🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 13:19

2026-05-03 13:19:45 +03:00
parent cf68007ef1
commit 2de6a0adfd
32 changed files with 1133 additions and 102 deletions
--- a/app/Middleware/RoleMiddleware.php
+++ b/app/Middleware/RoleMiddleware.php
@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Middleware;
+
+use App\Core\{Request, Response};
+
+final class RoleMiddleware
+{
+    /**
+     * Handle the request.
+     * 
+     * @param Request $request
+     * @param callable $next
+     * @param string ...$roles
+     * @return mixed
+     */
+    public function handle(Request $request, callable $next, string ...$roles): mixed
+    {
+        $user = $request->user ?? null;
+
+        if (!$user) {
+            Response::error('يجب تسجيل الدخول للوصول إلى هذا المورد', 'UNAUTHORIZED', 401);
+            return null;
+        }
+
+        // Check if user role is in the allowed roles
+        // $user->role is an object property since we cast it in AuthMiddleware
+        if (!in_array($user->role, $roles)) {
+            Response::error('غير مسموح لك بالقيام بهذا الإجراء', 'FORBIDDEN', 403);
+            return null;
+        }
+
+        return $next($request);
+    }
+}