vict3459
/
Ekapp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

v0.11.1 - Fixed roles and permissions

This commit is contained in:
frederikpyt 2020-09-02 11:40:36 +02:00
parent d7bfdaebf6
commit 4a64d49902
7 changed files with 74 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
skolehjem/app/Http/Controllers/UserController.php
View File

@ -22,7 +22,7 @@ class UserController extends Controller
{
public function __construct()
{
$this->middleware([ "auth" ])->only("logout");
$this->middleware([ "auth" ])->only(["accountupdate", "accountedit", "accounteditpass", "account", "logout"]);
$this->middleware([ "guest" ])->only("login");
$this->middleware([ "lang" ])->except(["login", "showLogin", "showForgot", "forgot"]);
@ -31,8 +31,6 @@ class UserController extends Controller
$this->middleware([ "check.auth:user.create" ])->only("create");
$this->middleware([ "check.auth:user.edit" ])->only(["edit", "update"]);
$this->middleware([ "check.auth:user.delete" ])->only("delete");
$this->middleware([ "check.auth:ownuser.edit" ])->only(["accountupdate", "accountedit", "accounteditpass", "account"]);
}
/**

2
skolehjem/app/Http/Controllers/UserEventController.php
View File

@ -12,6 +12,8 @@ class UserEventController extends Controller
{
$this->middleware(["auth"]);
$this->middleware(["lang"]);
$this->middleware([ "check.auth:userevent.create" ])->only("create");
$this->middleware([ "check.auth:userevent.delete" ])->only("destroy");
}
/**
* Update the specified resource in storage.

4
skolehjem/database/seeds/PermissionSeeder.php
View File

@ -21,7 +21,6 @@ class PermissionSeeder extends Seeder
"user.show" => "Shows another user profile.",
"user.edit" => "Allows editing of other users.",
"user.delete" => "Allows deleting of other users.",
"ownuser.edit" => "Allows editing of your own user",
/**
* The EVENT specific permissions
@ -30,6 +29,8 @@ class PermissionSeeder extends Seeder
"event.show" => "Shows a specific event",
"event.edit" => "Allows editing of events",
"event.delete" => "Allows deletion of events",
"userevent.create" => "Allows participation in an event",
"userevent.delete" => "Allows removing participation in an event",
/**
* The CONTACT specific permissions
@ -44,7 +45,6 @@ class PermissionSeeder extends Seeder
*/
"feedback.create" => "Creates a new feedback message",
"feedback.show" => "Shows a specific feedback message",
"feedback.edit" => "allows editing of feedback messages",
"feedback.delete" => "allows deletion of feedback messages",
/**

3
skolehjem/database/seeds/RoleSeeder.php
View File

@ -46,8 +46,9 @@ class RoleSeeder extends Seeder
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "washing.machine.reservation.create")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "washing.machine.reservation.delete")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "washing.machine.reservation.show")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "ownuser.edit")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "event.show")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "userevent.create")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "userevent.delete")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "guides.show")->first());
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "news.show")->first());

