kagir/Motula-Translate-Backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement roles management;

Browse Source 
Add user profile;
Improve Ui;
Clean code;
Minor fix;
Typo;
This commit is contained in:
c.girardi
2024-02-21 16:56:08 +01:00
parent fca756b556
commit e6f3fcbb4e
27 changed files with 708 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
app/Http/Controllers/RolesController.php
View File

@@ -2,16 +2,33 @@
namespace App\Http\Controllers;
use App\Http\Requests\StoreRoleRequest;
use App\Http\Requests\UpdateRoleRequest;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class RolesController extends Controller
{
public function __construct()
{
$this->middleware('auth');
$this->middleware('permission:create-role|edit-role|delete-role', ['only' => ['index', 'show']]);
$this->middleware('permission:create-role', ['only' => ['create', 'store']]);
$this->middleware('permission:edit-role', ['only' => ['edit', 'update']]);
$this->middleware('permission:delete-role', ['only' => ['destroy']]);
}
/**
* Display a listing of the resource.
*/
public function index()
{
//
return view('roles.index', [
'roles' => Role::orderBy('id', 'DESC')->paginate(3)
]);
}
/**
@@ -19,46 +36,91 @@ class RolesController extends Controller
*/
public function create()
{
//
return view('roles.create', [
'permissions' => Permission::get()
]);
}
/**
* Store a newly created resource in storage.
*/
public function store(Request $request)
public function store(StoreRoleRequest $request)
{
//
$role = Role::create(['name' => $request->name]);
$permissions = Permission::whereIn('id', $request->permissions)->get(['name'])->toArray();
$role->syncPermissions($permissions);
return redirect()->route('roles.index')
->withSuccess('New role is added successfully.');
}
/**
* Display the specified resource.
*/
public function show(string $id)
public function show(Role $role)
{
//
$rolePermissions = Permission::join("role_has_permissions", "permission_id", "=", "id")
->where("role_id", $role->id)
->select('name')
->get();
return view('roles.show', [
'role' => $role,
'rolePermissions' => $rolePermissions
]);
}
/**
* Show the form for editing the specified resource.
*/
public function edit(string $id)
public function edit(Role $role)
{
//
if ($role->name == 'ADMIN') {
abort(403, 'ADMIN ROLE CAN NOT BE EDITED');
}
$rolePermissions = DB::table("role_has_permissions")->where("role_id", $role->id)
->pluck('permission_id')
->all();
return view('roles.edit', [
'role' => $role,
'permissions' => Permission::get(),
'rolePermissions' => $rolePermissions
]);
}
/**
* Update the specified resource in storage.
*/
public function update(Request $request, string $id)
public function update(UpdateRoleRequest $request, Role $role)
{
//
$input = $request->only('name');
$role->update($input);
$permissions = Permission::whereIn('id', $request->permissions)->get(['name'])->toArray();
$role->syncPermissions($permissions);
return redirect()->back()
->withSuccess('Role is updated successfully.');
}
/**
* Remove the specified resource from storage.
*/
public function destroy(string $id)
/**
* Remove the specified resource from storage.
*/
public function destroy(Role $role)
{
//
if($role->name=='ADMIn'){
abort(403, 'ADMIN ROLE CAN NOT BE DELETED');
}
if(auth()->user()->hasRole($role->name)){
abort(403, 'CAN NOT DELETE SELF ASSIGNED ROLE');
}
$role->delete();
return redirect()->route('roles.index')
->withSuccess('Role is deleted successfully.');
}
}

25
app/Http/Controllers/UsersController.php
View File

@@ -4,9 +4,11 @@ namespace App\Http\Controllers;
use App\Http\Requests\StoreUserRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Jobs\SendMailJob;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Spatie\Permission\Models\Role;
class UsersController extends Controller
@@ -62,6 +64,7 @@ class UsersController extends Controller
*/
public function show(User $user)
{
//dispatch(new SendMailJob($user));
return view('users.show', [
'user' => $user
]);
@@ -72,9 +75,9 @@ class UsersController extends Controller
*/
public function edit(User $user)
{
// Check Only Super Admin can update his own Profile
if ($user->hasRole('ADMIN')){
if($user->id != auth()->user()->id){
// Check Only ADMIN can update his own Profile
if ($user->hasRole('ADMIN')) {
if ($user->id != auth()->user()->id) {
abort(403, 'USER DOES NOT HAVE THE RIGHT PERMISSIONS');
}
}
@@ -93,12 +96,19 @@ class UsersController extends Controller
{
$input = $request->all();
if(!empty($request->password)){
if (!empty($request->password)) {
$input['password'] = Hash::make($request->password);
}else{
} else {
$input = $request->except('password');
}
if ($request->hasFile('image')) {
$filename = $request->image->getClientOriginalName();
$request->image->storeAs('images', $filename, 'public');
$input['image'] = $filename;
}
$user->update($input);
$user->syncRoles($request->roles);
@@ -112,9 +122,8 @@ class UsersController extends Controller
*/
public function destroy(User $user)
{
// About if user is Super Admin or User ID belongs to Auth User
if ($user->hasRole('ADMIN') || $user->id == auth()->user()->id)
{
// About if user is ADMIN or User ID belongs to Auth User
if ($user->hasRole('ADMIN') || $user->id == auth()->user()->id) {
abort(403, 'USER DOES NOT HAVE THE RIGHT PERMISSIONS');
}

29
app/Http/Requests/StoreRoleRequest.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class StoreRoleRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'name' => 'required|string|max:250|unique:roles,name',
'permissions' => 'required',
];
}
}

29
app/Http/Requests/UpdateRoleRequest.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class UpdateRoleRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return false;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'name' => 'required|string|max:250|unique:roles,name,'.$this->role->id,
'permissions' => 'required',
];
}
}

3
app/Http/Requests/UpdateUserRequest.php
View File

@@ -25,7 +25,8 @@ class UpdateUserRequest extends FormRequest
'name' => 'required|string|max:250',
'email' => 'required|string|email:rfc,dns|max:250|unique:users,email,'.$this->user->id,
'password' => 'nullable|string|min:8|confirmed',
'roles' => 'required'
'roles' => 'required',
'image' => 'file|image'
];
}
}