context = $context; $this->member_repository = $member_repository; } public function handle($request, Closure $next, $required_groups) { $member_id = $this->context->getCurrentUserExternalId(); if (is_null($member_id)) return $next($request); $member = $this->member_repository->getById($member_id); if (is_null($member)){ $http_response = Response::json(['error' => 'member not found'], 403); return $http_response; } $required_groups = explode('|', $required_groups); foreach ($required_groups as $required_group) { if($member->isOnGroup($required_group)) return $next($request); } $http_response = Response::json(['error' => 'unauthorized member'], 403); return $http_response; } }