作者:shirishmor
项目:timeshee
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
if (Gate::denies('addClient', new Client())) {
abort(403, 'Not allowed');
}
return View::make('client.create');
}
作者:vladzu
项目:werke
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (Gate::denies('contributor')) {
abort(403);
}
return $next($request);
}
作者:hughgrig
项目:ching-sho
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Gate::define('administer', function (User $user) {
return $user->roles->contains('name', 'admin');
});
}
作者:younginnovation
项目:aidstrea
/**
* updates activity sector
* @param $id
* @param Request $request
* @param SectorRequestManager $sectorRequestManager
* @return \Illuminate\Http\RedirectResponse
*/
public function update($id, Request $request, SectorRequestManager $sectorRequestManager)
{
$activityData = $this->activityManager->getActivityData($id);
if (Gate::denies('ownership', $activityData)) {
return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
}
$this->authorizeByRequestType($activityData, 'sector');
$sectors = $request->all();
foreach ($sectors['sector'] as &$sector) {
if ($sector['sector_vocabulary'] == 1 || $sector['sector_vocabulary'] == '') {
$sector['sector_vocabulary'] = 1;
$sector['sector_category_code'] = '';
$sector['sector_text'] = '';
} elseif ($sector['sector_vocabulary'] == 2) {
$sector['sector_code'] = '';
$sector['sector_text'] = '';
} else {
$sector['sector_code'] = '';
$sector['sector_category_code'] = '';
}
}
if ($this->sectorManager->update($sectors, $activityData)) {
$this->activityManager->resetActivityWorkflow($id);
$response = ['type' => 'success', 'code' => ['updated', ['name' => 'Sector']]];
return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response);
}
$response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Sector']]];
return redirect()->back()->withInput()->withResponse($response);
}
作者:burimshal
项目:todooze
/**
* @param $id
* @return int
*/
public function destroy($id)
{
if (Gate::denies('manage-users')) {
abort(403, 'You dont have permissions!!');
}
return (int) $this->usersRepo->delete($this->usersRepo->byId($id));
}
作者:ppawla
项目:swo
public function destroy($id)
{
if (Gate::denies('managerOnly')) {
abort(403);
}
return Group::destroy($id);
}
作者:younginnovation
项目:aidstrea
/**
* updates activity recipient region
* @param $id
* @param Request $request
* @param RecipientRegionRequestManager $recipientRegionRequestManager
* @return \Illuminate\Http\RedirectResponse
*/
public function update($id, Request $request, RecipientRegionRequestManager $recipientRegionRequestManager)
{
$activityData = $this->activityManager->getActivityData($id);
if (Gate::denies('ownership', $activityData)) {
return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
}
$this->authorizeByRequestType($activityData, 'recipient_region');
$activityTransactions = $this->transactionManager->getTransactions($id);
$count = 0;
if ($activityTransactions) {
foreach ($activityTransactions as $transactions) {
$transactionDetail = $transactions->transaction;
removeEmptyValues($transactionDetail);
if (!empty($transactionDetail['recipient_country']) || !empty($transactionDetail['recipient_region'])) {
$count++;
}
}
}
if ($count > 0) {
$response = ['type' => 'warning', 'code' => ['message', ['message' => 'You cannot save Recipient Region in activity level because you have already saved recipient country or region in transaction level.']]];
return redirect()->back()->withInput()->withResponse($response);
}
$recipientRegions = $request->all();
foreach ($recipientRegions['recipient_region'] as &$recipientRegion) {
$recipientRegion['region_vocabulary'] != '' ?: ($recipientRegion['region_vocabulary'] = '1');
}
if ($this->recipientRegionManager->update($recipientRegions, $activityData)) {
$this->activityManager->resetActivityWorkflow($id);
$response = ['type' => 'success', 'code' => ['updated', ['name' => 'Recipient Region']]];
return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response);
}
$response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Recipient Region']]];
return redirect()->back()->withInput()->withResponse($response);
}
作者:ppawla
项目:swo
public function destroy($id)
{
if (Gate::denies('adminOnly')) {
abort(403);
}
return Organization::destroy($id);
}
作者:karthik1407
项目:sparkplu
/**
* Create a new controller instance.
* @internal param ReflectionClass $reflect
*/
public function __construct()
{
if (get_sparkplug_config('ACL')) {
if (Gate::denies(get_module_class_name($this))) {
abort('403', 'User has no privilages to access this page');
}
}
}
作者:marcocastignol
项目:lumen_aut
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (Gate::denies('authorization', $request->route()[1]['uses'])) {
abort(403);
} else {
return $next($request);
}
}
作者:dinghu
项目:cr
/**
* Show Dashboard.
*
* @return mixed
*/
public function show()
{
$content = Content::newPostInstance();
if (Gate::denies('create', $content)) {
return view('orchestra/story::admin.home');
}
return $this->writePost($content);
}
作者:gitter-badge
项目:nxpane
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function show($id)
{
$post = Post::findOrFail($id);
if (Gate::denies('update', $post)) {
abort(403, 'no fucking way bitch');
}
return $post->title;
}
作者:boomcm
项目:boom-cor
public function update(Request $request, PersonModel $person)
{
$person->setName($request->input('name'))->setEnabled($request->has('enabled'));
if (Gate::allows('editSuperuser', $person)) {
$person->setSuperuser($request->has('superuser'));
}
PersonFacade::save($person);
}
作者:ppawla
项目:swo
public function managerIndex()
{
if (Gate::denies('managerOnly')) {
abort(403);
}
// Retrieve all the users defined for the organization of the currently authenticated manager
return Auth::user()->organization->users;
}
作者:phelipperibeir
项目:book_store_larave
public function coverStore(Request $request, $id)
{
$book = Book::find($id);
if (Gate::denies('manageBook', $book)) {
abort(403, 'voce não é o dono desse livro');
}
$bookService = app()->make(BookService::class);
$bookService->storeCover($book, $request->file('file'));
}
作者:codeed
项目:laravel52-carnava
public function destroy($id, $chapter_id)
{
$chapter = Chapter::find($chapter_id);
if (Gate::denies('manage', $chapter)) {
abort(403, "you do not own this book/chapter");
}
$chapter->delete();
return redirect()->route('admin.books.chapters.index', ['id' => $id]);
}
作者:naye
项目:la
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
foreach ($this->getPermissions() as $permission) {
Gate::define($permission->name, function ($user) use($permission) {
return $user->hasRole($permission->roles);
});
}
}
作者:burimshal
项目:todoap
/**
* @param $todoListId
* @return mixed
*/
public function todoCollection($todoListId)
{
$todoList = $this->todolistRepository->byId($todoListId);
$todoListCollection = $this->todolistRepository->todoCollection($todoListId);
if (Gate::denies('add-todo', $todoList)) {
abort(403);
}
return $todoListCollection;
}
作者:burimshal
项目:todoap
/**
* @param $todoId
*/
public function activate($todoId)
{
$todoApplicationService = new TodoApplicationService();
$todo = $this->todoRepository->byId($todoId);
if (Gate::denies('delete-todo', $todo)) {
abort(403);
}
$todoApplicationService->reActivateTodo($todoId);
}
作者:reiniersb8
项目:authorization-dem
public function edit($id)
{
$post = Post::findOrFail($id);
if (Gate::denies('update', $post)) {
Alert::danger('No tienes permisos para editar este post');
return redirect('posts');
}
return $post->title;
}
