module permissions for reports/settings/widgets
This commit is contained in:
denisdulici
parent
85a80e6e64
commit
d8dacd5838
@ -8,6 +8,20 @@ use App\Http\Requests\Setting\Module as Request;
|
||||
|
||||
class Modules extends Controller
|
||||
{
|
||||
/**
|
||||
* Instantiate a new controller instance.
|
||||
*/
|
||||
public function __construct()
|
||||
{
|
||||
$alias = request()->segment(1);
|
||||
|
||||
// Add CRUD permission check
|
||||
$this->middleware('permission:create-' . $alias . '-settings')->only(['create', 'store', 'duplicate', 'import']);
|
||||
$this->middleware('permission:read-' . $alias . '-settings')->only(['index', 'show', 'edit', 'export']);
|
||||
$this->middleware('permission:update-' . $alias . '-settings')->only(['update', 'enable', 'disable']);
|
||||
$this->middleware('permission:delete-' . $alias . '-settings')->only('destroy');
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for editing the specified resource.
|
||||
*
|
||||
|
||||
@ -43,14 +43,24 @@ class Settings extends Controller
|
||||
$modules->settings[$m->getAlias()] = [
|
||||
'name' => $m->getName(),
|
||||
'description' => $m->getDescription(),
|
||||
'url' => 'settings/' . $m->getAlias(),
|
||||
'url' => $m->getAlias() . '/settings',
|
||||
'icon' => $m->get('icon', 'fa fa-cog'),
|
||||
];
|
||||
}
|
||||
|
||||
event(new \App\Events\Module\SettingShowing($modules));
|
||||
|
||||
return view('settings.settings.index', ['modules' => $modules->settings]);
|
||||
$settings = [];
|
||||
|
||||
foreach ($modules->settings as $alias => $setting) {
|
||||
if (!user()->can('read-' . $alias . '-settings')) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$settings[$alias] = $setting;
|
||||
}
|
||||
|
||||
return view('settings.settings.index', ['modules' => $settings]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -699,6 +699,8 @@ class Version200 extends Listener
|
||||
'common-search' => 'r',
|
||||
'common-widgets' => 'c,r,u,d',
|
||||
'modules-api-key' => 'c,u',
|
||||
'offline-payments-settings' => 'r,u,d',
|
||||
'paypal-standard-settings' => 'r,u',
|
||||
'settings-appearance' => 'r,u',
|
||||
'settings-company' => 'r',
|
||||
'settings-defaults' => 'r',
|
||||
@ -721,6 +723,8 @@ class Version200 extends Listener
|
||||
'common-reports' => 'c,r,u,d',
|
||||
'common-search' => 'r',
|
||||
'common-widgets' => 'r',
|
||||
'offline-payments-settings' => 'r,u,d',
|
||||
'paypal-standard-settings' => 'r,u',
|
||||
'settings-company' => 'r',
|
||||
'settings-defaults' => 'r',
|
||||
'settings-email' => 'r',
|
||||
|
||||
@ -95,9 +95,20 @@ class Reports
|
||||
|
||||
public static function getPermission($class)
|
||||
{
|
||||
$class_name = (new \ReflectionClass($class))->getShortName();
|
||||
$arr = explode('\\', $class);
|
||||
|
||||
$permission = 'read-reports-' . Str::kebab($class_name);
|
||||
$prefix = 'read-';
|
||||
|
||||
// Add module
|
||||
if (strtolower($arr[0]) == 'modules') {
|
||||
$prefix .= Str::kebab($arr[1]) . '-';
|
||||
}
|
||||
|
||||
$prefix .= 'reports-';
|
||||
|
||||
$class_name = end($arr);
|
||||
|
||||
$permission = $prefix . Str::kebab($class_name);
|
||||
|
||||
return $permission;
|
||||
}
|
||||
|
||||
@ -76,9 +76,20 @@ class Widgets
|
||||
|
||||
public static function getPermission($class)
|
||||
{
|
||||
$class_name = (new \ReflectionClass($class))->getShortName();
|
||||
$arr = explode('\\', $class);
|
||||
|
||||
$permission = 'read-widgets-' . Str::kebab($class_name);
|
||||
$prefix = 'read-';
|
||||
|
||||
// Add module
|
||||
if (strtolower($arr[0]) == 'modules') {
|
||||
$prefix .= Str::kebab($arr[1]) . '-';
|
||||
}
|
||||
|
||||
$prefix .= 'widgets-';
|
||||
|
||||
$class_name = end($arr);
|
||||
|
||||
$permission = $prefix . Str::kebab($class_name);
|
||||
|
||||
return $permission;
|
||||
}
|
||||
|
||||
@ -58,6 +58,8 @@ class Roles extends Seeder
|
||||
'modules-my' => 'r',
|
||||
'modules-tiles' => 'r',
|
||||
'notifications' => 'r,u',
|
||||
'offline-payments-settings' => 'r,u,d',
|
||||
'paypal-standard-settings' => 'r,u',
|
||||
'reports-expense-summary' => 'r',
|
||||
'reports-income-summary' => 'r',
