Zizaco · itashia · May 26, 2025
diff --git a/src/Entrust/Middleware/EntrustPermission.php b/src/Entrust/Middleware/EntrustPermission.php
@@ -1,4 +1,6 @@
-<?php namespace Zizaco\Entrust\Middleware;
+<?php
+
+namespace Zizaco\Entrust\Middleware;
 
 /**
  * This file is part of Entrust,
@@ -10,44 +12,55 @@
 
 use Closure;
 use Illuminate\Contracts\Auth\Guard;
+use Illuminate\Http\Request;
 
 class EntrustPermission
 {
-	const DELIMITER = '|';
-
-	protected $auth;
-
-	/**
-	 * Creates a new instance of the middleware.
-	 *
-	 * @param Guard $auth
-	 */
-	public function __construct(Guard $auth)
-	{
-		$this->auth = $auth;
-	}
-
-	/**
-	 * Handle an incoming request.
-	 *
-	 * @param  \Illuminate\Http\Request $request
-	 * @param  Closure $next
-	 * @param  $permissions
-	 * @return mixed
-	 */
-	public function handle($request, Closure $next, $permissions)
-	{
-		if (!is_array($permissions)) {
-    	// Convert $permissions to an empty string if it's null or not a string
-		    $permissions = $permissions ?? '';  
-		    $permissions = explode(self::DELIMITER, $permissions);
-		}
-
-
-		if ($this->auth->guest() || !$request->user()->can($permissions)) {
-			abort(403);
-		}
-
-		return $next($request);
-	}
+    const DELIMITER = '|';
+
+    protected Guard $auth;
+
+    /**
+     * Creates a new instance of the middleware.
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  Request  $request
+     * @param  Closure  $next
+     * @param  string|array|null  $permissions
+     * @return mixed
+     * 
+     * @throws \Symfony\Component\HttpKernel\Exception\HttpException
+     */
+    public function handle(Request $request, Closure $next, $permissions)
+    {
+        $permissions = $this->normalizePermissions($permissions);
+
+        if ($this->auth->guest() || !$request->user()->can($permissions)) {
+            abort(403);
+        }
+
+        return $next($request);
+    }
+
+    /**
+     * Normalize permissions to array format.
+     *
+     * @param  string|array|null  $permissions
+     * @return array
+     */
+    protected function normalizePermissions($permissions): array
+    {
+        if (is_array($permissions)) {
+            return $permissions;
+        }
+
+        return explode(self::DELIMITER, (string)($permissions ?? ''));
+    }
 }