|
17 | 17 | use Illuminate\Http\Response; |
18 | 18 | use Illuminate\Routing\Pipeline; |
19 | 19 | use PKP\core\PKPBaseController; |
20 | | -use PKP\core\PKPContainer; |
21 | 20 | use PKP\core\PKPRoutingProvider; |
| 21 | +use PKP\middleware\HasRoles; |
22 | 22 | use PKP\plugins\Hook; |
23 | 23 | use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; |
24 | 24 | use Throwable; |
@@ -190,14 +190,31 @@ protected function registerRoute(): void |
190 | 190 | $router = app('router'); /** @var \Illuminate\Routing\Router $router */ |
191 | 191 |
|
192 | 192 | foreach ($this->routesFromHook as $routeParams) { |
193 | | - $router |
194 | | - ->addRoute( |
195 | | - $routeParams['method'], |
196 | | - $this->getEndpointPattern() . '/' . $routeParams['uri'], |
197 | | - $routeParams['callback'] |
198 | | - ) |
| 193 | + $route = $router->addRoute( |
| 194 | + $routeParams['method'], |
| 195 | + $this->getEndpointPattern() . '/' . $routeParams['uri'], |
| 196 | + $routeParams['callback'] |
| 197 | + ); |
| 198 | + |
| 199 | + $route |
199 | 200 | ->name($routeParams['name']) |
200 | 201 | ->middleware($this->apiController->roleAuthorizer($routeParams['roles'])); |
| 202 | + |
| 203 | + foreach ($this->apiController->getRouteGroupMiddleware() as $middleware) { |
| 204 | + |
| 205 | + // As roles are already supplied for routes directly injecting in the router |
| 206 | + // we do not want to add any other roles middleware form controller if defined |
| 207 | + if (strstr($middleware, 'has.roles') !== false || strstr($middleware, HasRoles::class) !== false) { |
| 208 | + continue; |
| 209 | + } |
| 210 | + |
| 211 | + // We don't want to set any middleware to the route which is already set |
| 212 | + if (in_array($middleware, $route->middleware())) { |
| 213 | + continue; |
| 214 | + } |
| 215 | + |
| 216 | + $route->middleware($middleware); |
| 217 | + } |
201 | 218 | } |
202 | 219 | } |
203 | 220 | } |
|
0 commit comments