uccellolabs / uccello

app/Http/Middleware/CheckSettingsPanel.php

<?php

namespace Uccello\Core\Http\Middleware;

use Closure;
use Auth;

class CheckSettingsPanel
{
    /**
     * Check if the user can access to the settings panel or redirect to 403 page.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     * @throws \Symfony\Component\HttpKernel\Exception\HttpException
     */
    public function handle($request, Closure $next)
    {
        $user = Auth::user();

        $domain = $request->domain;

        if (!$user->canAccessToSettingsPanel($domain)) {

The method canAccessToSettingsPanel() does not exist on Illuminate\Contracts\Auth\Authenticatable. It seems like you code against a sub-type of Illuminate\Contracts\Auth\Authenticatable such as Illuminate\Foundation\Auth\User.

            return abort(403);

Are you sure the usage of abort(403) is correct as it seems to always return null.

        }

        return $next($request);
    }
}