next commit

app/Http/Middleware/RequirePermission.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use DB;
+use App\Models\User\UserPermission;
+
+class RequirePermission
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next, $permission)
+    {
+        $perms = UserPermission::where(['character_id' => auth()->user()->character_id, 'permission'=> $permission])->get(['permission']);
+
+        abort_unless(auth()->check() && isset($perms[0]->permission), 403, "You don't have the correct permission to be in this area.");
+
+        return $next($request);
+    }
+}

app/Http/Middleware/RequireRole.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+use App\Models\User\UserRole;
+
+class RequireRole
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next, $role)
+    {
+        $confirmed = false;
+        $ranking = [
+            'None' => 0,
+            'Guest' => 1,
+            'User' => 2,
+            'Admin' => 3,
+            'SuperUser' => 4,
+        ];
+        
+        $check = UserRole::where('character_id', auth()->user()->character_id)->get(['role']);
+
+        if(!isset($check[0]->role)) {
+            abort(403, "You don't any roles.  You don't belong here.");
+        }
+        
+        if($ranking[$check[0]->role] < $ranking[$role]) {
+            abort(403, "You don't have the correct role to be in this area.");
+        }
+        
+        return $next($request);
+    }
+}