Files
alrahma_sunday_school_api/app/Http/Middleware/RequirePermission.php
T
root 90f9857b06
API CI/CD / Validate (composer + pint) (push) Successful in 3m7s
API CI/CD / Test (PHPUnit) (push) Failing after 5m46s
API CI/CD / Build frontend assets (push) Successful in 1m2s
API CI/CD / Security audit (push) Failing after 49s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
security fix and fix parent pages
2026-07-06 02:14:16 -04:00

41 lines
1.3 KiB
PHP

<?php
namespace App\Http\Middleware;
use App\Services\Auth\PermissionCheckService;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class RequirePermission
{
public function __construct(private PermissionCheckService $permissions) {}
public function handle(Request $request, Closure $next, string $permission): Response
{
$userId = (int) ($request->user()?->id ?? 0);
if ($userId <= 0) {
return response()->json(['status' => false, 'message' => 'Unauthorized.'], 401);
}
$user = $request->user();
$status = strtolower(trim((string) ($user->status ?? '')));
$isVerified = filter_var($user->is_verified ?? false, FILTER_VALIDATE_BOOLEAN);
$isSuspended = filter_var($user->is_suspended ?? false, FILTER_VALIDATE_BOOLEAN);
if (! $isVerified || $status !== 'active' || $isSuspended) {
return response()->json(['message' => 'Account unavailable.'], 403);
}
if (! $this->permissions->hasPermission($userId, $permission)) {
if ($request->expectsJson()) {
return response()->json(['status' => false, 'message' => 'Access denied.'], 403);
}
return response()->json(['status' => false, 'message' => 'Access denied.'], 403);
}
return $next($request);
}
}