Adicionando checagem multipla de tipo nas rotas

5d8321f6 · José Rômulo · 69192e2f · 5d8321f6 · 5d8321f6 · 5d8321f6
Commit 5d8321f6 authored 3 years ago by José Rômulo
Show whitespace changes
Inline Side-by-side

Showing

with 44 additions and 10 deletions
+44 -10
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -65,6 +65,8 @@ class Kernel extends HttpKernel
        'isTemp'  => \App\Http\Middleware\IsTemp::class,
        'checkAdministrador' => \App\Http\Middleware\checkAdministrador::class,
        'checkAdminResp' => \App\Http\Middleware\checkAdminResp::class,
+        'checkCoordenador' => \App\Http\Middleware\checkCoordenador::class,
+        'checkRoles' => \App\Http\Middleware\checkRoles::class,
    ];
    /**

--- a/app/Http/Middleware/checkRoles.php
+++ b/app/Http/Middleware/checkRoles.php
+<?php
+namespace App\Http\Middleware;
+use Auth;
+use Closure;
+use Illuminate\Support\Facades\Log;
+class checkRoles
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next, ... $roles)
+    {
+        if(!Auth::check()){
+            Log::debug('checkRoles');
+            return redirect('/');
+        }
+        $user = Auth::user();
+        /*
+        if($user->tipo == 'administrador'){
+            return $next($request);
+        }*/
+        foreach($roles as $role){
+            if($user->tipo == $role){
+                return $next($request);
+            }
+        }
+        return redirect('home')->with('error', 'Você não possui privilégios para acessar esta funcionalidade');
+    }
+}
--- a/routes/web.php
+++ b/routes/web.php
@@ -231,16 +231,9 @@ Route::prefix('evento')->name('evento.')->group(function(){
  Route::post(   '/criar',          'EventoController@store'                            )->name('criar')->middleware('checkAdministrador');
  Route::get(    '/visualizar/{id}','EventoController@show'                             )->name('visualizar')->middleware('auth');
  Route::get(    '/listar',         'EventoController@listar'                           )->name('listar')->middleware('auth');
+  Route::delete( '/excluir/{id}',   'EventoController@destroy'                          )->name('deletar')->middleware('checkRoles:coordenador,administrador');
-  Route::delete( '/excluir/{id}',   'EventoController@destroy'                          )->name('deletar')->middleware('checkAdministrador');
+  Route::get(    '/editar/{id}',    'EventoController@edit'                             )->name('editar')->middleware('checkRoles:coordenador,administrador');
-  Route::delete( '/excluir/{id}',   'EventoController@destroy'                          )->name('deletar')->middleware(checkCoordenador::class);
+  Route::post(   '/editar/{id}',    'EventoController@update'                           )->name('update')->middleware('checkRoles:coordenador,administrador');
-  Route::get(    '/editar/{id}',    'EventoController@edit'                             )->name('editar')->middleware('checkAdministrador');
-  Route::get(    '/editar/{id}',    'EventoController@edit'                             )->name('editar')->middleware(checkCoordenador::class);
-  Route::post(   '/editar/{id}',    'EventoController@update'                           )->name('update')->middleware('checkAdministrador');
-  Route::post(   '/editar/{id}',    'EventoController@update'                           )->name('update')->middleware(checkCoordenador::class);
  Route::post(   '/setResumo',      'EventoController@setResumo'                        )->name('setResumo')->middleware('checkAdministrador');
  Route::post(   '/setFoto',        'EventoController@setFotoEvento'                    )->name('setFotoEvento')->middleware('checkAdministrador');