diff --git a/app/Abstracts/Report.php b/app/Abstracts/Report.php index a6e25469c..8f5ae5851 100644 --- a/app/Abstracts/Report.php +++ b/app/Abstracts/Report.php @@ -372,16 +372,4 @@ abstract class Report return $print_url; } - - public function getPermission() - { - $permission = 'read-reports-' . Str::kebab((new \ReflectionClass($this))->getShortName()); - - return $permission; - } - - public function canRead() - { - return user()->can($this->getPermission()); - } } diff --git a/app/Http/Controllers/Common/Dashboard.php b/app/Http/Controllers/Common/Dashboard.php index 6e322484f..2bb039c12 100644 --- a/app/Http/Controllers/Common/Dashboard.php +++ b/app/Http/Controllers/Common/Dashboard.php @@ -7,6 +7,7 @@ use App\Http\Requests\Common\Dashboard as Request; use App\Models\Common\Dashboard as Model; use App\Models\Common\Widget; use App\Traits\DateTime; +use App\Utilities\Widgets as WidgetUtility; class Dashboard extends Controller { @@ -31,14 +32,16 @@ class Dashboard extends Controller $dashboards = Model::where('user_id', user()->id)->enabled()->get(); if (!$dashboard_id) { - $dashboard_id = $dashboards->first()->id; + $dashboard_id = $dashboards->pluck('id')->first(); } // Dashboard $dashboard = Model::find($dashboard_id); // Widgets - $widgets = Widget::where('dashboard_id', $dashboard->id)->orderBy('sort', 'asc')->get(); + $widgets = Widget::where('dashboard_id', $dashboard->id)->orderBy('sort', 'asc')->get()->filter(function ($widget) { + return WidgetUtility::canRead($widget->class); + })->all(); $financial_start = $this->getFinancialStart()->format('Y-m-d'); diff --git a/app/Http/Controllers/Common/Reports.php b/app/Http/Controllers/Common/Reports.php index ccca5412a..be5575a3e 100644 --- a/app/Http/Controllers/Common/Reports.php +++ b/app/Http/Controllers/Common/Reports.php @@ -24,12 +24,12 @@ class Reports extends Controller $reports = Report::collect(); foreach ($reports as $report) { - $class = Utility::getClassInstance($report); - - if (!$class->canRead()) { + if (!Utility::canRead($report->class)) { continue; } + $class = Utility::getClassInstance($report); + $classes[$report->id] = $class; $categories[$class->getCategory()][] = $report; @@ -46,13 +46,11 @@ class Reports extends Controller */ public function show(Report $report) { - $class = Utility::getClassInstance($report); - - if (!$class->canRead()) { + if (!Utility::canRead($report->class)) { abort(403); } - return $class->show(); + return Utility::getClassInstance($report)->show(); } /** @@ -186,13 +184,11 @@ class Reports extends Controller */ public function print(Report $report) { - $class = Utility::getClassInstance($report); - - if (!$class->canRead()) { + if (!Utility::canRead($report->class)) { abort(403); } - return $class->print(); + return Utility::getClassInstance($report)->print(); } /** @@ -203,13 +199,11 @@ class Reports extends Controller */ public function export(Report $report) { - $class = Utility::getClassInstance($report); - - if (!$class->canRead()) { + if (!Utility::canRead($report->class)) { abort(403); } - return $class->export(); + return Utility::getClassInstance($report)->export(); } /** diff --git a/app/Listeners/Update/V20/Version200.php b/app/Listeners/Update/V20/Version200.php index 3e55ee220..65882a2fe 100644 --- a/app/Listeners/Update/V20/Version200.php +++ b/app/Listeners/Update/V20/Version200.php @@ -707,6 +707,15 @@ class Version200 extends Listener 'settings-localisation' => 'r', 'settings-modules' => 'r,u', 'settings-schedule' => 'r', + 'widgets-account-balance' => 'r', + 'widgets-cash-flow' => 'r', + 'widgets-expenses-by-category' => 'r', + 'widgets-income-by-category' => 'r', + 'widgets-latest-expenses' => 'r', + 'widgets-latest-income' => 'r', + 'widgets-total-expenses' => 'r', + 'widgets-total-income' => 'r', + 'widgets-total-profit' => 'r', ], 'manager' => [ 'common-reports' => 'c,r,u,d', @@ -719,6 +728,15 @@ class Version200 extends Listener 'settings-localisation' => 'r', 'settings-modules' => 'r,u', 'settings-schedule' => 'r', + 