Preview: EventUserCheck.php
Size: 5.58 KB
/var/www/multi-event-cfp.bitkit.dk/httpdocs/app/Http/Middleware/EventUserCheck.php
<?php
namespace App\Http\Middleware;
use App\Models\Event;
use Closure;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Http\Request;
class EventUserCheck
{
/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
* @param mixed ...$roles
* @return mixed
* @throws AuthenticationException
*/
public function handle(Request $request, Closure $next, ...$roles)
{
$user = $request->user();
$eventSlug = $request->header('slug-name');
// Split the slug string by commas to handle both single and multiple slugs
$eventSlugs = explode(',', $eventSlug);
// Fetch all events matching the slugs
$events = $eventSlug ? Event::whereIn('slug_name', $eventSlugs)->get() : Event::all();
// If no events found, throw an error
if ($events->isEmpty()) {
throw new AuthenticationException('Event not found');
}
// For single event case, pick the first event; for multiple events, we pass the IDs
$event = $events->first();
$eventIds = $events->pluck('id')->toArray(); // Get the IDs of all matched events
$eventUser = getEventUser($event, $user);
if (!$eventUser || !$eventUser->hasAnyRole($roles))
throw new AuthenticationException('Unauthorized, requires role.');
$role = $request->header('role');
if ($role)
$request->merge(['role' => $role]);
//check platform enabled
$platformSettings = $event->platform_settings->toArray();
if (!$platformSettings['submitter_platform']) {
if ($role == 'event_submitter') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Submitter platform disabled'
]);
}
}
if (!$platformSettings['submitter_abstract_platform']) {
if ($role == 'event_submitter') {
$route = $request->route();
if ($route->getPrefix() == 'api/abstract') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Submitter abstract platform disabled'
]);
}
}
}
if (!$platformSettings['submitter_abstract_daft_creation']) {
if ($role == 'event_submitter') {
$route = $request->route();
if ($route->uri() == 'api/abstract') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Submitter create draft abstract disabled'
]);
}
}
}
if (!$platformSettings['submitter_presentation_platform']) {
if ($role == 'event_submitter') {
$route = $request->route();
if ($route->getPrefix() == 'api/presentation') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Submitter presentation platform disabled'
]);
}
}
}
if (!$platformSettings['reviewer_platform']) {
if ($role == 'event_reviewer') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Reviewer platform disabled'
]);
}
}
if (!$platformSettings['reviewer_presentation_platform']) {
if ($role == 'event_reviewer') {
$route = $request->route();
if ($route->getPrefix() == 'api/presentation') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Reviewer presentation platform disabled'
]);
}
}
}
if (!$platformSettings['reviewer_abstract_platform']) {
if ($role == 'event_reviewer') {
$route = $request->route();
if ($route->getPrefix() == 'api/abstract') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Reviewer abstract platform disabled'
]);
}
}
}
if (!$platformSettings['submitter_my_session_platform']) {
if ($role == 'event_submitter') {
$route = $request->route();
if ($route->getPrefix() == 'api/session') {
return response([
'status' => false,
'platform_disabled' => true,
'message' => 'Submitter my session platform disabled'
]);
}
}
}
// Conditionally merge 'event' or 'event_ids' into the request
if (count($eventSlugs) > 1) {
// If an array, pass event IDs
$request->merge(['event_user' => $eventUser, 'event' => null, 'eventIds' => $eventIds]);
} else {
// If a single slug, pass the event
$request->merge(['event_user' => $eventUser, 'event' => $event, 'eventIds' => null]);
}
return $next($request);
}
}
Directory Contents
Dirs: 0 × Files: 11