|
||||
'reports-income-expense-summary' => 'r',
|
||||
@ -112,6 +114,8 @@ class Roles extends Seeder
|
||||
'sales-revenues' => 'c,r,u,d',
|
||||
'install-updates' => 'r,u',
|
||||
'notifications' => 'r,u',
|
||||
'offline-payments-settings' => 'r,u,d',
|
||||
'paypal-standard-settings' => 'r,u',
|
||||
'reports-expense-summary' => 'r',
|
||||
'reports-income-summary' => 'r',
|
||||
'reports-income-expense-summary' => 'r',
|
||||
|
||||
@ -2,16 +2,15 @@
|
||||
|
||||
namespace Modules\OfflinePayments\Http\Controllers;
|
||||
|
||||
use App\Abstracts\Http\Controller;
|
||||
use Artisan;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Routing\Controller;
|
||||
use Modules\OfflinePayments\Http\Requests\Setting as Request;
|
||||
use Modules\OfflinePayments\Http\Requests\SettingGet as GRequest;
|
||||
use Modules\OfflinePayments\Http\Requests\SettingDelete as DRequest;
|
||||
|
||||
class Settings extends Controller
|
||||
{
|
||||
|
||||
/**
|
||||
* Show the form for editing the specified resource.
|
||||
*
|
||||
|
||||
@ -17,7 +17,7 @@ class ShowSetting
|
||||
$event->modules->settings['offline-payments'] = [
|
||||
'name' => trans('offline-payments::general.name'),
|
||||
'description' => trans('offline-payments::general.description'),
|
||||
'url' => 'settings/offline-payments',
|
||||
'url' => 'offline-payments/settings',
|
||||
'icon' => 'fas fa-credit-card',
|
||||
];
|
||||
}
|
||||
|
||||
@ -39,7 +39,7 @@
|
||||
|
||||
<div class="card-footer">
|
||||
<div class="row float-right">
|
||||
{{ Form::saveButtons('settings/offline-payments') }}
|
||||
{{ Form::saveButtons('offline-payments/settings') }}
|
||||
</div>
|
||||
</div>
|
||||
{!! Form::close() !!}
|
||||
|
||||
@ -4,10 +4,10 @@ Route::group([
|
||||
'middleware' => 'admin',
|
||||
'namespace' => 'Modules\OfflinePayments\Http\Controllers'
|
||||
], function () {
|
||||
Route::group(['prefix' => 'settings'], function () {
|
||||
Route::get('offline-payments', 'Settings@edit')->name('offline-payments.edit');
|
||||
Route::post('offline-payments', 'Settings@update')->name('offline-payments.update');
|
||||
Route::post('offline-payments/get', 'Settings@get')->name('offline-payments.get');
|
||||
Route::delete('offline-payments/delete', 'Settings@destroy')->name('offline-payments.delete');
|
||||
Route::group(['prefix' => 'offline-payments/settings'], function () {
|
||||
Route::get('/', 'Settings@edit')->name('offline-payments.edit');
|
||||
Route::post('/', 'Settings@update')->name('offline-payments.update');
|
||||
Route::post('get', 'Settings@get')->name('offline-payments.get');
|
||||
Route::delete('delete', 'Settings@destroy')->name('offline-payments.delete');
|
||||
});
|
||||
});
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
{!! Form::model($setting, [
|
||||
'id' => 'module',
|
||||
'method' => 'PATCH',
|
||||
'url' => ['settings/' . $module->getAlias()],
|
||||
'url' => [$module->getAlias() . '/settings'],
|
||||
'@submit.prevent' => 'onSubmit',
|
||||
'@keydown' => 'form.errors.clear($event.target.name)',
|
||||
'files' => true,
|
||||
@ -40,13 +40,16 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@permission('update-' . $module->getAlias() . '-settings')
|
||||
<div class="card-footer">
|
||||
<div class="float-right">
|
||||
<div class="row">
|
||||
{{ Form::saveButtons(URL::previous()) }}
|
||||
{{ Form::saveButtons(url()->previous()) }}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@endpermission
|
||||
|
||||
{!! Form::close() !!}
|
||||
</div>
|
||||
@endsection
|
||||
|
||||
@ -126,59 +126,65 @@
|
||||
</div>
|
||||
@endpermission
|
||||
|
||||
<div class="col-md-4">
|
||||
<a href="{{ route('categories.index') }}">
|
||||
<button type="button" class="btn-icon-clipboard p-2">
|
||||
<div class="row mx-0">
|
||||
<div class="col-auto">
|
||||
<div class="badge badge-secondary settings-icons">
|
||||
<i class="fa fa-folder"></i>
|
||||
@permission('read-settings-categories')
|
||||
<div class="col-md-4">
|
||||
<a href="{{ route('categories.index') }}">
|
||||
<button type="button" class="btn-icon-clipboard p-2">
|
||||
<div class="row mx-0">
|
||||
