2017-11-15 14:00:11 +08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
|
|
|
|
use App\Models\Player;
|
2019-12-14 11:10:37 +08:00
|
|
|
use Closure;
|
2019-04-24 13:10:03 +08:00
|
|
|
use Illuminate\Support\Arr;
|
2017-11-15 14:00:11 +08:00
|
|
|
|
|
|
|
class CheckPlayerOwner
|
|
|
|
{
|
|
|
|
public function handle($request, Closure $next)
|
|
|
|
{
|
2019-04-24 13:10:03 +08:00
|
|
|
$pid = Arr::get($request->route()->parameters, 'pid') ?? $request->input('pid');
|
|
|
|
if ($pid && ($player = Player::find($pid)) && $player->uid != auth()->id()) {
|
|
|
|
return json(trans('admin.players.no-permission'), 1);
|
2017-11-15 14:00:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return $next($request);
|
|
|
|
}
|
|
|
|
}
|