<?php

namespace App\Http\Middleware;

use App\User;
use Closure;
use Illuminate\Database\Eloquent\Collection;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;

class CheckAuth
{
    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure $next
     * @param $permissions
     * @return mixed
     * @throws \Exception
     */
    public function handle($request, Closure $next, $permissions)
    {
        /** @var User $user */
        $user = Auth::user();

        // If user is not logged in - Go to login page
        if(!isset($user))
            return redirect()->route("users.login");

        // If the user has the correct permission - Then go to the correct page
        if($user->hasAnyPermission($permissions)) {
            return $next($request);
        }

        // If the user does not have the correct permission - Send them to home page
        return redirect()->route("root.index");
    }
}