shihaam/akaunting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improved widget/report permissions

Browse Source
This commit is contained in:
Denis Duliçi 2020-06-13 00:13:39 +03:00
parent 6ca0ec5522
commit e1743e1f8f
4 changed files with 65 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/Http/Controllers/Common/Dashboards.php
View File

@ -10,7 +10,6 @@ use App\Jobs\Common\UpdateDashboard;
use App\Models\Common\Company; use App\Models\Common\Company;
use App\Models\Common\Dashboard; use App\Models\Common\Dashboard;
use App\Models\Common\Widget; use App\Models\Common\Widget;
use App\Models\Module\Module;
use App\Traits\DateTime; use App\Traits\DateTime;
use App\Traits\Users; use App\Traits\Users;
use App\Utilities\Widgets; use App\Utilities\Widgets;
@ -69,13 +68,7 @@ class Dashboards extends Controller
} }
$widgets = Widget::where('dashboard_id', $dashboard->id)->orderBy('sort', 'asc')->get()->filter(function ($widget) { $widgets = Widget::where('dashboard_id', $dashboard->id)->orderBy('sort', 'asc')->get()->filter(function ($widget) {
if ($alias = Widgets::getModuleAlias($widget->class)) { return Widgets::canShow($widget->class);
if (!Module::alias($alias)->enabled()->first()) {
return false;
}
}
return Widgets::canRead($widget->class);
}); });
$financial_start = $this->getFinancialStart()->format('Y-m-d'); $financial_start = $this->getFinancialStart()->format('Y-m-d');

10
app/Http/Controllers/Common/Reports.php
View File

@ -25,7 +25,7 @@ class Reports extends Controller
$reports = Report::orderBy('name')->get(); $reports = Report::orderBy('name')->get();
foreach ($reports as $report) { foreach ($reports as $report) {
if (!Utility::canRead($report->class)) { if (!Utility::canShow($report->class)) {
continue; continue;
} }
@ -56,7 +56,7 @@ class Reports extends Controller
*/ */
public function show(Report $report) public function show(Report $report)
{ {
if (!Utility::canRead($report->class)) { if (!Utility::canShow($report->class)) {
abort(403); abort(403);
} }
@ -203,7 +203,7 @@ class Reports extends Controller
*/ */
public function print(Report $report) public function print(Report $report)
{ {
if (!Utility::canRead($report->class)) { if (!Utility::canShow($report->class)) {
abort(403); abort(403);
} }
@ -218,7 +218,7 @@ class Reports extends Controller
*/ */
public function export(Report $report) public function export(Report $report)
{ {
if (!Utility::canRead($report->class)) { if (!Utility::canShow($report->class)) {
abort(403); abort(403);
} }
@ -263,7 +263,7 @@ class Reports extends Controller
public function clear() public function clear()
{ {
Report::all()->each(function ($report) { Report::all()->each(function ($report) {
if (!Utility::canRead($report->class)) { if (!Utility::canShow($report->class)) {
return; return;
} }

40
app/Utilities/Reports.php
View File

@ -56,6 +56,11 @@ class Reports
return new $class($model, $load_data); return new $class($model, $load_data);
} }
public static function canShow($class)
{
return (static::isModuleEnabled($class) && static::canRead($class));
}
public static function canRead($class) public static function canRead($class)
{ {
return user()->can(static::getPermission($class)); return user()->can(static::getPermission($class));
@ -68,8 +73,8 @@ class Reports
$prefix = 'read-'; $prefix = 'read-';
// Add module // Add module
if (strtolower($arr[0]) == 'modules') { if ($alias = static::getModuleAlias($arr)) {
$prefix .= Str::kebab($arr[1]) . '-'; $prefix .= $alias . '-';
} }
$prefix .= 'reports-'; $prefix .= 'reports-';
@ -85,4 +90,35 @@ class Reports
{ {
return (new $class())->getDefaultName(); return (new $class())->getDefaultName();
} }
public static function isModuleEnabled($class)
{
if (!$alias = static::getModuleAlias($class)) {
return true;
}
if (Module::alias($alias)->enabled()->first()) {
return true;
}
return false;
}
public static function isModule($class)
{
$arr = is_array($class) ? $class : explode('\\', $class);
return (strtolower($arr[0]) == 'modules');
}
public static function getModuleAlias($class)
{
if (!static::isModule($class)) {
return false;
}
$arr = is_array($class) ? $class : explode('\\', $class);
return Str::kebab($arr[1]);
}
} }

24
app/Utilities/Widgets.php
View File

@ -88,6 +88,11 @@ class Widgets
return $class->show(...$arguments); return $class->show(...$arguments);
} }
public static function canShow($class)
{
return (static::isModuleEnabled($class) && static::canRead($class));
}
public static function canRead($class) public static function canRead($class)
{ {
return user()->can(static::getPermission($class)); return user()->can(static::getPermission($class));
@ -100,7 +105,7 @@ class Widgets
$prefix = 'read-'; $prefix = 'read-';
// Add module // Add module
if ($alias = Widgets::getModuleAlias($class)) { if ($alias = static::getModuleAlias($arr)) {
$prefix .= $alias . '-'; $prefix .= $alias . '-';
} }
@ -118,9 +123,22 @@ class Widgets
return (new $class())->getDefaultName(); return (new $class())->getDefaultName();
} }
public static function isModuleEnabled($class)
{
if (!$alias = static::getModuleAlias($class)) {
return true;
}
if (Module::alias($alias)->enabled()->first()) {
return true;
}
return false;
}
public static function isModule($class) public static function isModule($class)
{ {
$arr = explode('\\', $class); $arr = is_array($class) ? $class : explode('\\', $class);
return (strtolower($arr[0]) == 'modules'); return (strtolower($arr[0]) == 'modules');
} }
@ -131,7 +149,7 @@ class Widgets
return false; return false;
} }
$arr = explode('\\', $class); $arr = is_array($class) ? $class : explode('\\', $class);
return Str::kebab($arr[1]); return Str::kebab($arr[1]);
} }