Authorization check added in resouce controller in API

This commit is contained in:
rahulshukla-home 2020-09-04 13:15:27 +05:30
parent 22b3d11e01
commit 6270c59566
1 changed files with 10 additions and 4 deletions

View File

@ -56,6 +56,10 @@ class ResourceController extends Controller
public function index()
{
$query = $this->repository->scopeQuery(function($query) {
if (isset($this->_config['authorization_required']) && $this->_config['authorization_required']) {
$query = $query->where('customer_id', auth()->user()->id );
}
foreach (request()->except(['page', 'limit', 'pagination', 'sort', 'order', 'token']) as $input => $value) {
$query = $query->whereIn($input, array_map('trim', explode(',', $value)));
}
@ -85,10 +89,12 @@ class ResourceController extends Controller
* @return \Illuminate\Http\Response
*/
public function get($id)
{
return new $this->_config['resource'](
$this->repository->findOrFail($id)
);
{
$query = isset($this->_config['authorization_required']) && $this->_config['authorization_required'] ?
$this->repository->where('customer_id', auth()->user()->id)->findOrFail($id) :
$this->repository->findOrFail($id);
return new $this->_config['resource']($query);
}
/**