add authorization exception

viralsolani · viralsolani · commit 6aff3764a201 · 2018-03-15T20:28:17.000+05:30
diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
@@ -11,6 +11,7 @@
 use Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
+use Illuminate\Auth\Access\AuthorizationException;
 
 class Handler extends ExceptionHandler
 {
@@ -52,9 +53,14 @@ public function report(Exception $exception)
      */
     public function render($request, Exception $exception)
     {
+        //dd($exception);
         if (strpos($request->url(), '/api/') !== false) {
             \Log::debug('API Request Exception - '.$request->url().' - '.$exception->getMessage().(!empty($request->all()) ? ' - '.json_encode($request->except(['password'])) : ''));
 
+            if ($exception instanceof AuthorizationException) {
+                return $this->setStatusCode(403)->respondWithError($exception->getMessage());
+            }
+
             if ($exception instanceof MethodNotAllowedHttpException) {
                 return $this->setStatusCode(403)->respondWithError('Please check HTTP Request Method. - MethodNotAllowedHttpException');
             }
diff --git a/app/Http/Controllers/Api/V1/UsersController.php b/app/Http/Controllers/Api/V1/UsersController.php
@@ -2,11 +2,12 @@
 
 namespace App\Http\Controllers\Api\V1;
 
-use App\Http\Resources\UserResource;
+use Validator;
+use Illuminate\Http\Request;
 use App\Models\Access\User\User;
+use App\Http\Resources\UserResource;
 use App\Repositories\Backend\Access\User\UserRepository;
-use Illuminate\Http\Request;
-use Validator;
+use App\Http\Requests\Backend\Access\User\ManageUserRequest;
 
 class UsersController extends APIController
 {
@@ -29,7 +30,7 @@ public function __construct(UserRepository $repository)
      *
      * @return \Illuminate\Http\JsonResponse
      */
-    public function index(Request $request)
+    public function index(ManageUserRequest $request)
     {
         $limit = $request->get('paginate') ? $request->get('paginate') : 25;
 
diff --git a/app/Http/Requests/Request.php b/app/Http/Requests/Request.php
@@ -3,6 +3,7 @@
 namespace App\Http\Requests;
 
 use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Auth\Access\AuthorizationException;
 
 /**
  * Class Request.
@@ -25,4 +26,9 @@ public function forbiddenResponse()
 
         return redirect()->back()->withErrors($this->error);
     }
+
+    protected function failedAuthorization()
+    {
+        throw new AuthorizationException('This action is unauthorized.');
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@`
`3`	`3`	`namespace App\Http\Requests;`
`4`	`4`
`5`	`5`	`use Illuminate\Foundation\Http\FormRequest;`
	`6`	`+use Illuminate\Auth\Access\AuthorizationException;`
`6`	`7`
`7`	`8`	`/**`
`8`	`9`	`* Class Request.`
`@@ -25,4 +26,9 @@ public function forbiddenResponse()`
`25`	`26`
`26`	`27`	`return redirect()->back()->withErrors($this->error);`
`27`	`28`	`}`
	`29`	`+`
	`30`	`+ protected function failedAuthorization()`
	`31`	`+ {`
	`32`	`+ throw new AuthorizationException('This action is unauthorized.');`
	`33`	`+ }`
`28`	`34`	`}`