Merge pull request #3 from krve/master

Fix html being injected into all responses
viacreative · Mar 23, 2017 · 082db77 · 082db77
2 parents 2c9417f + ecd71a6
commit 082db77
Show file tree

Hide file tree

Showing 5 changed files with 33 additions and 59 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 vendor
-node_modules
+node_modules
+.idea/
diff --git a/README.md b/README.md
@@ -32,6 +32,13 @@ class AppServiceProvider extends ServiceProvider
 
 ⚠️  *Warning:* You should not register the provider globally like usual in the `config/app.php` file. View the disclaimer [here](#disclaimer---danger) for more information.
 
+Include the partial in your layout file.
+
+```php
+@if (env('APP_DEBUG'))
+    @include('sudosu::user-selector')
+@endif
+```
 
 Finally, publish the package's assets (the package won't work without this):
 

diff --git a/src/Middleware/SudoSuMiddleware.php b/src/Middleware/SudoSuMiddleware.php
diff --git a/src/ServiceProvider.php b/src/ServiceProvider.php
@@ -2,9 +2,11 @@
 
 namespace VIACreative\SudoSu;
 
+use Illuminate\Support\Facades\App;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\View;
 use Illuminate\Support\Facades\Config;
 use Illuminate\Support\Facades\Request;
-use VIACreative\SudoSu\Middleware\SudoSuMiddleware;
 use Illuminate\Support\ServiceProvider as BaseServiceProvider;
 
 class ServiceProvider extends BaseServiceProvider
@@ -27,12 +29,26 @@ public function boot()
         ], 'config');
 
         if ($this->configExists() && $this->tldIsAllowed()) {
-            $this->loadViewsFrom(__DIR__ . '/../resources/views', 'sudosu');
-
-            $kernel = $this->app['Illuminate\Contracts\Http\Kernel'];
-            $kernel->pushMiddleware(SudoSuMiddleware::class);
+            $this->registerViews();
         }
     }
+
+    protected function registerViews()
+    {
+        $this->loadViewsFrom(__DIR__ . '/../resources/views', 'sudosu');
+
+        // Add an inline view composer for the user-selector
+        View::composer('sudosu::user-selector', function ($view) {
+            $sudosu = App::make(SudoSu::class);
+
+            $view->with([
+                'users' => $sudosu->getUsers(),
+                'hasSudoed' => $sudosu->hasSudoed(),
+                'originalUser' => $sudosu->getOriginalUser(),
+                'currentUser' => Auth::user()
+            ]);
+        });   
+    }
 
     protected function tldIsAllowed()
     {
@@ -55,4 +71,4 @@ protected function configExists()
     {
         return is_array(Config::get('sudosu.allowed_tlds'));
     }
-}
+}
diff --git a/src/SudoSu.php b/src/SudoSu.php
@@ -81,7 +81,7 @@ public function hasSudoed()
         return $this->session->has('sudosu.has_sudoed');
     }
 
-    protected function getUsers()
+    public function getUsers()
     {
         if ($this->usersCached) {
             return $this->usersCached;
@@ -97,4 +97,4 @@ protected function getUserModel()
         $userModel = Config::get('sudosu.user_model');
         return $this->app->make($userModel);
     }
-}
+}