shihaam/akaunting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

module permissions for reports/settings/widgets

Browse Source
This commit is contained in:
denisdulici 2020-01-06 14:42:14 +03:00
parent 85a80e6e64
commit d8dacd5838
13 changed files with 129 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/Http/Controllers/Settings/Modules.php
View File

@ -8,6 +8,20 @@ use App\Http\Requests\Setting\Module as Request;
class Modules extends Controller class Modules extends Controller
{ {
/**
* Instantiate a new controller instance.
*/
public function __construct()
{
$alias = request()->segment(1);
// Add CRUD permission check
$this->middleware('permission:create-' . $alias . '-settings')->only(['create', 'store', 'duplicate', 'import']);
$this->middleware('permission:read-' . $alias . '-settings')->only(['index', 'show', 'edit', 'export']);
$this->middleware('permission:update-' . $alias . '-settings')->only(['update', 'enable', 'disable']);
$this->middleware('permission:delete-' . $alias . '-settings')->only('destroy');
}
/** /**
* Show the form for editing the specified resource. * Show the form for editing the specified resource.
* *

14
app/Http/Controllers/Settings/Settings.php
View File

@ -43,14 +43,24 @@ class Settings extends Controller
$modules->settings[$m->getAlias()] = [ $modules->settings[$m->getAlias()] = [
'name' => $m->getName(), 'name' => $m->getName(),
'description' => $m->getDescription(), 'description' => $m->getDescription(),
'url' => 'settings/' . $m->getAlias(), 'url' => $m->getAlias() . '/settings',
'icon' => $m->get('icon', 'fa fa-cog'), 'icon' => $m->get('icon', 'fa fa-cog'),
]; ];
} }
event(new \App\Events\Module\SettingShowing($modules)); event(new \App\Events\Module\SettingShowing($modules));
return view('settings.settings.index', ['modules' => $modules->settings]); $settings = [];
foreach ($modules->settings as $alias => $setting) {
if (!user()->can('read-' . $alias . '-settings')) {
continue;
}
$settings[$alias] = $setting;
}
return view('settings.settings.index', ['modules' => $settings]);
} }
/** /**

4
app/Listeners/Update/V20/Version200.php
View File

@ -699,6 +699,8 @@ class Version200 extends Listener
'common-search' => 'r', 'common-search' => 'r',
'common-widgets' => 'c,r,u,d', 'common-widgets' => 'c,r,u,d',
'modules-api-key' => 'c,u', 'modules-api-key' => 'c,u',
'offline-payments-settings' => 'r,u,d',
'paypal-standard-settings' => 'r,u',
'settings-appearance' => 'r,u', 'settings-appearance' => 'r,u',
'settings-company' => 'r', 'settings-company' => 'r',
'settings-defaults' => 'r', 'settings-defaults' => 'r',
@ -721,6 +723,8 @@ class Version200 extends Listener
'common-reports' => 'c,r,u,d', 'common-reports' => 'c,r,u,d',
'common-search' => 'r', 'common-search' => 'r',
'common-widgets' => 'r', 'common-widgets' => 'r',
'offline-payments-settings' => 'r,u,d',
'paypal-standard-settings' => 'r,u',
'settings-company' => 'r', 'settings-company' => 'r',
'settings-defaults' => 'r', 'settings-defaults' => 'r',
'settings-email' => 'r', 'settings-email' => 'r',

15
app/Utilities/Reports.php
View File

@ -95,9 +95,20 @@ class Reports
public static function getPermission($class) public static function getPermission($class)
{ {
$class_name = (new \ReflectionClass($class))->getShortName(); $arr = explode('\\', $class);
$permission = 'read-reports-' . Str::kebab($class_name); $prefix = 'read-';
// Add module
if (strtolower($arr[0]) == 'modules') {
$prefix .= Str::kebab($arr[1]) . '-';
}
$prefix .= 'reports-';
$class_name = end($arr);
$permission = $prefix . Str::kebab($class_name);
return $permission; return $permission;
} }

15
app/Utilities/Widgets.php
View File

@ -76,9 +76,20 @@ class Widgets
public static function getPermission($class) public static function getPermission($class)
{ {
$class_name = (new \ReflectionClass($class))->getShortName(); $arr = explode('\\', $class);
$permission = 'read-widgets-' . Str::kebab($class_name); $prefix = 'read-';
// Add module
if (strtolower($arr[0]) == 'modules') {
$prefix .= Str::kebab($arr[1]) . '-';
}
$prefix .= 'widgets-';
$class_name = end($arr);
$permission = $prefix . Str::kebab($class_name);
return $permission; return $permission;
} }

