From 0ff98c479025e293cfc7ed52ae687ca863e7a644 Mon Sep 17 00:00:00 2001
From: Vincent Vanwaelscappel <vincent@cubedesigners.com>
Date: Mon, 11 Feb 2019 17:30:30 +0100
Subject: [PATCH] wip #2562 @0.5

---
 app/Http/Middleware/CheckIfAdmin.php | 65 ++++++++++++++++++++++++++++
 app/Models/BackpackUser.php          | 36 +++++++++++++++
 2 files changed, 101 insertions(+)
 create mode 100644 app/Http/Middleware/CheckIfAdmin.php
 create mode 100644 app/Models/BackpackUser.php

diff --git a/app/Http/Middleware/CheckIfAdmin.php b/app/Http/Middleware/CheckIfAdmin.php
new file mode 100644
index 0000000..f39a48e
--- /dev/null
+++ b/app/Http/Middleware/CheckIfAdmin.php
@@ -0,0 +1,65 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class CheckIfAdmin
+{
+    /**
+     * Checked that the logged in user is an administrator.
+     *
+     * --------------
+     * VERY IMPORTANT
+     * --------------
+     * If you have both regular users and admins inside the same table,
+     * change the contents of this method to check that the logged in user
+     * is an admin, and not a regular user.
+     *
+     * @param [type] $user [description]
+     *
+     * @return bool [description]
+     */
+    private function checkIfUserIsAdmin($user)
+    {
+        // return ($user->is_admin == 1);
+        return true;
+    }
+
+    /**
+     * Answer to unauthorized access request.
+     *
+     * @param [type] $request [description]
+     *
+     * @return [type] [description]
+     */
+    private function respondToUnauthorizedRequest($request)
+    {
+        if ($request->ajax() || $request->wantsJson()) {
+            return response(trans('backpack::base.unauthorized'), 401);
+        } else {
+            return redirect()->guest(backpack_url('login'));
+        }
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure                 $next
+     *
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (backpack_auth()->guest()) {
+            return $this->respondToUnauthorizedRequest($request);
+        }
+
+        if (!$this->checkIfUserIsAdmin(backpack_user())) {
+            return $this->respondToUnauthorizedRequest($request);
+        }
+
+        return $next($request);
+    }
+}
diff --git a/app/Models/BackpackUser.php b/app/Models/BackpackUser.php
new file mode 100644
index 0000000..e27c646
--- /dev/null
+++ b/app/Models/BackpackUser.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Models;
+
+use App\User;
+use Backpack\Base\app\Notifications\ResetPasswordNotification as ResetPasswordNotification;
+use Tightenco\Parental\HasParentModel;
+
+class BackpackUser extends User
+{
+    use HasParentModel;
+
+    protected $table = 'users';
+
+    /**
+     * Send the password reset notification.
+     *
+     * @param string $token
+     *
+     * @return void
+     */
+    public function sendPasswordResetNotification($token)
+    {
+        $this->notify(new ResetPasswordNotification($token));
+    }
+
+    /**
+     * Get the e-mail address where password reset links are sent.
+     *
+     * @return string
+     */
+    public function getEmailForPasswordReset()
+    {
+        return $this->email;
+    }
+}
-- 
2.39.5