57
skolehjem/resources/views/admin/roles/create.blade.php
View File

@ -38,7 +38,7 @@
<div class="mb-2" style="width: 100%;">
<button id="kontoButton" type="button" class="btn btn-sde-blue mb-1 mr-1" value="konto">Konto rettigheder</button>
<button id="kontoButton" type="button" class="btn btn-sde-blue mb-1 mr-1" value="konto">App rettigheder</button>
<button id="adminButton" type="button" class="btn btn-sde-blue mb-1">Admin rettigheder</button>
</div>
@ -47,18 +47,11 @@
<small class="form-text text-muted">Her kan alle basale rettigheder for appens forbrugere slås til eller fra.</small>
<table class="tbl mb-2">
<tr>
<th>Konto</th>
<th>Beskrivelse</th>
<th>Create</th>
<th>Read</th>
<th>Delete</th>
</tr>
<tr>
<td>Konto</td>
<td><p>Egen bruger</p></td>
<td></td>
<td><input type="checkbox" name="value[]" value="ownuser.edit"></td>
<td></td>
<th>App-side</th>
<th>Beskrivelse kan fjernes?</th>
<th>Opret/Tilmeld</th>
<th>Se</th>
<th>Slet/Afmeld</th>
</tr>
<tr>
<td>Nyheder</td>
@ -77,9 +70,9 @@
<tr>
<td>Aktiviteter</td>
<td><p>Empty</p></td>
<td></td>
<td>//TEST<input id="EventCAccount" type="checkbox" name="value[]" value="userevent.create"></td>
<td><input id="EventRAccount" onclick="if ($('#EventR').prop('checked') == false) $('#EventR').prop('checked', true); else $('#EventR').prop('checked', false);" type="checkbox" name="value[]" value="event.show"></td>
<td></td>
<td>//TEST<input id="EventDAccount" type="checkbox" name="value[]" value="userevent.delete"></td>
</tr>
<tr>
<td>Reservationer</td>
@ -106,7 +99,7 @@
<td>Feedback</td>
<td>Empty</td>
<td><input id="FeedbackCAccount" onclick="if ($('#FeedbackC').prop('checked') == false) $('#FeedbackC').prop('checked', true); else $('#FeedbackC').prop('checked', false);" type="checkbox" name="value[]" value="feedback.create"></td>
<td><input id="FeedbackRAccount" onclick="if ($('#FeedbackR').prop('checked') == false) $('#FeedbackR').prop('checked', true); else $('#FeedbackR').prop('checked', false);" type="checkbox" name="value[]" value="feedback.show"></td>
<td></td>
<td></td>
</tr>
</table>
@ -118,22 +111,18 @@
<small class="form-text text-muted">Her kan alle rettigheder for administrationssiden slås til eller fra.</small>
<table class="tbl mb-2" >
<tr><!--Header Start-->
<th>Side</th>
<th>Beskrivelse</th>
<th>Create</th>
<th>Read</th>
<th>Update</th>
<th>Delete</th>
<th>Admin-side</th>
<th>Beskrivelse kan fjernes?</th>
<th>Opret</th>
<th>Se</th>
<th>Rediger</th>
<th>Slet</th>
<th>Fuld Kontrol</th>
</tr><!--Header Slut-->
<tr>
<td>Admin Panel</td>
<td><p>Adgang til admin panelet</p></td>
<td></td>
<td><input type="checkbox" name="value[]" value="admin.panel.show"></td>
<td></td>
<td></td>
<td></td>
<td colspan="5"><input type="checkbox" name="value[]" value="admin.panel.show"></td>
</tr>
<tr><!--Bruger Start-->
<td>Brugere</td>
@ -201,9 +190,9 @@
<tr>
<td>Reservationer</td>
<td>Empty</td>
<td><input id="ReservationC" onclick="if ($('#ReservationCAccount').prop('checked') == false) $('#ReservationCAccount').prop('checked', true); else $('#ReservationCAccount').prop('checked', false);" type="checkbox" name="value[]" value="washing.machine.reservation.create"></td>
<td></td>
<td><input id="ReservationR" onclick="if ($('#ReservationRAccount').prop('checked') == false) $('#ReservationRAccount').prop('checked', true); else $('#ReservationRAccount').prop('checked', false);" type="checkbox" name="value[]" value="washing.machine.reservation.show"></td>
<td><input id="ReservationU" type="checkbox" name="value[]" value="washing.machine.reservation.edit"></td>
<td></td>
<td><input id="ReservationD" onclick="if ($('#ReservationCAccount').prop('checked') == false) $('#ReservationDAccount').prop('checked', true); else $('#ReservationDAccount').prop('checked', false);" type="checkbox" name="value[]" value="washing.machine.reservation.delete"></td>
<td><input id="Reservation" type="checkbox" onclick="FullControl(this)"></td>
</tr>
@ -228,9 +217,9 @@
<tr>
<td>Feedback</td>
<td><p>Empty</p></td>
<td><input id="FeedbackC" onclick="if ($('#FeedbackCAccount').prop('checked') == false) $('#FeedbackCAccount').prop('checked', true); else $('#FeedbackCAccount').prop('checked', false);" type="checkbox" name="value[]" value="feedback.create"></td>
<td></td>
<td><input id="FeedbackR" onclick="if ($('#FeedbackRAccount').prop('checked') == false) $('#FeedbackRAccount').prop('checked', true); else $('#FeedbackRAccount').prop('checked', false);" type="checkbox" name="value[]" value="feedback.show"></td>
<td><input id="FeedbackU" type="checkbox" name="value[]" value="feedback.edit"></td>
<td></td>
<td><input id="FeedbackD" type="checkbox" name="value[]" value="feedback.delete"></td>
<td><input id="Feedback" type="checkbox" onclick="FullControl(this)"></td>
</tr>
@ -309,12 +298,12 @@
//Show konto settings
$("#kontoButton").click(function(){
var value = $('#kontoButton').text();
if(value === 'Konto rettigheder'){
if(value === 'App rettigheder'){
$('#konto').slideDown('slow');
$('#kontoButton').html('Luk konto rettigheder')
$('#kontoButton').html('Luk app rettigheder')
}else{
$('#konto').slideUp('slow');
$('#kontoButton').html('Konto rettigheder')
$('#kontoButton').html('App rettigheder')
}
});