4
database/seeds/Roles.php
View File

@ -58,6 +58,8 @@ class Roles extends Seeder
'modules-my' => 'r', 'modules-my' => 'r',
'modules-tiles' => 'r', 'modules-tiles' => 'r',
'notifications' => 'r,u', 'notifications' => 'r,u',
'offline-payments-settings' => 'r,u,d',
'paypal-standard-settings' => 'r,u',
'reports-expense-summary' => 'r', 'reports-expense-summary' => 'r',
'reports-income-summary' => 'r', 'reports-income-summary' => 'r',
'reports-income-expense-summary' => 'r', 'reports-income-expense-summary' => 'r',
@ -112,6 +114,8 @@ class Roles extends Seeder
'sales-revenues' => 'c,r,u,d', 'sales-revenues' => 'c,r,u,d',
'install-updates' => 'r,u', 'install-updates' => 'r,u',
'notifications' => 'r,u', 'notifications' => 'r,u',
'offline-payments-settings' => 'r,u,d',
'paypal-standard-settings' => 'r,u',
'reports-expense-summary' => 'r', 'reports-expense-summary' => 'r',
'reports-income-summary' => 'r', 'reports-income-summary' => 'r',
'reports-income-expense-summary' => 'r', 'reports-income-expense-summary' => 'r',

3
modules/OfflinePayments/Http/Controllers/Settings.php
View File

@ -2,16 +2,15 @@
namespace Modules\OfflinePayments\Http\Controllers; namespace Modules\OfflinePayments\Http\Controllers;
use App\Abstracts\Http\Controller;
use Artisan; use Artisan;
use Illuminate\Http\Response; use Illuminate\Http\Response;
use Illuminate\Routing\Controller;
use Modules\OfflinePayments\Http\Requests\Setting as Request; use Modules\OfflinePayments\Http\Requests\Setting as Request;
use Modules\OfflinePayments\Http\Requests\SettingGet as GRequest; use Modules\OfflinePayments\Http\Requests\SettingGet as GRequest;
use Modules\OfflinePayments\Http\Requests\SettingDelete as DRequest; use Modules\OfflinePayments\Http\Requests\SettingDelete as DRequest;
class Settings extends Controller class Settings extends Controller
{ {
/** /**
* Show the form for editing the specified resource. * Show the form for editing the specified resource.
* *

2
modules/OfflinePayments/Listeners/ShowSetting.php
View File

@ -17,7 +17,7 @@ class ShowSetting
$event->modules->settings['offline-payments'] = [ $event->modules->settings['offline-payments'] = [
'name' => trans('offline-payments::general.name'), 'name' => trans('offline-payments::general.name'),
'description' => trans('offline-payments::general.description'), 'description' => trans('offline-payments::general.description'),
'url' => 'settings/offline-payments', 'url' => 'offline-payments/settings',
'icon' => 'fas fa-credit-card', 'icon' => 'fas fa-credit-card',
]; ];
} }

2
modules/OfflinePayments/Resources/views/edit.blade.php
View File

@ -39,7 +39,7 @@
<div class="card-footer"> <div class="card-footer">
<div class="row float-right"> <div class="row float-right">
{{ Form::saveButtons('settings/offline-payments') }} {{ Form::saveButtons('offline-payments/settings') }}
</div> </div>
</div> </div>
{!! Form::close() !!} {!! Form::close() !!}

10
modules/OfflinePayments/Routes/admin.php
View File

@ -4,10 +4,10 @@ Route::group([
'middleware' => 'admin', 'middleware' => 'admin',
'namespace' => 'Modules\OfflinePayments\Http\Controllers' 'namespace' => 'Modules\OfflinePayments\Http\Controllers'
], function () { ], function () {
Route::group(['prefix' => 'settings'], function () { Route::group(['prefix' => 'offline-payments/settings'], function () {
Route::get('offline-payments', 'Settings@edit')->name('offline-payments.edit'); Route::get('/', 'Settings@edit')->name('offline-payments.edit');
Route::post('offline-payments', 'Settings@update')->name('offline-payments.update'); Route::post('/', 'Settings@update')->name('offline-payments.update');
Route::post('offline-payments/get', 'Settings@get')->name('offline-payments.get'); Route::post('get', 'Settings@get')->name('offline-payments.get');
Route::delete('offline-payments/delete', 'Settings@destroy')->name('offline-payments.delete'); Route::delete('delete', 'Settings@destroy')->name('offline-payments.delete');
}); });
}); });

7
resources/views/settings/modules/edit.blade.php
View File

@ -7,7 +7,7 @@
{!! Form::model($setting, [ {!! Form::model($setting, [
'id' => 'module', 'id' => 'module',
'method' => 'PATCH', 'method' => 'PATCH',
'url' => ['settings/' . $module->getAlias()], 'url' => [$module->getAlias() . '/settings'],
'@submit.prevent' => 'onSubmit', '@submit.prevent' => 'onSubmit',
'@keydown' => 'form.errors.clear($event.target.name)', '@keydown' => 'form.errors.clear($event.target.name)',
'files' => true, 'files' => true,
@ -40,13 +40,16 @@
</div> </div>
</div> </div>
@permission('update-' . $module->getAlias() . '-settings')
<div class="card-footer"> <div class="card-footer">
<div class="float-right"> <div class="float-right">
<div class="row"> <div class="row">
{{ Form::saveButtons(URL::previous()) }} {{ Form::saveButtons(url()->previous()) }}
</div> </div>
</div> </div>
</div> </div>
@endpermission
{!! Form::close() !!} {!! Form::close() !!}
</div> </div>
@endsection @endsection

