diff --git a/src/Entrust/Middleware/EntrustPermission.php b/src/Entrust/Middleware/EntrustPermission.php index 05f5f910..99f63019 100644 --- a/src/Entrust/Middleware/EntrustPermission.php +++ b/src/Entrust/Middleware/EntrustPermission.php @@ -1,4 +1,6 @@ -auth = $auth; - } - - /** - * Handle an incoming request. - * - * @param \Illuminate\Http\Request $request - * @param Closure $next - * @param $permissions - * @return mixed - */ - public function handle($request, Closure $next, $permissions) - { - if (!is_array($permissions)) { - // Convert $permissions to an empty string if it's null or not a string - $permissions = $permissions ?? ''; - $permissions = explode(self::DELIMITER, $permissions); - } - - - if ($this->auth->guest() || !$request->user()->can($permissions)) { - abort(403); - } - - return $next($request); - } + const DELIMITER = '|'; + + protected Guard $auth; + + /** + * Creates a new instance of the middleware. + */ + public function __construct(Guard $auth) + { + $this->auth = $auth; + } + + /** + * Handle an incoming request. + * + * @param Request $request + * @param Closure $next + * @param string|array|null $permissions + * @return mixed + * + * @throws \Symfony\Component\HttpKernel\Exception\HttpException + */ + public function handle(Request $request, Closure $next, $permissions) + { + $permissions = $this->normalizePermissions($permissions); + + if ($this->auth->guest() || !$request->user()->can($permissions)) { + abort(403); + } + + return $next($request); + } + + /** + * Normalize permissions to array format. + * + * @param string|array|null $permissions + * @return array + */ + protected function normalizePermissions($permissions): array + { + if (is_array($permissions)) { + return $permissions; + } + + return explode(self::DELIMITER, (string)($permissions ?? '')); + } }