Save programarivm/ff28f1864f8d2db8d8de6c085fb1f052 to your computer and use it in GitHub Desktop.
Save programarivm/ff28f1864f8d2db8d8de6c085fb1f052 to your computer and use it in GitHub Desktop.
ACL middleware
<?php
namespace App\Http\Middleware;
use Closure;
class Acl
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$role = auth()->user()->getAttributes()['role'];
$resource = substr($request->route()->getActionName(), strrpos($request->route()->getActionName(), '\\') + 1);
if (!\App\Acl::isAuthorized($role, $resource)) {
return response()->json(['message' => 'Forbidden'], 403);
}
return $next($request);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment