vict3459
/
Ekapp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Finished security middlewarez

This commit is contained in:
Sebastian Davaris 2020-06-30 10:04:06 +02:00
parent 0a89d24319
commit 358b218d23
8 changed files with 25 additions and 358 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
skolehjem/app/Http/Controllers/ImageController.php
View File

@ -1,85 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\Image;
use Illuminate\Http\Request;
class ImageController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
//
}
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
//
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
//
}
/**
* Display the specified resource.
*
* @param \App\Image $image
* @return \Illuminate\Http\Response
*/
public function show(Image $image)
{
//
}
/**
* Show the form for editing the specified resource.
*
* @param \App\Image $image
* @return \Illuminate\Http\Response
*/
public function edit(Image $image)
{
//
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param \App\Image $image
* @return \Illuminate\Http\Response
*/
public function update(Request $request, Image $image)
{
//
}
/**
* Remove the specified resource from storage.
*
* @param \App\Image $image
* @return \Illuminate\Http\Response
*/
public function destroy(Image $image)
{
//
}
}

2
skolehjem/app/Http/Controllers/MenuPlanController.php
View File

@ -110,7 +110,7 @@ class MenuPlanController extends Controller
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
* @return \Illuminate\Http\RedirectResponse
*/
public function destroy($id)
{

185
skolehjem/app/Http/Controllers/StaffController.php
View File

@ -1,185 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\Staff;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class StaffController extends Controller
{
public function __construct()
{
// $this->middleware([ "auth" ])->only("logout");
// $this->middleware([ "guest" ])->only("login");
//
// $this->middleware([ "permission:staff.list", "role:admin" ])->only("index");
// $this->middleware([ "permission:staff.show", "role:admin" ])->only("show");
// $this->middleware([ "permission:staff.edit", "role:admin" ])->only([ "edit", "update" ]);
// $this->middleware([ "permission:staff.delete", "role:admin" ])->only("delete");
}
/**
* Display a listing of the resource.
*
* @param Request $request
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function index(Request $request)
{
$staffs = Staff::query()->paginate($request->query("page", 20));
return Response::detect("staff.index", [ "staffs" => $staffs ]);
}
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function create()
{
return Response::detect("staff.create");
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function store(Request $request)
{
$data = $request->validate([
"name_first" => "required|max:255",
"name_last" => "required|max:255",
"email" => "required|email|unique:staff",
"password" => "required|max:60",
"phone" => "required|unique:staff"
]);
$staff = new Staff($data);
$staff->save();
return Response::detect("staff.store");
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function show($id)
{
$staff = Staff::find($id);
return Response::detect("staff.show", [
"staff" => $staff
]);
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function edit($id)
{
$staff = Staff::find($id);
return Response::detect("staff.edit", [
"staff" => $staff
]);
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function update(Request $request, $id)
{
$data = $request->all();
// $data = $request->validate([
// "name_first" => "max:255",
// "name_last" => "max:255",
// "email" => "email|unique:staff",
// "password" => "max:60",
// "phone" => "unique:staff",
// ]);
// Validates if the staff is updating itself or another staff.
// if($id === Auth::id()) {
// $staff = Auth::staff();
//
// $staff->update($data);
//
// $staff->save();
// return Response::detect("staff.edit", [
// "staff" => $staff
// ]);
// }
//TODO: Implement when security's ready!!!
// else if(Auth::staff()->hasPermissionTo("staff.edit")) {
$staff = Staff::find($id);
/** @var Staff $staff */
$staff->update($data);
$staff->save();
// }
$staffs = Staff::query()->paginate(20);
return Response::detect("staff.index", [
"staffs" => $staffs
]);
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function destroy(Staff $id)
{
$id->delete();
return redirect()->route("staff.index");
}
/*******************************************/
/* Authentication */
/*******************************************/
public function showLogin() {
return view("admin.staff.login");
}
public function login(Request $request) {
$data = $request->only("email", "password");
if(Auth::attempt($data)) {
//TODO: Implement home?
return redirect()->route("staff.index");
}
return redirect()->back(303);
}
public function logout(Request $request) {
Auth::logout();
return redirect()->to("/");
}
}

85
skolehjem/app/Http/Controllers/VideoController.php
View File

@ -1,85 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\Video;
use Illuminate\Http\Request;
class VideoController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
//
}
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
//
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
//
}
/**
* Display the specified resource.
*
* @param \App\Video $video
* @return \Illuminate\Http\Response
*/
public function show(Video $video)
{
//
}
/**
* Show the form for editing the specified resource.
*
* @param \App\Video $video
* @return \Illuminate\Http\Response
*/
public function edit(Video $video)
{
//
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param \App\Video $video
* @return \Illuminate\Http\Response
*/
public function update(Request $request, Video $video)
{
//
}
/**
* Remove the specified resource from storage.
*
* @param \App\Video $video
* @return \Illuminate\Http\Response
*/
public function destroy(Video $video)
{
//
}
}

11
skolehjem/app/Http/Controllers/WashingMachineController.php
View File

@ -9,6 +9,17 @@ use App\WashingMachine;
class WashingMachineController extends Controller
{
public function __construct()
{
$this->middleware([ "auth" ]);
$this->middleware([ "check.auth:washing.machine.list" ])->only("index");
$this->middleware([ "check.auth:washing.machine.show" ])->only("show");
$this->middleware([ "check.auth:washing.machine.create" ])->only("create", "store");
$this->middleware([ "check.auth:washing.machine.edit" ])->only("edit", "update");
$this->middleware([ "check.auth:washing.machine.delete" ])->only("delete");
}
/**
* Display a listing of the resource.
*

11
skolehjem/app/Http/Controllers/WashingReservationController.php
View File

@ -9,6 +9,17 @@ use App\WashingReservation;
class WashingReservationController extends Controller
{
public function __construct()
{
$this->middleware([ "auth" ]);
$this->middleware([ "check.auth:washing.machine.reservation.list" ])->only("index");
$this->middleware([ "check.auth:washing.machine.reservation.show" ])->only("show");
$this->middleware([ "check.auth:washing.machine.reservation.create" ])->only("create", "store");
$this->middleware([ "check.auth:washing.machine.reservation.edit" ])->only("edit", "update");
$this->middleware([ "check.auth:washing.machine.reservation.delete" ])->only("delete");
}
/**
* Display a listing of the resource.
*

2
skolehjem/app/Http/Middleware/Authenticate.php
View File

@ -15,7 +15,7 @@ class Authenticate extends Middleware
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('login');
return route('users.login');
}
}
}

2
skolehjem/resources/views/admin/users/login.blade.php
View File

@ -9,7 +9,7 @@
<div class="brand">
<img src="{{URL::asset('/images/logos/Logo-hvid.svg')}}" alt="Syddansk Erhvervsskole">
</div>
<form action="" method="post">
<form action="{{ route("users.login") }}" method="post">
@csrf
<input class="appinput" type="email" name="email" placeholder="Email" required>
<input class="appinput" type="password" name="password" placeholder="Password" required>