96
resources/views/settings/settings/index.blade.php
View File

@ -126,59 +126,65 @@
</div> </div>
@endpermission @endpermission
<div class="col-md-4"> @permission('read-settings-categories')
<a href="{{ route('categories.index') }}"> <div class="col-md-4">
<button type="button" class="btn-icon-clipboard p-2"> <a href="{{ route('categories.index') }}">
<div class="row mx-0"> <button type="button" class="btn-icon-clipboard p-2">
<div class="col-auto"> <div class="row mx-0">
<div class="badge badge-secondary settings-icons"> <div class="col-auto">
<i class="fa fa-folder"></i> <div class="badge badge-secondary settings-icons">
<i class="fa fa-folder"></i>
</div>
</div>
<div class="col ml--2">
<h4 class="mb-0">{{ trans_choice('general.categories', 2) }}</h4>
<p class="text-sm text-muted mb-0">{{ trans('settings.categories.description') }}</p>
</div> </div>
</div> </div>
<div class="col ml--2"> </button>
<h4 class="mb-0">{{ trans_choice('general.categories', 2) }}</h4> </a>
<p class="text-sm text-muted mb-0">{{ trans('settings.categories.description') }}</p> </div>
</div> @endpermission
</div>
</button>
</a>
</div>
<div class="col-md-4"> @permission('read-settings-currencies')
<a href="{{ route('currencies.index') }}"> <div class="col-md-4">
<button type="button" class="btn-icon-clipboard p-2"> <a href="{{ route('currencies.index') }}">
<div class="row mx-0"> <button type="button" class="btn-icon-clipboard p-2">
<div class="col-auto"> <div class="row mx-0">
<div class="badge badge-secondary settings-icons"> <div class="col-auto">
<i class="fa fa-dollar-sign"></i> <div class="badge badge-secondary settings-icons">
<i class="fa fa-dollar-sign"></i>
</div>
</div>
<div class="col ml--2">
<h4 class="mb-0">{{ trans_choice('general.currencies', 2) }}</h4>
<p class="text-sm text-muted mb-0">{{ trans('settings.currencies.description') }}</p>
</div> </div>
</div> </div>
<div class="col ml--2"> </button>
<h4 class="mb-0">{{ trans_choice('general.currencies', 2) }}</h4> </a>
<p class="text-sm text-muted mb-0">{{ trans('settings.currencies.description') }}</p> </div>
</div> @endpermission
</div>
</button>
</a>
</div>
<div class="col-md-4"> @permission('read-settings-taxes')
<a href="{{ route('taxes.index') }}"> <div class="col-md-4">
<button type="button" class="btn-icon-clipboard p-2"> <a href="{{ route('taxes.index') }}">
<div class="row mx-0"> <button type="button" class="btn-icon-clipboard p-2">
<div class="col-auto"> <div class="row mx-0">
<div class="badge badge-secondary settings-icons"> <div class="col-auto">
<i class="fas fa-percent"></i> <div class="badge badge-secondary settings-icons">
<i class="fas fa-percent"></i>
</div>
</div>
<div class="col ml--2">
<h4 class="mb-0">{{ trans_choice('general.taxes', 2) }}</h4>
<p class="text-sm text-muted mb-0">{{ trans('settings.taxes.description') }}</p>
</div> </div>
</div> </div>
<div class="col ml--2"> </button>
<h4 class="mb-0">{{ trans_choice('general.taxes', 2) }}</h4> </a>
<p class="text-sm text-muted mb-0">{{ trans('settings.taxes.description') }}</p> </div>
</div> @endpermission
</div>
</button>
</a>
</div>
@foreach($modules as $module) @foreach($modules as $module)
<div class="col-md-4"> <div class="col-md-4">

8
routes/admin.php
View File

@ -148,12 +148,14 @@ Route::group(['prefix' => 'settings'], function () {
Route::get('email', 'Settings\Email@edit')->name('email.edit'); Route::get('email', 'Settings\Email@edit')->name('email.edit');
Route::patch('email', 'Settings\Email@update')->name('email.update'); Route::patch('email', 'Settings\Email@update')->name('email.update');
Route::get('schedule', 'Settings\Schedule@edit')->name('schedule.edit'); Route::get('schedule', 'Settings\Schedule@edit')->name('schedule.edit');
Route::get('{alias}', 'Settings\Modules@edit');
Route::patch('{alias}', 'Settings\Modules@update');
}); });
}); });
Route::group(['as' => 'settings.'], function () {
Route::get('{alias}/settings', 'Settings\Modules@edit');
Route::patch('{alias}/settings', 'Settings\Modules@update');
});
Route::group(['as' => 'apps.', 'prefix' => 'apps'], function () { Route::group(['as' => 'apps.', 'prefix' => 'apps'], function () {
Route::resource('api-key', 'Modules\ApiKey'); Route::resource('api-key', 'Modules\ApiKey');