Debugbar is enabled only for admin users (#1046)

app/Http/Middleware/DebugbarEnable.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Barryvdh\Debugbar\Facades\Debugbar;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpFoundation\Response;
+
+class DebugbarEnable
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
+     */
+    public function handle(Request $request, \Closure $next): Response
+    {
+        if (Auth::check() && Auth::user()->hasRole('admin')) {
+            Debugbar::enable();
+        } else {
+            Debugbar::disable();
+        }
+
+        return $next($request);
+    }
+}

bootstrap/app.php

@@ -16,6 +16,10 @@
             'role' => \Spatie\Permission\Middleware\RoleMiddleware::class,
             'permission' => \Spatie\Permission\Middleware\PermissionMiddleware::class,
         ]);
+
+        $middleware->appendToGroup('web', [
+            \App\Http\Middleware\DebugbarEnable::class,
+        ]);
     })
     ->withExceptions(function (Exceptions $exceptions) {
         //

tests/Feature/DebugbarEnableTest.php

@@ -0,0 +1,72 @@
+<?php
+
+namespace Tests\Feature;
+
+use App\Http\Middleware\DebugbarEnable;
+use Barryvdh\Debugbar\Facades\Debugbar;
+use Illuminate\Http\Request;
+use Tests\TestCase;
+
+class DebugbarEnableTest extends TestCase
+{
+    /**
+     * Test that the Debugbar is enabled for a logged in user.
+     *
+     * @see App\Http\Middleware\DebugbarEnable::handle()
+     */
+    public function testDebugbarIsEnabledForLoggedInUser()
+    {
+        $this->actingAs($this->adminUser());
+
+        // Create a dummy request
+        $request = Request::create('/test', 'GET');
+
+        $middleware = new DebugbarEnable;
+        $middleware->handle($request, function ($request) {
+            $this->assertTrue(Debugbar::isEnabled());
+            $this->assertTrue(Debugbar::hasCollector('time'));
+
+            return response('OK');
+        });
+    }
+
+    /**
+     * Test that the Debugbar is disabled for a basic user.
+     *
+     * @see App\Http\Middleware\DebugbarEnable::handle()
+     */
+    public function testDebugbarIsDisabledForBasicUser()
+    {
+        $this->actingAs($this->basicUser());
+
+        // Create a dummy request
+        $request = Request::create('/test', 'GET');
+
+        $middleware = new DebugbarEnable;
+        $middleware->handle($request, function ($request) {
+            $this->assertFalse(Debugbar::isEnabled());
+            $this->assertFalse(Debugbar::hasCollector('time'));
+
+            return response('OK');
+        });
+    }
+
+    /**
+     * Test that the Debugbar is disabled for a guest user.
+     *
+     * @see App\Http\Middleware\DebugbarEnable::handle()
+     */
+    public function testDebugbarIsDisabledForGuestUser()
+    {
+        // Create a dummy request
+        $request = Request::create('/test', 'GET');
+
+        $middleware = new DebugbarEnable;
+        $middleware->handle($request, function ($request) {
+            $this->assertFalse(Debugbar::isEnabled());
+            $this->assertFalse(Debugbar::hasCollector('time'));
+
+            return response('OK');
+        });
+    }
+}