<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use App\Models\User;
class CheckPlanAccess
{
public function handle(Request $request, Closure $next)
{
$user = auth()->user();
if (!$user) {
return $next($request);
}
// Super admin has full access
if ($user->isSuperAdmin()) {
return $next($request);
}
// Only company users need plan checks
if ($user->type !== 'company') {
$companyUser = User::find($user->created_by);
if ($companyUser && $companyUser->type === 'company' && $companyUser->isPlanExpired()) {
auth()->logout();
return redirect()->route('login')->with('error', __('Access denied. Only company users can access this area.'));
}
}
// Check if user needs plan subscription
if ($user->needsPlanSubscription()) {
$message = __('Please subscribe to a plan to continue.');
if ($user->isTrialExpired()) {
$message = __('Your trial period has expired. Please subscribe to a plan to continue.');
// Reset trial status
$user->update([
'plan_id' => null,
'is_trial' => 0,
'trial_expire_date' => null
]);
} elseif ($user->isPlanExpired()) {
$message = __('Your plan has expired. Please renew your subscription.');
// Reset expired plan
$user->update([
'plan_id' => null,
'plan_expire_date' => null
]);
}
return redirect()->route('plans.index')->with('error', $message);
}
return $next($request);
}
}