Laravel 5 middlewares for Sentry 2

Submitted by subdesign - 2 years ago

If you want to use Sentry 2 filters used in Laravel 4.x, you have to modify your system a little bit. <br/> First install Sentry 2 for Laravel 5: "composer require cartalyst/sentry:dev-feature/laravel-5" Next add these three files to your App\Http\Middleware folder, then add the references into the Kernel.php file. Finally, I added an example route how to use the Middlewares. An advice: in your controller replace all catch() lines from: catch (Cartalyst\Sentry\Users\LoginRequiredException $e) {} to: catch (\Cartalyst\Sentry\Users\LoginRequiredException $e) {} because it won't work as in Laravel 4.x worked..

// SentryCheck.php

<?php namespace App\Http\Middleware;

use Closure;
use Sentry;

class SentryCheck {

    /**
	 * Sentry - Check login status
	 *
	 * @param  \Illuminate\Http\Request  $request
	 * @param  \Closure  $next
	 * @return mixed
	 */
	public function handle($request, Closure $next)
	{
		if (Sentry::check()) 
		{			
			return $next($request);			
		}

		return redirect()->guest('auth/login');
	}
}

// SentryInGroup.php

<?php namespace App\Http\Middleware;

use Closure;
use Sentry;

class SentryInGroup {

    /**
	 * Sentry - Check if user is in group/groups
	 *
	 * @param  \Illuminate\Http\Request  $request
	 * @param  \Closure  $next
	 * @return mixed
	 */
	public function handle($request, Closure $next)
	{
		$actions = $request->route()->getAction();

		if (array_key_exists("inGroup", $actions)) 
		{
			$groups = $actions['inGroup'];

			try
			{
				$user = Sentry::getUser();

				if ( ! $user->isSuperUser())
				{
					$count = 0;

					foreach ($groups as $g)
					{
						$group = Sentry::findGroupByName($g);
					 
						if ($user->inGroup($group))
						{
							$count++;
						}	
					}
					
					if ($count === 0)
					{
						return redirect()->route('dashboard.index')->with('merror', trans('acl.cannon_reach_this_resource_with_your_role'));
					}
				}		
				
			}
			catch (\Cartalyst\Sentry\Users\UserNotFoundException $e)
			{
				return redirect()->route('auth.login')->with('merror', trans('acl.user_not_found'));
			}
			 
			catch (\Cartalyst\Sentry\Groups\GroupNotFoundException $e)
			{
				return redirect()->route('auth.login')->with('merror', trans('acl.group_not_found'));
			}		
		}		

		return $next($request);
	}

}

// SentryHasAccess.php

<?php namespace App\Http\Middleware;

use Closure;
use Sentry;

class SentryHasAccess {

    /**
	 * Sentry - Check role permission
	 *
	 * @param  \Illuminate\Http\Request  $request
	 * @param  \Closure  $next
	 * @return mixed
	 */
	public function handle($request, Closure $next)
	{
		$actions = $request->route()->getAction();

		if (array_key_exists('hasAccess', $actions)) 
		{
			$permission = $actions['hasAccess'];
		
			try
			{
				$user = Sentry::getUser();
			 
				if ( ! $user->hasAccess($permission))
				{
					return redirect()->route('dashboard.index')->with('merror', trans('acl.you_dont_have_permission_for_this_resource'));
				}
			}
			catch (\Cartalyst\Sentry\Users\UserNotFoundException $e)
			{
				return redirect()->route('auth.login')->with('merror', trans('acl.user_not_found'));
			}	
		}

		return $next($request);
	}
}

// App\Http\Kernel.php

protected $routeMiddleware = [
	'auth'       => 'App\Http\Middleware\Authenticate',
	'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
	'guest'      => 'App\Http\Middleware\RedirectIfAuthenticated',
	'sentry'     => 'App\Http\Middleware\SentryCheck',  // add this
	'inGroup'    => 'App\Http\Middleware\SentryInGroup', // add this
	'hasAccess'  => 'App\Http\Middleware\SentryHasAccess', // add this
];

// Example route

Route::group(['prefix' => 'admin', 'middleware' => 'sentry'], function() {

	Route::get('users', array(
		'uses' => 'UserController@index',
		'as' => 'users.index',
		'middleware' => ['inGroup', 'hasAccess'],
		'inGroup' => ['Administrator','Editor'], // these are Sentry groups
		'hasAccess' => 'users.index' // this is a Sentry permission
	));

});
comments powered by Disqus

Ads cover the costs of maintaining Laravel-tricks