BLUE
PHP 7.4.33
Path:
/var/www/multi-event-cfp.bitkit.dk/httpdocs/app/Http/Middleware
Run
Logout
Edit File
Size: 5.58 KB
Close
/var/www/multi-event-cfp.bitkit.dk/httpdocs/app/Http/Middleware/EventUserCheck.php
Text
Base64
<?php namespace App\Http\Middleware; use App\Models\Event; use Closure; use Illuminate\Auth\AuthenticationException; use Illuminate\Http\Request; class EventUserCheck { /** * Handle an incoming request. * * @param Request $request * @param Closure $next * @param mixed ...$roles * @return mixed * @throws AuthenticationException */ public function handle(Request $request, Closure $next, ...$roles) { $user = $request->user(); $eventSlug = $request->header('slug-name'); // Split the slug string by commas to handle both single and multiple slugs $eventSlugs = explode(',', $eventSlug); // Fetch all events matching the slugs $events = $eventSlug ? Event::whereIn('slug_name', $eventSlugs)->get() : Event::all(); // If no events found, throw an error if ($events->isEmpty()) { throw new AuthenticationException('Event not found'); } // For single event case, pick the first event; for multiple events, we pass the IDs $event = $events->first(); $eventIds = $events->pluck('id')->toArray(); // Get the IDs of all matched events $eventUser = getEventUser($event, $user); if (!$eventUser || !$eventUser->hasAnyRole($roles)) throw new AuthenticationException('Unauthorized, requires role.'); $role = $request->header('role'); if ($role) $request->merge(['role' => $role]); //check platform enabled $platformSettings = $event->platform_settings->toArray(); if (!$platformSettings['submitter_platform']) { if ($role == 'event_submitter') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Submitter platform disabled' ]); } } if (!$platformSettings['submitter_abstract_platform']) { if ($role == 'event_submitter') { $route = $request->route(); if ($route->getPrefix() == 'api/abstract') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Submitter abstract platform disabled' ]); } } } if (!$platformSettings['submitter_abstract_daft_creation']) { if ($role == 'event_submitter') { $route = $request->route(); if ($route->uri() == 'api/abstract') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Submitter create draft abstract disabled' ]); } } } if (!$platformSettings['submitter_presentation_platform']) { if ($role == 'event_submitter') { $route = $request->route(); if ($route->getPrefix() == 'api/presentation') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Submitter presentation platform disabled' ]); } } } if (!$platformSettings['reviewer_platform']) { if ($role == 'event_reviewer') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Reviewer platform disabled' ]); } } if (!$platformSettings['reviewer_presentation_platform']) { if ($role == 'event_reviewer') { $route = $request->route(); if ($route->getPrefix() == 'api/presentation') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Reviewer presentation platform disabled' ]); } } } if (!$platformSettings['reviewer_abstract_platform']) { if ($role == 'event_reviewer') { $route = $request->route(); if ($route->getPrefix() == 'api/abstract') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Reviewer abstract platform disabled' ]); } } } if (!$platformSettings['submitter_my_session_platform']) { if ($role == 'event_submitter') { $route = $request->route(); if ($route->getPrefix() == 'api/session') { return response([ 'status' => false, 'platform_disabled' => true, 'message' => 'Submitter my session platform disabled' ]); } } } // Conditionally merge 'event' or 'event_ids' into the request if (count($eventSlugs) > 1) { // If an array, pass event IDs $request->merge(['event_user' => $eventUser, 'event' => null, 'eventIds' => $eventIds]); } else { // If a single slug, pass the event $request->merge(['event_user' => $eventUser, 'event' => $event, 'eventIds' => null]); } return $next($request); } }
Save
Close
Exit & Reset
Text mode: syntax highlighting auto-detects file type.
Directory Contents
Dirs: 0 × Files: 11
Delete Selected
Select All
Select None
Sort:
Name
Size
Modified
Enable drag-to-move
Name
Size
Perms
Modified
Actions
Authenticate.php
568 B
lrw-rw-r--
2025-03-03 05:39:26
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
EncryptCookies.php
294 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
EventUserCheck.php
5.58 KB
lrw-rw-r--
2025-03-03 05:39:26
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
PreventRequestsDuringMaintenance.php
353 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
RedirectIfAuthenticated.php
734 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
SlugRedirect.php
691 B
lrw-rw-r--
2025-12-10 06:13:17
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
SwaggerUsersMiddleware.php
962 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
TrimStrings.php
368 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
TrustHosts.php
354 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
TrustProxies.php
585 B
lrw-r--r--
2024-02-09 12:37:30
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
VerifyCsrfToken.php
1001 B
lrw-rw-r--
2025-12-10 09:24:27
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
Zip Selected
If ZipArchive is unavailable, a
.tar
will be created (no compression).