App\Http\Middleware\ForceUpdate::handle()

Complexity

Conditions	6
Paths	6

Size

Total Lines	20
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	2	Features	0

<?php
    public function handle($request, Closure $next)
    {
        if (Request::isMethod('post')) {
            return $next($request);
        }

        // if the current user has a forceupdate field set, we check that they can only access this route or a lower forceupdate step

        if (backpack_user() != null) {
            if (backpack_user()->isStudent()) {

The method isStudent() does not exist on Illuminate\Contracts\Auth\Authenticatable. It seems like you code against a sub-type of Illuminate\Contracts\Auth\Authenticatable such as Illuminate\Foundation\Auth\User.

                if (backpack_user()->student->force_update) {

Accessing student on the interface Illuminate\Contracts\Auth\Authenticatable suggest that you code against a concrete implementation. How about adding an instanceof check?

                    // if the user wants to go further than authorized, redirect them to the current step
                    if ($request->path() != 'edit/'.backpack_user()->student->force_update) {
                        return redirect(url('edit/'.backpack_user()->student->force_update));
                    }
                }
            }
        }

        return $next($request);
    }