Commit 6aff3764 authored by Viral Solani's avatar Viral Solani

add authorization exception

parent f8026b32
......@@ -11,6 +11,7 @@ use Illuminate\Validation\ValidationException;
use Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Illuminate\Auth\Access\AuthorizationException;
class Handler extends ExceptionHandler
{
......@@ -52,9 +53,14 @@ class Handler extends ExceptionHandler
*/
public function render($request, Exception $exception)
{
//dd($exception);
if (strpos($request->url(), '/api/') !== false) {
\Log::debug('API Request Exception - '.$request->url().' - '.$exception->getMessage().(!empty($request->all()) ? ' - '.json_encode($request->except(['password'])) : ''));
if ($exception instanceof AuthorizationException) {
return $this->setStatusCode(403)->respondWithError($exception->getMessage());
}
if ($exception instanceof MethodNotAllowedHttpException) {
return $this->setStatusCode(403)->respondWithError('Please check HTTP Request Method. - MethodNotAllowedHttpException');
}
......
......@@ -2,11 +2,12 @@
namespace App\Http\Controllers\Api\V1;
use App\Http\Resources\UserResource;
use Validator;
use Illuminate\Http\Request;
use App\Models\Access\User\User;
use App\Http\Resources\UserResource;
use App\Repositories\Backend\Access\User\UserRepository;
use Illuminate\Http\Request;
use Validator;
use App\Http\Requests\Backend\Access\User\ManageUserRequest;
class UsersController extends APIController
{
......@@ -29,7 +30,7 @@ class UsersController extends APIController
*
* @return \Illuminate\Http\JsonResponse
*/
public function index(Request $request)
public function index(ManageUserRequest $request)
{
$limit = $request->get('paginate') ? $request->get('paginate') : 25;
......
......@@ -3,6 +3,7 @@
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Auth\Access\AuthorizationException;
/**
* Class Request.
......@@ -25,4 +26,9 @@ abstract class Request extends FormRequest
return redirect()->back()->withErrors($this->error);
}
protected function failedAuthorization()
{
throw new AuthorizationException('This action is unauthorized.');
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment