Skip to content

Instantly share code, notes, and snippets.

@dillinghamio
Last active April 8, 2022 03:50
Show Gist options
  • Save dillinghamio/7d6039ef8a86d3fdfa2ce747d4d919ea to your computer and use it in GitHub Desktop.
Save dillinghamio/7d6039ef8a86d3fdfa2ce747d4d919ea to your computer and use it in GitHub Desktop.
Team Role Middleware For Laravel Spark

Team Role Middleware For Laravel Spark

Makes it simple to use Spark's role feature on routes

Route::group(['middleware'=>'role:owner'], function(){
    // owners only
});

Route::group(['middleware'=>'role:member'], function(){
    // members only
});

Run php artisan make:middleware RoleMiddleware Copy the following to the newly created file

Open Http\kernel.php Find $routeMiddleware Add 'role' => \App\Http\Middleware\RoleMiddleware::class,

<?php

namespace App\Http\Middleware;

use Closure;

class RoleMiddleware
{
    /**
     *  Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string  $role
     * @return mixed
     */
    public function handle($request, Closure $next, $role)
    {         
        if ($request->user()->roleOn($request->user()->currentTeam) != $role)
        {
            return redirect('/home');
        }

        return $next($request);
    }

}

Made by: @dillinghamio Find More Awesome Spark Stuff Here

@SuperGizmo
Copy link

// owners ownly

change to:

// owners only

@dillinghamio
Copy link
Author

@SuperGizmo thanks

@jpmurray
Copy link

jpmurray commented May 7, 2016

Hey there! So after my experiences modifying the @role directive, I decided that'd be cool to have the possibility to pass multiple roles to check with this middleware also! ;-)

So, to be able to use:

Route::group(['middleware'=>'role:owner|manager'], function(){
    // members or managers only
});

I modified the handle() method of the RoleMiddleware as such:

public function handle($request, Closure $next, $roles)
    {         
        $authorizedRoles = array_map('trim', explode('|', $roles));
        $roleOnTeam = $request->user()->roleOn($request->user()->currentTeam);

        if (in_array($roleOnTeam, $authorizedRoles)){
            return $next($request);
        }

        return redirect('/home');
    }

What do you tihnk?

@dillinghamio
Copy link
Author

dillinghamio commented May 9, 2016

@jpmurray, nice :) I was thinking if it came to that I would do 'middleware' => ['auth','role:owner','role:member']] but yours is a bit cleaner. But so far, haven't had the need for multiple roles in the middleware

@jpmurray
Copy link

jpmurray commented May 9, 2016

@dillinghamio problem with passing ['auth','role:owner','role:member'] is that it acts like and and (or at least, that's how it acted when I first tested it!). I myself, really needed an or for a case like this one: you can access team setting page if you are owner or manager.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment