BookStack/app/Http/Middleware/PermissionMiddleware.php
Dan Brown e6c6de0848
Simplified guard names and rolled out guard route checks
- Included tests to cover for LDAP and SAML
- Updated wording for external auth id option.
- Updated 'assertPermissionError' test case to be usable in BrowserKitTests
2020-02-02 13:10:21 +00:00

28 lines
655 B
PHP

<?php
namespace BookStack\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Session;
class PermissionMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param $permission
* @return mixed
*/
public function handle($request, Closure $next, $permission)
{
if (!$request->user() || !$request->user()->can($permission)) {
session()->flash('error', trans('errors.permission'));
return redirect()->back();
}
return $next($request);
}
}