'widgets-account-balance' => 'r', + 'widgets-cash-flow' => 'r', + 'widgets-expenses-by-category' => 'r', + 'widgets-income-by-category' => 'r', + 'widgets-latest-expenses' => 'r', + 'widgets-latest-income' => 'r', + 'widgets-total-expenses' => 'r', + 'widgets-total-income' => 'r', + 'widgets-total-profit' => 'r', ], 'customer' => [ 'client-portal' => 'r', diff --git a/app/Utilities/Reports.php b/app/Utilities/Reports.php index f170f0aea..68393b065 100644 --- a/app/Utilities/Reports.php +++ b/app/Utilities/Reports.php @@ -4,6 +4,7 @@ namespace App\Utilities; use App\Models\Common\Report; use App\Models\Module\Module; +use Illuminate\Support\Str; class Reports { @@ -30,7 +31,7 @@ class Reports }); foreach ($list as $class) { - if (!class_exists($class)) { + if (!class_exists($class) || !static::canRead($class)) { continue; } @@ -86,4 +87,18 @@ class Reports return new $class($model, $get_totals); } + + public static function canRead($class) + { + return user()->can(static::getPermission($class)); + } + + public static function getPermission($class) + { + $class_name = (new \ReflectionClass($class))->getShortName(); + + $permission = 'read-reports-' . Str::kebab($class_name); + + return $permission; + } } diff --git a/app/Utilities/Widgets.php b/app/Utilities/Widgets.php index 7efd216b9..61809da08 100644 --- a/app/Utilities/Widgets.php +++ b/app/Utilities/Widgets.php @@ -4,6 +4,7 @@ namespace App\Utilities; use App\Models\Common\Widget; use App\Models\Module\Module; +use Illuminate\Support\Str; class Widgets { @@ -34,7 +35,7 @@ class Widgets }); foreach ($list as $class) { - if (!class_exists($class)) { + if (!class_exists($class) || !static::canRead($class)) { continue; } @@ -67,4 +68,18 @@ class Widgets return $class->show(...$arguments); } + + public static function canRead($class) + { + return user()->can(static::getPermission($class)); + } + + public static function getPermission($class) + { + $class_name = (new \ReflectionClass($class))->getShortName(); + + $permission = 'read-widgets-' . Str::kebab($class_name); + + return $permission; + } } diff --git a/database/seeds/Roles.php b/database/seeds/Roles.php index 454250517..dc85b70a2 100644 --- a/database/seeds/Roles.php +++ b/database/seeds/Roles.php @@ -75,10 +75,19 @@ class Roles extends Seeder 'settings-settings' => 'r,u', 'settings-schedule' => 'r', 'settings-taxes' => 'c,r,u,d', + 'widgets-account-balance' => 'r', + 'widgets-cash-flow' => 'r', + 'widgets-expenses-by-category' => 'r', + 'widgets-income-by-category' => 'r', + 'widgets-latest-expenses' => 'r', + 'widgets-latest-income' => 'r', + 'widgets-total-expenses' => 'r', + 'widgets-total-income' => 'r', + 'widgets-total-profit' => 'r', 'wizard-companies' => 'c,r,u', 'wizard-currencies' => 'c,r,u,d', 'wizard-finish' => 'c,r,u', - 'wizard-taxes' => 'c,r,u' + 'wizard-taxes' => 'c,r,u', ], 'manager' => [ 'admin-panel' => 'r', @@ -118,13 +127,22 @@ class Roles extends Seeder 'settings-modules' => 'r,u', 'settings-settings' => 'r,u', 'settings-schedule' => 'r', - 'settings-taxes' => 'c,r,u,d' + 'settings-taxes' => 'c,r,u,d', + 'widgets-account-balance' => 'r', + 'widgets-cash-flow' => 'r', + 'widgets-expenses-by-category' => 'r', + 'widgets-income-by-category' => 'r', + 'widgets-latest-expenses' => 'r', + 'widgets-latest-income' => 'r', + 'widgets-total-expenses' => 'r', + 'widgets-total-income' => 'r', + 'widgets-total-profit' => 'r', ], 'customer' => [ 'client-portal' => 'r', 'portal-invoices' => 'r,u', 'portal-payments' => 'r,u', - 'portal-profile' => 'r,u' + 'portal-profile' => 'r,u', ] ]; diff --git a/resources/views/auth/roles/create.blade.php b/resources/views/auth/roles/create.blade.php index b763662a8..b32b5797c 100644 --- a/resources/views/auth/roles/create.blade.php +++ b/resources/views/auth/roles/create.blade.php @@ -53,7 +53,7 @@
@foreach($code_permissions as $item) -
+
{{ Form::checkbox('permissions', $item->id, null, ['id' => 'permissions-' . $item->id, 'class' => 'custom-control-input', 'v-model' => 'form.permissions']) }}