role based auth middleware finished

app/Http/Controllers/AdminDashboardController.php

-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-
-use App\Http\Requests;
-
-class AdminDashboardController extends Controller
-{
-    public function index()
-    {
-      return 'Admin';
-    }
-}

app/Http/Controllers/ScheduleController.php

@@ -8,6 +8,12 @@ use App\Http\Requests;
 
 class ScheduleController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+        $this->middleware('scheduler');        
+    }
+    
     public function index()
     {
         return Schedule::all();
@@ -48,3 +54,4 @@ class ScheduleController extends Controller
         Schedule::find($id)->delete();
         return Schedule::all();
     }
+}
\ No newline at end of file

app/Http/Controllers/TpsController.php

@@ -8,6 +8,12 @@ use App\Http\Requests;
 
 class TpsController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+        $this->middleware('manager');
+    }
+    
     public function index()
     {
         return Tps::all();

app/Http/Controllers/UserController.php

@@ -8,6 +8,12 @@ use App\Http\Requests;
 
 class UserController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+        $this->middleware('user');
+    }
+    
     public function index()
     {
         return User::all();

app/Http/Kernel.php

@@ -48,6 +48,8 @@ class Kernel extends HttpKernel
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-        'permissions.required' => \App\Http\Middleware\PermissionsRequiredMiddleware::class,
+        'user' => \App\Http\Middleware\AuthorizedUser::class,
+        'manager' => \App\Http\Middleware\AuthorizedManager::class,
+        'scheduler' => \App\Http\Middleware\AuthorizedScheduler::class,
     ];
 }

app/Http/Middleware/Authenticate.php

@@ -17,7 +17,6 @@ class Authenticate
      */
     public function handle($request, Closure $next, $guard = null)
     {
-        // dd($request);
         if (Auth::guard($guard)->guest()) {
             if ($request->ajax() || $request->wantsJson()) {
                 return response('Unauthorized.', 403);

app/Http/Middleware/AuthorizedManager.php

+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+use App\Tps;
+
+class AuthorizedManager
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $user = Auth::user();
+        $role = $user->role();
+        $param = $request->route()->parameters();
+        $tps_id = !$param ? null : $param['tps'];
+        $tps = Tps::find($tps_id);
+        $mgr_id = !$tps ? null : $tps->id_manager;
+
+        if (!$tps_id) 
+        {
+            if ($role == 'admin')
+            {
+                return $next($request);
+            }
+            else
+            {
+                return redirect('/')->with('error', 'Not authorized');
+            }
+        }
+        else if ($mgr_id && $user->id == $mgr_id)
+        {
+            return $next($request);
+        }
+
+        return redirect('/')->with('error', 'Not authorized');
+    }
+}

app/Http/Middleware/AuthorizedScheduler.php

+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+
+class AuthorizedScheduler
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $user = Auth::user();
+        $role = $user->role();
+        $param = $request->route()->parameters();
+        $tps_id = $request->input('id_tps');
+        $tps = !$tps_id ? null : Tps::find($tps_id);
+        $mgr_id = !$tps ? null : $tps->id_manager;
+
+        if (!$tps_id)
+        {
+            if ($role == 'admin')
+            {
+                return $next($request);
+            }
+            else
+            {
+                return redirect('/')->with('error', 'Not authorized');
+            }
+        }
+        else if ($mgr_id && $user->id == $mgr_id)
+        {
+            return $next($request);
+        }
+
+        return redirect('/')->with('error', 'Not authorized');
+    }
+}

app/Http/Middleware/AuthorizedUser.php

+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+
+class AuthorizedUser
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $user = Auth::user();
+        $role = $user->role();
+        $id = !$request->route()->parameters() ? null : 
+                $request->route()->parameters()['user'];
+
+        if (!$id) 
+        {
+            if ($role == 'admin')
+            {
+                return $next($request);
+            }
+            else
+            {
+                return redirect('/')->with('error', 'Not authorized');
+            }
+        }
+        else if ($user->id == $id)
+        {
+            return $next($request);
+        }
+
+        return redirect('/')->with('error', 'Not authorized');
+    }
+}

app/Http/Middleware/PermissionsRequiredMiddleware.php

-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-
-class PermissionsRequiredMiddleware
-{
-    /**
-     * Handle an incoming request.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @return mixed
-     */
-    public function handle($request, Closure $next)
-    {    
-        return \Auth::user();
-        // Check if a user is logged in.
-        if (!$user = $request->user())
-        {
-            return redirect()->guest('login');
-        }
-
-        // Get the current route.
-        $route = $request->route();
-
-        // Get the current route actions.
-        $actions = $route->getAction();
-
-        // Check if we have any permissions to check the user has.
-        if (!$permissions = isset($actions['permissions']) ? $actions['permissions'] : null)
-        {    
-            // No permissions to check, allow access.
-            return abort(403);
-        }
-
-        // Fetch all of the matching user permissions.
-        $userPermissions = array_fetch($user->permissions()->whereIn('slug', (array) $permissions)->get()->toArray(), 'slug');
-
-        // Turn the permissions we require into an array.
-        $permissions = (array) $permissions;
-
-        // Check if we require all permissions, or just one.
-        if (isset($actions['permissions_require_all']))
-        {
-            // If user has EVERY permission required.
-            if (count($permissions) == count($userPermissions))
-            {    
-                // Access is granted.
-                return $next($request);
-            }
-        } else {
-            // If the user has the permission.
-            if (count($userPermissions) >= 1)
-            {
-                // Access is granted and the rest of the permissions are ignored.
-                return $next($request);
-            }
-        }
-
-        // If we reach this far, the user does not have the required permissions.
-        return abort(404);
-    }
-}

app/Http/routes.php

@@ -11,12 +11,12 @@
 |
 */
 
-Route::group(['middleware' => ['web', ]], function () {
+Route::group(['middleware' => 'web'], function () {
     Route::auth();
     Route::get('/', 'HomeController@index');              // homnya kan cm 1 
     Route::get('/home', 'HomeController@index');
-});
 
-Route::resource('user', 'UserController');
-Route::resource('tps', 'TpsController');
-Route::resource('schedule', 'ScheduleController');
+    Route::resource('user', 'UserController');
+    Route::resource('tps', 'TpsController');
+    Route::resource('schedule', 'ScheduleController');
+});

app/User.php

@@ -24,9 +24,10 @@ class User extends Authenticatable
         'password', 'remember_token',
     ];
 
-    public function roles()
+    public function role()
     {
-        return $this->belongsTo('App\Role');
+        // $this->belongsTo('App\Role');
+        return Role::find($this->role_id)->name;
     }
 
     public function schedule()

database/migrations/2016_04_01_092434_create_roles_table.php

@@ -3,6 +3,8 @@
 use Illuminate\Database\Schema\Blueprint;
 use Illuminate\Database\Migrations\Migration;
 
+use App\Role;
+
 class CreateRolesTable extends Migration 
 {
     /**

database/migrations/2016_04_02_172129_create_schedule_table.php

-<?php
-
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Database\Migrations\Migration;
-
-class CreateScheduleTable extends Migration
-{
-    /**
-     * Run the migrations.
-     *
-     * @return void
-     */
-    public function up()
-    {
-        Schema::create('schedule', function(Blueprint $table)
-        {
-            $table->increments('id');
-            $table->integer('id_tps')->unsigned();
-            $table->integer('id_user')->unsigned();
-            $table->timestamp('time');
-            $table->timestamps();
-        }); 
-    }
-
-    /**
-     * Reverse the migrations.
-     *
-     * @return void
-     */
-    public function down()
-    {
-        Schema::drop('schedule');
-    }
-}