]> BookStack Code Mirror - bookstack/blob - app/Http/Middleware/CheckUserHasPermission.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #5668 from bumperbox/patch-1
[bookstack] / app / Http / Middleware / CheckUserHasPermission.php
1 <?php
2
3 namespace BookStack\Http\Middleware;
4
5 use Closure;
6 use Illuminate\Http\Request;
7
8 class CheckUserHasPermission
9 {
10     /**
11      * Handle an incoming request.
12      *
13      * @param \Illuminate\Http\Request $request
14      * @param \Closure                 $next
15      * @param string                   $permission
16      *
17      * @return mixed
18      */
19     public function handle($request, Closure $next, $permission)
20     {
21         if (!user()->can($permission)) {
22             return $this->errorResponse($request);
23         }
24
25         return $next($request);
26     }
27
28     protected function errorResponse(Request $request)
29     {
30         if ($request->wantsJson()) {
31             return response()->json(['error' => trans('errors.permissionJson')], 403);
32         }
33
34         session()->flash('error', trans('errors.permission'));
35
36         return redirect('/');
37     }
38 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.