context = $context; $this->member_repository = $member_repository; } public function handle($request, Closure $next, $required_groups) { $user_id = $this->context->getCurrentUserId(); if (is_null($user_id)) return $next($request); $member = $this->member_repository->getById($user_id); if (is_null($member)){ $http_response = Response::json(['error' => 'member not found'], 403); return $http_response; } $groups = $member->getGroups(); $required_groups = explode('|', $required_groups); foreach ($required_groups as $required_group) { foreach ($groups as $member_group){ if ($required_group == $member_group->getCode()) { return $next($request); } } } $http_response = Response::json(['error' => 'unauthorized member'], 403); return $http_response; } }