70
skolehjem/resources/views/admin/roles/edit.blade.php
View File

@ -39,7 +39,7 @@
<div class="mb-2" style="width: 100%;">
<button id="kontoButton" type="button" class="btn btn-sde-blue mb-1 mr-1" value="konto">Rediger konto rettigheder</button>
<button id="kontoButton" type="button" class="btn btn-sde-blue mb-1 mr-1" value="konto">Rediger app rettigheder</button>
<button id="adminButton" type="button" class="btn btn-sde-blue mb-1">Rediger admin rettigheder</button>
</div>
@ -47,18 +47,11 @@
<small class="form-text text-muted">Her kan alle basale rettigheder for appens forbrugere slås til eller fra.</small>
<table class="tbl mb-2">
<tr>
<th>Konto</th>
<th>Beskrivelse</th>
<th>Create</th>
<th>Read</th>
<th>Delete</th>
</tr>
<tr>
<td>Konto</td>
<td><p>Egen bruger</p></td>
<td></td>
<td><input type="checkbox" name="value[]" value="ownuser.edit" @if ($role->hasPermissionTo("ownuser.edit")) checked @endif></td>
<td></td>
<th>App-side</th>
<th>Beskrivelse kan fjernes?</th>
<th>Opret/Tilmeld</th>
<th>Se</th>
<th>Slet/Afmeld</th>
</tr>
<tr>
<td>Nyheder</td>
@ -77,9 +70,9 @@
<tr>
<td>Aktiviteter</td>
<td><p>Empty</p></td>
<td></td>
<td>//TEST<input id="EventRAccount" type="checkbox" name="value[]" value="userevent.create" @if ($role->hasPermissionTo("userevent.create")) checked @endif></td>
<td><input id="EventRAccount" onclick="if ($('#EventR').prop('checked') == false) $('#EventR').prop('checked', true); else $('#EventR').prop('checked', false);" type="checkbox" name="value[]" value="event.show" @if ($role->hasPermissionTo("event.show")) checked @endif></td>
<td></td>
<td>//TEST<input id="EventRAccount" type="checkbox" name="value[]" value="userevent.delete" @if ($role->hasPermissionTo("userevent.delete")) checked @endif></td>
</tr>
<tr>
<td>Reservationer</td>
@ -106,7 +99,7 @@
<td>Feedback</td>
<td>Empty</td>
<td><input id="FeedbackCAccount" onclick="if ($('#FeedbackC').prop('checked') == false) $('#FeedbackC').prop('checked', true); else $('#FeedbackC').prop('checked', false);" type="checkbox" name="value[]" value="feedback.create" @if ($role->hasPermissionTo("feedback.create")) checked @endif></td>
<td><input id="FeedbackRAccount" onclick="if ($('#FeedbackR').prop('checked') == false) $('#FeedbackR').prop('checked', true); else $('#FeedbackR').prop('checked', false);" type="checkbox" name="value[]" value="feedback.show" @if ($role->hasPermissionTo("feedback.show")) checked @endif></td>
<td></td>
<td></td>
</tr>
</table>
@ -117,25 +110,21 @@
<div id="admin">
<small class="form-text text-muted">Her kan alle rettigheder for administrationssiden slås til eller fra.</small>
<table class="tbl mb-2" >
<tr><!--Header Start-->
<th>Admin</th>
<th>Beskrivelse</th>
<th>Create</th>
<th>Read</th>
<th>Update</th>
<th>Delete</th>
<tr>
<th>Admin-side</th>
<th>Beskrivelse kan fjernes?</th>
<th>Opret</th>
<th>Se</th>
<th>Rediger</th>
<th>Slet</th>
<th>Fuld Kontrol</th>
</tr><!--Header Slut-->
</tr>
<tr>
<td>Admin Panel</td>
<td><p>Adgang til admin panelet</p></td>
<td></td>
<td><input type="checkbox" name="value[]" value="admin.panel.show" @if ($role->hasPermissionTo("admin.panel.show")) checked @endif></td>
<td></td>
<td></td>
<td></td>
<td colspan="5"><input type="checkbox" name="value[]" value="admin.panel.show" @if ($role->hasPermissionTo("admin.panel.show")) checked @endif></td>
</tr>
<tr><!--Bruger Start-->
<tr>
<td>Brugere</td>
<td><p>Empty</p></td>
<td><input id="UserC" type="checkbox" name="value[]" value="user.create" @if ($role->hasPermissionTo("user.create")) checked @endif></td>
@ -143,7 +132,7 @@
