qwerty

src/Illuminate/Auth/Middleware/AuthorizeAny.php

@@ -0,0 +1,90 @@
+<?php
+
+namespace Illuminate\Auth\Middleware;
+
+use Closure;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Contracts\Auth\Access\Gate;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Collection;
+
+use function Illuminate\Support\enum_value;
+
+class AuthorizeAny
+{
+    /**
+     * The gate instance.
+     *
+     * @var \Illuminate\Contracts\Auth\Access\Gate
+     */
+    protected $gate;
+
+    /**
+     * Create a new middleware instance.
+     *
+     * @param  \Illuminate\Contracts\Auth\Access\Gate  $gate
+     */
+    public function __construct(Gate $gate)
+    {
+        $this->gate = $gate;
+    }
+
+    /**
+     * Specify the abilities and models for the middleware.
+     *
+     * @param  array  $abilities
+     * @param  string  ...$models
+     * @return string
+     */
+    public static function using(array $abilities, ...$models)
+    {
+        $abilities = array_map(fn ($a) => enum_value($a), $abilities);
+
+        return static::class.':'.implode('|', [...$abilities, ...$models]);
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @param  string  $abilities
+     * @param  array  ...$models
+     * @return mixed
+     *
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function handle($request, Closure $next, string $abilities, ...$models)
+    {
+        $abilities = explode('|', $abilities);
+        $args = $this->getGateArguments($request, $models);
+
+        foreach ($abilities as $ability) {
+            if ($this->gate->check($ability, $args)) {
+                return $next($request);
+            }
+        }
+
+        throw new AuthorizationException;
+    }
+
+    /**
+     * Resolve models for the gate arguments.
+     */
+    protected function getGateArguments($request, array $models): array
+    {
+        return (new Collection($models))
+            ->map(fn ($model) => $model instanceof Model ? $model : $this->getModel($request, $model))
+            ->all();
+    }
+
+    protected function getModel($request, string $model)
+    {
+        if (str_contains($model, '\\')) {
+            return trim($model);
+        }
+
+        return $request->route($model, null)
+            ?? ((preg_match("/^['\"](.*)['\"]$/", trim($model), $matches)) ? $matches[1] : null);
+    }
+}

src/Illuminate/Foundation/Configuration/Middleware.php

@@ -784,6 +784,7 @@ protected function defaultAliases()
             'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
             'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
             'can' => \Illuminate\Auth\Middleware\Authorize::class,
+            'can.any' => \Illuminate\Auth\Middleware\AuthorizeAny::class,
             'guest' => \Illuminate\Auth\Middleware\RedirectIfAuthenticated::class,
             'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
             'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,

src/Illuminate/Routing/Route.php

@@ -1100,6 +1100,22 @@ public function can($ability, $models = [])
             : $this->middleware(['can:'.$ability.','.implode(',', Arr::wrap($models))]);
     }
 
+    /**
+     * Specify that the "AuthorizeAny" middleware should be applied to the route.
+     *
+     * @param  array  $abilities
+     * @param  array|string  $models
+     * @return $this
+     */
+    public function canAny(array $abilities, $models = [])
+    {
+        $abilities = array_map('Illuminate\Support\enum_value', $abilities);
+
+        return empty($models)
+            ? $this->middleware(['can.any:'.implode('|', $abilities)])
+            : $this->middleware(['can.any:'.implode('|', $abilities).','.implode(',', Arr::wrap($models))]);
+    }
+
     /**
      * Get the middleware for the route's controller.
      *

tests/Integration/Routing/RouteCanAnyBackedEnumTest.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace Illuminate\Tests\Integration\Routing;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Route;
+use Orchestra\Testbench\TestCase;
+use User;
+
+class RouteCanAnyBackedEnumTest extends TestCase
+{
+    public function testGuestForbiddenWhenAllAbilitiesFail()
+    {
+        Gate::define(AbilityBackedEnum::NotAccessRoute, fn (?User $user) => false);
+        Gate::define(AbilityBackedEnum::AccessRoute, fn (?User $user) => false);
+
+        $route = Route::get('/', fn () => 'Hello World')
+            ->canAny([AbilityBackedEnum::NotAccessRoute, AbilityBackedEnum::AccessRoute]);
+
+        $this->assertEquals(['can.any:not-access-route|access-route'], $route->middleware());
+
+        $this->get('/')->assertForbidden();
+    }
+
+    public function testGuestAllowedWhenOneAbilityPasses()
+    {
+        Gate::define(AbilityBackedEnum::NotAccessRoute, fn (?User $user) => false);
+        Gate::define(AbilityBackedEnum::AccessRoute, fn (?User $user) => true);
+
+        $route = Route::get('/', fn () => 'Hello World')
+            ->canAny([AbilityBackedEnum::NotAccessRoute, AbilityBackedEnum::AccessRoute]);
+
+        $this->assertEquals(['can.any:not-access-route|access-route'], $route->middleware());
+
+        $response = $this->get('/');
+        $response->assertOk();
+        $response->assertContent('Hello World');
+    }
+}

tests/Routing/RoutingRouteTest.php

@@ -2221,6 +2221,24 @@ public function testRouteCanMiddlewareCanBeAssigned()
         ], $route->middleware());
     }
 
+    public function testRouteCanAnyMiddlewareCanBeAssigned()
+    {
+        $route = new Route(['GET'], '/', []);
+        $route->middleware(['foo'])->canAny(['create', 'update'], Route::class);
+
+        $this->assertEquals([
+            'foo',
+            'can.any:create|update,Illuminate\Routing\Route',
+        ], $route->middleware());
+
+        $route = new Route(['GET'], '/', []);
+        $route->canAny(['create', 'update']);
+
+        $this->assertEquals([
+            'can.any:create|update',
+        ], $route->middleware());
+    }
+
     public function testItDispatchesEventsWhilePreparingRequest()
     {
         $events = new Dispatcher;