From d3138233198da9ebeef8a59d31186d6e1e970284 Mon Sep 17 00:00:00 2001
From: Nafies Luthfi <nafiesl@gmail.com>
Date: Tue, 25 Dec 2018 14:55:57 +0800
Subject: [PATCH] Add authorization on outlet listing page

User must be logged in to access outlet listing
---
 app/Http/Controllers/OutletController.php | 2 ++
 app/Providers/AuthServiceProvider.php     | 6 ++++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/OutletController.php b/app/Http/Controllers/OutletController.php
index f6dece6..f004fa5 100644
--- a/app/Http/Controllers/OutletController.php
+++ b/app/Http/Controllers/OutletController.php
@@ -14,6 +14,8 @@ class OutletController extends Controller
      */
     public function index()
     {
+        $this->authorize('manage_outlet');
+
         $outletQuery = Outlet::query();
         $outletQuery->where('name', 'like', '%'.request('q').'%');
         $outlets = $outletQuery->paginate(25);
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
index f485bbf..e8b0cc5 100644
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -14,7 +14,7 @@ class AuthServiceProvider extends ServiceProvider
      */
     protected $policies = [
         'App\Outlet' => 'App\Policies\OutletPolicy',
-        'App\Model' => 'App\Policies\ModelPolicy',
+        'App\Model'  => 'App\Policies\ModelPolicy',
     ];
 
     /**
@@ -26,6 +26,8 @@ class AuthServiceProvider extends ServiceProvider
     {
         $this->registerPolicies();
 
-        //
+        Gate::define('manage_outlet', function () {
+            return auth()->check();
+        });
     }
 }