These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php namespace Arcanesoft\Core\Http\Middleware; |
||
2 | |||
3 | use Arcanedev\Support\Http\Middleware; |
||
4 | use Closure; |
||
5 | use Illuminate\Auth\Access\AuthorizationException; |
||
6 | use Illuminate\Http\Request; |
||
7 | |||
8 | /** |
||
9 | * Class AdminMiddleware |
||
10 | * |
||
11 | * @package Arcanesoft\Foundation\Http\Middleware |
||
12 | * @author ARCANEDEV <[email protected]> |
||
13 | */ |
||
14 | class CheckAdministrators extends Middleware |
||
15 | { |
||
16 | /* ----------------------------------------------------------------- |
||
17 | | Main Methods |
||
18 | | ----------------------------------------------------------------- |
||
19 | */ |
||
20 | |||
21 | /** |
||
22 | * Run the request filter. |
||
23 | * |
||
24 | * @param \Illuminate\Http\Request $request |
||
25 | * @param \Closure $next |
||
26 | * |
||
27 | * @return mixed |
||
28 | * |
||
29 | * @throws \Illuminate\Auth\Access\AuthorizationException |
||
30 | */ |
||
31 | public function handle(Request $request, Closure $next) |
||
32 | { |
||
33 | if ( ! $this->isAllowed()) |
||
34 | $this->failedAuthorization(); |
||
35 | |||
36 | return $next($request); |
||
37 | } |
||
38 | |||
39 | /* ----------------------------------------------------------------- |
||
40 | | Other Methods |
||
41 | | ----------------------------------------------------------------- |
||
42 | */ |
||
43 | |||
44 | /** |
||
45 | * Check if the user is allowed. |
||
46 | * |
||
47 | * @return bool |
||
48 | */ |
||
49 | protected function isAllowed() |
||
50 | { |
||
51 | /** @var \Arcanesoft\Contracts\Auth\Models\User $user */ |
||
52 | if (is_null($user = auth()->user())) |
||
0 ignored issues
–
show
|
|||
53 | return false; |
||
54 | |||
55 | return $user->isAdmin() || $user->isModerator(); |
||
56 | } |
||
57 | |||
58 | /** |
||
59 | * Handle a failed authorization attempt. |
||
60 | * |
||
61 | * @throws \Illuminate\Auth\Access\AuthorizationException |
||
62 | */ |
||
63 | protected function failedAuthorization() |
||
64 | { |
||
65 | throw new AuthorizationException( |
||
66 | '[Unauthorized] You are not allowed to perform this action.', 403 |
||
67 | ); |
||
68 | } |
||
69 | } |
||
70 |
It seems like the method you are trying to call exists only in some of the possible types.
Let’s take a look at an example:
Available Fixes
Add an additional type-check:
Only allow a single type to be passed if the variable comes from a parameter: