Check public pages for authorization #761
This commit is contained in:
@@ -4,8 +4,10 @@ namespace App\Http\Controllers\Frontend;
|
||||
|
||||
use App\Contracts\Controller;
|
||||
use App\Exceptions\PageNotFound;
|
||||
use App\Exceptions\Unauthorized;
|
||||
use App\Repositories\PageRepository;
|
||||
use Exception;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class PageController extends Controller
|
||||
{
|
||||
@@ -28,11 +30,16 @@ class PageController extends Controller
|
||||
*/
|
||||
public function show($slug)
|
||||
{
|
||||
/** @var \App\Models\Page $page */
|
||||
$page = $this->pageRepo->findWhere(['slug' => $slug])->first();
|
||||
if (!$page) {
|
||||
throw new PageNotFound(new Exception('Page not found'));
|
||||
}
|
||||
|
||||
if (!$page->public && !Auth::check()) {
|
||||
throw new Unauthorized(new Exception('You must be logged in to view this page'));
|
||||
}
|
||||
|
||||
return view('pages.index', ['page' => $page]);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user