forked from acearo/base-laravel
Configured page permissions
This commit is contained in:
parent
feb8b6d0d9
commit
a4c706f99f
4 changed files with 41 additions and 6 deletions
|
|
@ -15,9 +15,6 @@ class RecipeController extends Controller
|
|||
*/
|
||||
public function __construct(){
|
||||
$this->middleware('auth', ['except' => ['index','show']]);
|
||||
|
||||
$this->middleware(['permissions:CreateUser.EditUser.DeleteUser.AssignRole'], ['only' => ['index','show']]);
|
||||
$this->middleware(['permissions:DeleteUser'], ['only' => ['destroy']]);
|
||||
}
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
|
|
@ -38,7 +35,12 @@ class RecipeController extends Controller
|
|||
}
|
||||
|
||||
public function edit($id){
|
||||
//verify user has permission to access page
|
||||
$recipe=Recipe::with('user')->with('categories')->with('ingredients')->findOrFail($id);
|
||||
if(!(\Auth::user()->hasPerm('EditRecipe') || \Auth::user()->id == $recipe->user_id)){
|
||||
return redirect()->route('recipes.index')->with('message','You don\'t have permission to access this page');
|
||||
}
|
||||
|
||||
$lists['ingredients']=array_values(RecipeIngredient::get()->sortby('name')->pluck('name')->unique()->toArray());
|
||||
$lists['measurements']=array_values(RecipeIngredient::get()->sortby('measurement')->pluck('measurement')->unique()->toArray());
|
||||
$lists['categories']=array_values(RecipeCategory::get()->sortby('name')->pluck('name')->unique()->toArray());
|
||||
|
|
@ -49,7 +51,11 @@ class RecipeController extends Controller
|
|||
|
||||
public function update(Request $request, $id)
|
||||
{
|
||||
//verify user has permission to access page
|
||||
$recipe = Recipe::with('ingredients')->with('categories')->findOrFail($id);
|
||||
if(!(\Auth::user()->hasPerm('EditRecipe') || \Auth::user()->id == $recipe->user_id)){
|
||||
return redirect()->route('recipes.index')->with('message','You don\'t have permission to access this page');
|
||||
}
|
||||
|
||||
$this->validate($request, [
|
||||
'name'=>'required|max:500',
|
||||
|
|
@ -235,4 +241,24 @@ class RecipeController extends Controller
|
|||
}
|
||||
return redirect()->route('recipes.index')->with('message','Recipe successfully edited.');
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove the specified resource from storage.
|
||||
*
|
||||
* @param int $id
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function destroy($id)
|
||||
{
|
||||
//Find and remove user
|
||||
$recipe = Recipe::with('categories')->with("ingredients")->findOrFail($id);
|
||||
if(!(\Auth::user()->hasPerm('DeleteRecipe') || \Auth::user()->id == $recipe->user_id)){
|
||||
return redirect()->route('recipes.index')->with('message','You don\'t have permission to access this page');
|
||||
}
|
||||
foreach($recipe->categories as $c) $c->delete();
|
||||
foreach($recipe->ingredients as $i) $i->delete();
|
||||
$recipe->delete();
|
||||
|
||||
return redirect()->route('recipes.index')->with('message','Recipe successfully deleted.');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,9 @@ class PermissionSeeder extends Seeder
|
|||
['name'=>'Create Role', 'category'=>'Roles', 'details'=>'Create New Roles'],
|
||||
['name'=>'Edit Role', 'category'=>'Roles', 'details'=>'Edit Existing Roles'],
|
||||
['name'=>'Delete Role', 'category'=>'Roles', 'details'=>'Delete Existing Roles'],
|
||||
|
||||
['name'=>'Edit Recipe', 'category'=>'Recipes', 'details'=>'Edit Recipes from other Users'],
|
||||
['name'=>'Delete Recipe', 'category'=>'Recipes', 'details'=>'Delete Recipes from other Users'],
|
||||
];
|
||||
foreach ($permissions as $key => $value) {
|
||||
Permission::updateOrCreate($value);
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
<li>
|
||||
<a href="{{ route('logout') }}" onclick="event.preventDefault(); document.getElementById('logout-form').submit();">Logout</a>
|
||||
<li class="test">
|
||||
<a href="{{ route('logout') }}" class="test" onclick="event.preventDefault(); document.getElementById('logout-form').submit();"><span>Logout</span></a>
|
||||
<form id="logout-form" action="{{ route('logout') }}" method="POST" style="display: none;">{{ csrf_field() }}</form>
|
||||
</li>
|
||||
|
|
|
|||
|
|
@ -2,7 +2,13 @@
|
|||
@extends('content_wrappers.md-10')
|
||||
|
||||
@section('title', ' | '.$recipe->name)
|
||||
@section('heading', $recipe->name)
|
||||
@section('heading')
|
||||
@if(Auth::user() && (in_array('EditRecipe',$allperms) || $recipe->user_id == Auth::user()->id))
|
||||
<a href="{{ route('recipes.edit', $recipe->id) }}">{{$recipe->name}}</a>
|
||||
@else
|
||||
{{$recipe->name }}
|
||||
@endif
|
||||
@endsection
|
||||
|
||||
@section('content')
|
||||
<div class="panel-body">
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue