Finished security middlewarez
This commit is contained in:
parent
0a89d24319
commit
358b218d23
skolehjem
app/Http
Controllers
ImageController.phpMenuPlanController.phpStaffController.phpVideoController.phpWashingMachineController.phpWashingReservationController.php
Middleware
resources/views/admin/users
|
@ -1,85 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use App\Image;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class ImageController extends Controller
|
||||
{
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function index()
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for creating a new resource.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function create()
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Store a newly created resource in storage.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function store(Request $request)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Display the specified resource.
|
||||
*
|
||||
* @param \App\Image $image
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function show(Image $image)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for editing the specified resource.
|
||||
*
|
||||
* @param \App\Image $image
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function edit(Image $image)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the specified resource in storage.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \App\Image $image
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function update(Request $request, Image $image)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove the specified resource from storage.
|
||||
*
|
||||
* @param \App\Image $image
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function destroy(Image $image)
|
||||
{
|
||||
//
|
||||
}
|
||||
}
|
|
@ -110,7 +110,7 @@ class MenuPlanController extends Controller
|
|||
* Remove the specified resource from storage.
|
||||
*
|
||||
* @param int $id
|
||||
* @return \Illuminate\Http\Response
|
||||
* @return \Illuminate\Http\RedirectResponse
|
||||
*/
|
||||
public function destroy($id)
|
||||
{
|
||||
|
|
|
@ -1,185 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use App\Staff;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
|
||||
class StaffController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
// $this->middleware([ "auth" ])->only("logout");
|
||||
// $this->middleware([ "guest" ])->only("login");
|
||||
//
|
||||
// $this->middleware([ "permission:staff.list", "role:admin" ])->only("index");
|
||||
// $this->middleware([ "permission:staff.show", "role:admin" ])->only("show");
|
||||
// $this->middleware([ "permission:staff.edit", "role:admin" ])->only([ "edit", "update" ]);
|
||||
// $this->middleware([ "permission:staff.delete", "role:admin" ])->only("delete");
|
||||
}
|
||||
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function index(Request $request)
|
||||
{
|
||||
$staffs = Staff::query()->paginate($request->query("page", 20));
|
||||
|
||||
return Response::detect("staff.index", [ "staffs" => $staffs ]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for creating a new resource.
|
||||
*
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function create()
|
||||
{
|
||||
return Response::detect("staff.create");
|
||||
}
|
||||
|
||||
/**
|
||||
* Store a newly created resource in storage.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function store(Request $request)
|
||||
{
|
||||
$data = $request->validate([
|
||||
"name_first" => "required|max:255",
|
||||
"name_last" => "required|max:255",
|
||||
"email" => "required|email|unique:staff",
|
||||
"password" => "required|max:60",
|
||||
"phone" => "required|unique:staff"
|
||||
|
||||
]);
|
||||
|
||||
$staff = new Staff($data);
|
||||
$staff->save();
|
||||
|
||||
return Response::detect("staff.store");
|
||||
}
|
||||
|
||||
/**
|
||||
* Display the specified resource.
|
||||
*
|
||||
* @param int $id
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function show($id)
|
||||
{
|
||||
$staff = Staff::find($id);
|
||||
|
||||
return Response::detect("staff.show", [
|
||||
"staff" => $staff
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for editing the specified resource.
|
||||
*
|
||||
* @param int $id
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function edit($id)
|
||||
{
|
||||
$staff = Staff::find($id);
|
||||
|
||||
return Response::detect("staff.edit", [
|
||||
"staff" => $staff
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the specified resource in storage.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param int $id
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function update(Request $request, $id)
|
||||
{
|
||||
$data = $request->all();
|
||||
|
||||
// $data = $request->validate([
|
||||
// "name_first" => "max:255",
|
||||
// "name_last" => "max:255",
|
||||
// "email" => "email|unique:staff",
|
||||
// "password" => "max:60",
|
||||
// "phone" => "unique:staff",
|
||||
// ]);
|
||||
|
||||
// Validates if the staff is updating itself or another staff.
|
||||
// if($id === Auth::id()) {
|
||||
// $staff = Auth::staff();
|
||||
//
|
||||
// $staff->update($data);
|
||||
//
|
||||
// $staff->save();
|
||||
// return Response::detect("staff.edit", [
|
||||
// "staff" => $staff
|
||||
// ]);
|
||||
// }
|
||||
|
||||
//TODO: Implement when security's ready!!!
|
||||
// else if(Auth::staff()->hasPermissionTo("staff.edit")) {
|
||||
$staff = Staff::find($id);
|
||||
|
||||
/** @var Staff $staff */
|
||||
$staff->update($data);
|
||||
|
||||
$staff->save();
|
||||
// }
|
||||
|
||||
$staffs = Staff::query()->paginate(20);
|
||||
|
||||
return Response::detect("staff.index", [
|
||||
"staffs" => $staffs
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove the specified resource from storage.
|
||||
*
|
||||
* @param int $id
|
||||
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
||||
*/
|
||||
public function destroy(Staff $id)
|
||||
{
|
||||
$id->delete();
|
||||
return redirect()->route("staff.index");
|
||||
}
|
||||
|
||||
/*******************************************/
|
||||
/* Authentication */
|
||||
/*******************************************/
|
||||
|
||||
public function showLogin() {
|
||||
return view("admin.staff.login");
|
||||
}
|
||||
|
||||
public function login(Request $request) {
|
||||
$data = $request->only("email", "password");
|
||||
|
||||
if(Auth::attempt($data)) {
|
||||
//TODO: Implement home?
|
||||
return redirect()->route("staff.index");
|
||||
}
|
||||
|
||||
return redirect()->back(303);
|
||||
}
|
||||
|
||||
public function logout(Request $request) {
|
||||
Auth::logout();
|
||||
|
||||
return redirect()->to("/");
|
||||
}
|
||||
}
|
|
@ -1,85 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use App\Video;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class VideoController extends Controller
|
||||
{
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function index()
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for creating a new resource.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function create()
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Store a newly created resource in storage.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function store(Request $request)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Display the specified resource.
|
||||
*
|
||||
* @param \App\Video $video
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function show(Video $video)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the form for editing the specified resource.
|
||||
*
|
||||
* @param \App\Video $video
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function edit(Video $video)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the specified resource in storage.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \App\Video $video
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function update(Request $request, Video $video)
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove the specified resource from storage.
|
||||
*
|
||||
* @param \App\Video $video
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function destroy(Video $video)
|
||||
{
|
||||
//
|
||||
}
|
||||
}
|
|
@ -9,6 +9,17 @@ use App\WashingMachine;
|
|||
|
||||
class WashingMachineController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware([ "auth" ]);
|
||||
|
||||
$this->middleware([ "check.auth:washing.machine.list" ])->only("index");
|
||||
$this->middleware([ "check.auth:washing.machine.show" ])->only("show");
|
||||
$this->middleware([ "check.auth:washing.machine.create" ])->only("create", "store");
|
||||
$this->middleware([ "check.auth:washing.machine.edit" ])->only("edit", "update");
|
||||
$this->middleware([ "check.auth:washing.machine.delete" ])->only("delete");
|
||||
}
|
||||
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
|
|
|
@ -9,6 +9,17 @@ use App\WashingReservation;
|
|||
|
||||
class WashingReservationController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware([ "auth" ]);
|
||||
|
||||
$this->middleware([ "check.auth:washing.machine.reservation.list" ])->only("index");
|
||||
$this->middleware([ "check.auth:washing.machine.reservation.show" ])->only("show");
|
||||
$this->middleware([ "check.auth:washing.machine.reservation.create" ])->only("create", "store");
|
||||
$this->middleware([ "check.auth:washing.machine.reservation.edit" ])->only("edit", "update");
|
||||
$this->middleware([ "check.auth:washing.machine.reservation.delete" ])->only("delete");
|
||||
}
|
||||
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
|
|
|
@ -15,7 +15,7 @@ class Authenticate extends Middleware
|
|||
protected function redirectTo($request)
|
||||
{
|
||||
if (! $request->expectsJson()) {
|
||||
return route('login');
|
||||
return route('users.login');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
<div class="brand">
|
||||
<img src="{{URL::asset('/images/logos/Logo-hvid.svg')}}" alt="Syddansk Erhvervsskole">
|
||||
</div>
|
||||
<form action="" method="post">
|
||||
<form action="{{ route("users.login") }}" method="post">
|
||||
@csrf
|
||||
<input class="appinput" type="email" name="email" placeholder="Email" required>
|
||||
<input class="appinput" type="password" name="password" placeholder="Password" required>
|
||||
|
|
Loading…
Reference in New Issue