add authorization exception

6aff3764 · Viral Solani · f8026b32 · 6aff3764 · 6aff3764 · 6aff3764
Commit 6aff3764 authored Mar 15, 2018 by Viral Solani
Show whitespace changes
Inline Side-by-side

Showing with 17 additions and 4 deletions

Handler.php app/Exceptions/Handler.php +6 -0

UsersController.php app/Http/Controllers/Api/V1/UsersController.php +5 -4

Request.php app/Http/Requests/Request.php +6 -0

No files found.
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -11,6 +11,7 @@ use Illuminate\Validation\ValidationException;
 use Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
+use Illuminate\Auth\Access\AuthorizationException;
 class Handler extends ExceptionHandler
 {
@@ -52,9 +53,14 @@ class Handler extends ExceptionHandler
     */
    public function render($request, Exception $exception)
    {
+        //dd($exception);
        if (strpos($request->url(), '/api/') !== false) {
            \Log::debug('API Request Exception - '.$request->url().' - '.$exception->getMessage().(!empty($request->all()) ? ' - '.json_encode($request->except(['password'])) : ''));
+            if ($exception instanceof AuthorizationException) {
+                return $this->setStatusCode(403)->respondWithError($exception->getMessage());
+            }
            if ($exception instanceof MethodNotAllowedHttpException) {
                return $this->setStatusCode(403)->respondWithError('Please check HTTP Request Method. - MethodNotAllowedHttpException');
            }

--- a/app/Http/Controllers/Api/V1/UsersController.php
+++ b/app/Http/Controllers/Api/V1/UsersController.php
@@ -2,11 +2,12 @@
 namespace App\Http\Controllers\Api\V1;
-use App\Http\Resources\UserResource;
+use Validator;
+use Illuminate\Http\Request;
 use App\Models\Access\User\User;
+use App\Http\Resources\UserResource;
 use App\Repositories\Backend\Access\User\UserRepository;
-use Illuminate\Http\Request;
+use App\Http\Requests\Backend\Access\User\ManageUserRequest;
-use Validator;
 class UsersController extends APIController
 {
@@ -29,7 +30,7 @@ class UsersController extends APIController
     *
     * @return \Illuminate\Http\JsonResponse
     */
-    public function index(Request $request)
+    public function index(ManageUserRequest $request)
    {
        $limit = $request->get('paginate') ? $request->get('paginate') : 25;

--- a/app/Http/Requests/Request.php
+++ b/app/Http/Requests/Request.php
@@ -3,6 +3,7 @@
 namespace App\Http\Requests;
 use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Auth\Access\AuthorizationException;
 /**
 * Class Request.
@@ -25,4 +26,9 @@ abstract class Request extends FormRequest
        return redirect()->back()->withErrors($this->error);
    }
+    protected function failedAuthorization()
+    {
+        throw new AuthorizationException('This action is unauthorized.');
+    }
 }