|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace App\Http\Controllers; |
|
4
|
|
|
|
|
5
|
|
|
use Laravel\Lumen\Routing\Controller as BaseController; |
|
6
|
|
|
use Illuminate\Http\Request; |
|
7
|
|
|
use App\User; |
|
8
|
|
|
use Gate; |
|
9
|
|
|
|
|
10
|
|
|
class Controller extends BaseController{ |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Return a JSON response for success. |
|
14
|
|
|
* |
|
15
|
|
|
* @param array $data |
|
16
|
|
|
* @param string $code |
|
17
|
|
|
* @return \Illuminate\Http\JsonResponse |
|
18
|
|
|
*/ |
|
19
|
|
|
public function success($data, $code){ |
|
20
|
|
|
return response()->json(['data' => $data], $code); |
|
|
|
|
|
|
21
|
|
|
} |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* Return a JSON response for error. |
|
25
|
|
|
* |
|
26
|
|
|
* @param array $message |
|
27
|
|
|
* @param string $code |
|
28
|
|
|
* @return \Illuminate\Http\JsonResponse |
|
29
|
|
|
*/ |
|
30
|
|
|
public function error($message, $code){ |
|
31
|
|
|
return response()->json(['message' => $message], $code); |
|
|
|
|
|
|
32
|
|
|
} |
|
33
|
|
|
|
|
34
|
|
|
/** |
|
35
|
|
|
* Check if the user is authorized to perform a given action on a resource. |
|
36
|
|
|
* |
|
37
|
|
|
* @param \Illuminate\Http\Request $request |
|
38
|
|
|
* @param array $resource |
|
39
|
|
|
* @param mixed|array $arguments |
|
40
|
|
|
* @return boolean |
|
41
|
|
|
* @see https://lumen.laravel.com/docs/authorization |
|
42
|
|
|
*/ |
|
43
|
|
|
protected function authorizeUser(Request $request, $resource, $arguments = []){ |
|
44
|
|
|
|
|
45
|
|
|
$user = User::find($this->getUserId()); |
|
46
|
|
|
$action = $this->getAction($request); |
|
47
|
|
|
|
|
48
|
|
|
// The ability string must match the string defined in App\Providers\AuthServiceProvider\ability() |
|
49
|
|
|
$ability = "{$action}-{$resource}"; |
|
50
|
|
|
|
|
51
|
|
|
// return $this->authorizeForUser($user, "{$action}-{$resource}", $data); |
|
|
|
|
|
|
52
|
|
|
return Gate::forUser($user)->allows($ability, $arguments); |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
/** |
|
56
|
|
|
* Check if user is authorized. |
|
57
|
|
|
* |
|
58
|
|
|
* This method will be called by "Authorize" Middleware for every controller. |
|
59
|
|
|
* Controller that needs to be authorized must override this method. |
|
60
|
|
|
* |
|
61
|
|
|
* @param \Illuminate\Http\Request $request |
|
62
|
|
|
* @return bool |
|
63
|
|
|
*/ |
|
64
|
|
|
public function isAuthorized(Request $request){ |
|
65
|
|
|
return false; |
|
66
|
|
|
} |
|
67
|
|
|
|
|
68
|
|
|
/** |
|
69
|
|
|
* Get current authorized user id. |
|
70
|
|
|
* This method should be called only after validating the access token using OAuthMiddleware Middleware. |
|
71
|
|
|
* |
|
72
|
|
|
* @return boolean |
|
73
|
|
|
*/ |
|
74
|
|
|
protected function getUserId(){ |
|
75
|
|
|
return \LucaDegasperi\OAuth2Server\Facades\Authorizer::getResourceOwnerId(); |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
/** |
|
79
|
|
|
* Get the requested action method. |
|
80
|
|
|
* |
|
81
|
|
|
* @param \Illuminate\Http\Request $request |
|
82
|
|
|
* @return string |
|
83
|
|
|
*/ |
|
84
|
|
|
protected function getAction(Request $request){ |
|
85
|
|
|
return explode('@', $request->route()[1]["uses"], 2)[1]; |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
/** |
|
89
|
|
|
* Get the parameters in route. |
|
90
|
|
|
* |
|
91
|
|
|
* @param \Illuminate\Http\Request $request |
|
92
|
|
|
* @return array |
|
93
|
|
|
*/ |
|
94
|
|
|
protected function getArgs(Request $request){ |
|
95
|
|
|
return $request->route()[2]; |
|
96
|
|
|
} |
|
97
|
|
|
} |
|
98
|
|
|
|
OmarElGabry /
lumen-api-oauth
Loading history...
It seems like the method you are trying to call exists only in some of the possible types.
Let’s take a look at an example:
Available Fixes
Add an additional type-check:
Only allow a single type to be passed if the variable comes from a parameter: