phplaravellaravel-5rolesrbac

Laravel 5.1 Block users using Bican roles


I was wondering, how I could ban people via this package...

So I'm currently using Laravel 5.1 and I'm trying to 'ban' users from my site. I have a table called 'banned' which has the following structure:

    +---------------+--------------+------------+-------------+------------------+----------------+--+
    | TABLE_NAME | COLUMN_NAME | COLUMN_DEFAULT | IS_NULLABLE | DATA_TYPE | CHARACTER_MAXIMUM_LENGTH | 
    +---------------+--------------+------------+-------------+------------------+----------------+--+
    | banned     | id          | NULL           | NO          | int       | NULL                     |
    | banned     | user_id     | NULL           | NO          | int       | NULL                     |
    | banned     | banned_by   | NULL           | NO          | int       | NULL                     |
    | banned     | reason      | NULL           | NO          | varchar   |                      255 |
    | banned     | expires     | NULL           | NO          | datetime  | NULL                     |
    | banned     | lifted      | NULL           | YES         | datetime  | NULL                     |
    | banned     | lifted_by   | NULL           | YES         | int       | NULL                     |
    +---------------+--------------+------------+-------------+------------------+----------------+--+

I also have the standard structure of the roles (bican roles).

Now, I want to be able to display a custom banned view to my banned users with the data from inside the 'banned' table.

What would be the best way to do this?


Solution

  • If you add a new middleware and call in in your controllers where users can acess the page it will check if they are banned

    BannedMiddleware.php

    <?php
    
    namespace App\Http\Middleware;
    
    use Closure;
    use Illuminate\Support\Facades\Auth;
    
    class BannedMiddleware
    {
        /**
         * Handle an incoming request.
         *
         * @param  \Illuminate\Http\Request  $request
         * @param  \Closure  $next
         * @return mixed
         */
        public function handle($request, Closure $next)
        {
            if (!Auth::guest() && Auth::user()->is('banned')) {
                return view('BannedPageView');
            }
    
            return $next($request);
        }
    }
    

    and Edit your kernal.php under protected $routeMiddleware add this

    'isBanned' => \App\Http\Middleware\BannedMiddleware::class,
    

    Then in your controllers add this

    public function __construct()
         {
             $this->middleware('isBanned');
         }
    

    This will check if they are banned as they hit any Route in that controller.

    Edit


    To check everything globally for each and every request:

    Make the same middleware and place this code:

    <?php
    
    namespace App\Http\Middleware;
    
    use Closure;
    use Auth;
    use App\User;
    use DB;
    use Carbon\Carbon;
    
    class CheckBanMiddleware
    {
        /**
         * Handle an incoming request.
         *
         * @param  \Illuminate\Http\Request  $request
         * @param  \Closure  $next
         * @return mixed
         */
        public function handle($request, Closure $next)
        {
            if (Auth::check()) {
                if (User::CheckBan()) {
                    $bandata = DB::table('banned')->where('user_id', '=', Auth::id())->where('lifted', '=', Null)->where('expires', '>=', Carbon::now())->first();
                    return response()->view('banned', ['bandata' => $bandata]);
                }
            }
            return $next($request);
        }
    }
    

    In your User.php, create a new function:

    public static function CheckBan()
        {
            return DB::table('banned')->where('user_id', '=', Auth::id())->where('lifted', '=', Null)->where('expires', '>=', Carbon::now())->exists();
        }
    

    This function is made because I have another method to store bans etc...

    Add the following line to app/http/kernel.php in the protected $middleware array.

    \App\Http\Middleware\CheckBanMiddleware::class,
    

    This provides to check the data BEFORE each and every request.

    And you're done!