<div class="col-auto">
|
||||
<div class="badge badge-secondary settings-icons">
|
||||
<i class="fa fa-folder"></i>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col ml--2">
|
||||
<h4 class="mb-0">{{ trans_choice('general.categories', 2) }}</h4>
|
||||
<p class="text-sm text-muted mb-0">{{ trans('settings.categories.description') }}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col ml--2">
|
||||
<h4 class="mb-0">{{ trans_choice('general.categories', 2) }}</h4>
|
||||
<p class="text-sm text-muted mb-0">{{ trans('settings.categories.description') }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</button>
|
||||
</a>
|
||||
</div>
|
||||
</button>
|
||||
</a>
|
||||
</div>
|
||||
@endpermission
|
||||
|
||||
<div class="col-md-4">
|
||||
<a href="{{ route('currencies.index') }}">
|
||||
<button type="button" class="btn-icon-clipboard p-2">
|
||||
<div class="row mx-0">
|
||||
<div class="col-auto">
|
||||
<div class="badge badge-secondary settings-icons">
|
||||
<i class="fa fa-dollar-sign"></i>
|
||||
@permission('read-settings-currencies')
|
||||
<div class="col-md-4">
|
||||
<a href="{{ route('currencies.index') }}">
|
||||
<button type="button" class="btn-icon-clipboard p-2">
|
||||
<div class="row mx-0">
|
||||
<div class="col-auto">
|
||||
<div class="badge badge-secondary settings-icons">
|
||||
<i class="fa fa-dollar-sign"></i>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col ml--2">
|
||||
<h4 class="mb-0">{{ trans_choice('general.currencies', 2) }}</h4>
|
||||
<p class="text-sm text-muted mb-0">{{ trans('settings.currencies.description') }}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col ml--2">
|
||||
<h4 class="mb-0">{{ trans_choice('general.currencies', 2) }}</h4>
|
||||
<p class="text-sm text-muted mb-0">{{ trans('settings.currencies.description') }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</button>
|
||||
</a>
|
||||
</div>
|
||||
</button>
|
||||
</a>
|
||||
</div>
|
||||
@endpermission
|
||||
|
||||
<div class="col-md-4">
|
||||
<a href="{{ route('taxes.index') }}">
|
||||
<button type="button" class="btn-icon-clipboard p-2">
|
||||
<div class="row mx-0">
|
||||
<div class="col-auto">
|
||||
<div class="badge badge-secondary settings-icons">
|
||||
<i class="fas fa-percent"></i>
|
||||
@permission('read-settings-taxes')
|
||||
<div class="col-md-4">
|
||||
<a href="{{ route('taxes.index') }}">
|
||||
<button type="button" class="btn-icon-clipboard p-2">
|
||||
<div class="row mx-0">
|
||||
<div class="col-auto">
|
||||
<div class="badge badge-secondary settings-icons">
|
||||
<i class="fas fa-percent"></i>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col ml--2">
|
||||
<h4 class="mb-0">{{ trans_choice('general.taxes', 2) }}</h4>
|
||||
<p class="text-sm text-muted mb-0">{{ trans('settings.taxes.description') }}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col ml--2">
|
||||
<h4 class="mb-0">{{ trans_choice('general.taxes', 2) }}</h4>
|
||||
<p class="text-sm text-muted mb-0">{{ trans('settings.taxes.description') }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</button>
|
||||
</a>
|
||||
</div>
|
||||
</button>
|
||||
</a>
|
||||
</div>
|
||||
@endpermission
|
||||
|
||||
@foreach($modules as $module)
|
||||
<div class="col-md-4">
|
||||
|
||||
@ -148,12 +148,14 @@ Route::group(['prefix' => 'settings'], function () {
|
||||
Route::get('email', 'Settings\Email@edit')->name('email.edit');
|
||||
Route::patch('email', 'Settings\Email@update')->name('email.update');
|
||||
Route::get('schedule', 'Settings\Schedule@edit')->name('schedule.edit');
|
||||
|
||||
Route::get('{alias}', 'Settings\Modules@edit');
|
||||
Route::patch('{alias}', 'Settings\Modules@update');
|
||||
});
|
||||
});
|
||||
|
||||
Route::group(['as' => 'settings.'], function () {
|
||||
Route::get('{alias}/settings', 'Settings\Modules@edit');
|
||||
Route::patch('{alias}/settings', 'Settings\Modules@update');
|
||||
});
|
||||
|
||||
Route::group(['as' => 'apps.', 'prefix' => 'apps'], function () {
|
||||
Route::resource('api-key', 'Modules\ApiKey');
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user