has_access) { Session::flash('status', 'info'); Session::flash('message', 'At this time, access to OLAS is limited to some users. Check back later or contact an administrator.'); Auth::logout(); return Redirect::action('AuthController@showLogin'); } }); /* |-------------------------------------------------------------------------- | Guest Filter |-------------------------------------------------------------------------- | | The "guest" filter is the counterpart of the authentication filters as | it simply checks that the current user is not logged in. A redirect | response will be issued if they are, which you may freely change. | */ Route::filter('guest', function () { if (Auth::check()) { switch (Auth::user()->role) { case 1: return Redirect::to('administrator'); break; case 2: return Redirect::to('school-coordinator'); break; case 3: return Redirect::to('program-coordinator'); break; case 4: return Redirect::to('professor'); break; } } }); /* |-------------------------------------------------------------------------- | Administrator Filter |-------------------------------------------------------------------------- | | This filter redirects logged in users except administrators to their | default page if they try to access a forbidden page. | */ Route::filter('admin', function () { if (Auth::user()->role != 1) { switch (Auth::user()->role) { case 2: return Redirect::to('school-coordinator'); break; case 3: return Redirect::to('program-coordinator'); break; case 4: return Redirect::to('professor'); break; } } }); /* |-------------------------------------------------------------------------- | School Coordinator Filter |-------------------------------------------------------------------------- | | This filter redirects logged in users below school coordinators to their | default page if they try to access a forbidden page. | */ Route::filter('scoord', function () { if (!(Auth::user()->role == 2 || Auth::user()->role == 1)) { switch (Auth::user()->role) { case 3: return Redirect::to('program-coordinator'); break; case 4: return Redirect::to('professor'); break; } } }); /* |-------------------------------------------------------------------------- | Program Coordinator Filter |-------------------------------------------------------------------------- | | This filter redirects logged in users below program coordinators to their | default page if they try to access a forbidden page. | */ Route::filter('pcoord', function () { if (!(Auth::user()->role == 3 || Auth::user()->role == 2 || Auth::user()->role == 1)) { return Redirect::to('professor'); } }); /* |-------------------------------------------------------------------------- | Professor Filter |-------------------------------------------------------------------------- | | This filter redirects logged in users except profesors to their | default page if they try to access a forbidden page. | */ Route::filter('prof', function () { // If user has no courses then s/he is not a professor // and must be redirected to her/his overview page if (!count(Auth::user()->courses)) { switch (Auth::user()->role) { case 1: return Redirect::to('administrator'); break; case 2: return Redirect::to('school-coordinator'); break; case 3: return Redirect::to('program-coordinator'); break; } } }); /* |-------------------------------------------------------------------------- | CSRF Protection Filter |-------------------------------------------------------------------------- | | The CSRF filter is responsible for protecting your application against | cross-site request forgery attacks. If this special token in a user | session does not match the one given in this request, we'll bail | */ Route::filter('csrf', function () { $token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token'); if (Session::token() !== $token) { throw new Illuminate\Session\TokenMismatchException; } });