<td><input id="UserU" type="checkbox" name="value[]" value="user.edit" @if ($role->hasPermissionTo("user.edit")) checked @endif></td>
<td><input id="UserD" type="checkbox" name="value[]" value="user.delete" @if ($role->hasPermissionTo("user.delete")) checked @endif></td>
<td><input id="User" type="checkbox" onclick="FullControl(this)"></td><!--Lave en rolle som give fuld adgang ligesom ownuser.edit-->
</tr><!--Bruger Start-->
</tr>
<tr>
<td>Roller</td>
<td><p>Empty</p></td>
@ -201,9 +190,9 @@
<tr>
<td>Reservationer</td>
<td>Empty</td>
<td><input id="ReservationC" onclick="if ($('#ReservationCAccount').prop('checked') == false) $('#ReservationCAccount').prop('checked', true); else $('#ReservationCAccount').prop('checked', false);" type="checkbox" name="value[]" value="washing.machine.reservation.create" @if ($role->hasPermissionTo("washing.machine.reservation.create")) checked @endif></td>
<td></td>
<td><input id="ReservationR" onclick="if ($('#ReservationRAccount').prop('checked') == false) $('#ReservationRAccount').prop('checked', true); else $('#ReservationRAccount').prop('checked', false);" type="checkbox" name="value[]" value="washing.machine.reservation.show" @if ($role->hasPermissionTo("washing.machine.reservation.show")) checked @endif></td>
<td><input id="ReservationU" type="checkbox" name="value[]" value="washing.machine.reservation.edit" @if ($role->hasPermissionTo("washing.machine.reservation.edit")) checked @endif></td>
<td></td>
<td><input id="ReservationD" onclick="if ($('#ReservationDAccount').prop('checked') == false) $('#ReservationDAccount').prop('checked', true); else $('#ReservationDAccount').prop('checked', false);" type="checkbox" name="value[]" value="washing.machine.reservation.delete" @if ($role->hasPermissionTo("washing.machine.reservation.delete")) checked @endif></td>
<td><input id="Reservation" type="checkbox" onclick="FullControl(this)"></td><!--Lave en rolle som give fuld adgang ligesom ownuser.edit-->
</tr>
@ -228,9 +217,9 @@
<tr>
<td>Feedback</td>
<td><p>Empty</p></td>
<td><input id="FeedbackC" onclick="if ($('#FeedbackCAccount').prop('checked') == false) $('#FeedbackCAccount').prop('checked', true); else $('#FeedbackCAccount').prop('checked', false);" type="checkbox" name="value[]" value="feedback.create" @if ($role->hasPermissionTo("feedback.create")) checked @endif></td>
<td></td>
<td><input id="FeedbackR" onclick="if ($('#FeedbackRAccount').prop('checked') == false) $('#FeedbackRAccount').prop('checked', true); else $('#FeedbackRAccount').prop('checked', false);" type="checkbox" name="value[]" value="feedback.show" @if ($role->hasPermissionTo("feedback.show")) checked @endif></td>
<td><input id="FeedbackU" type="checkbox" name="value[]" value="feedback.edit" @if ($role->hasPermissionTo("feedback.edit")) checked @endif></td>
<td></td>
<td><input id="FeedbackD" type="checkbox" name="value[]" value="feedback.delete" @if ($role->hasPermissionTo("feedback.delete")) checked @endif></td>
<td><input id="Feedback" type="checkbox" onclick="FullControl(this)"></td><!--Lave en rolle som give fuld adgang ligesom ownuser.edit-->
</tr>
@ -311,12 +300,12 @@
//Show konto settings
$("#kontoButton").click(function(){
var value = $('#kontoButton').text();
if(value === 'Rediger konto rettigheder'){
if(value === 'Rediger app rettigheder'){
$('#konto').slideDown('slow');
$('#kontoButton').html('Luk konto rettigheder')
$('#kontoButton').html('Luk app rettigheder')
}else{
$('#konto').slideUp('slow');
$('#kontoButton').html('Rediger konto rettigheder')
$('#kontoButton').html('Rediger app rettigheder')
}
});
@ -333,7 +322,7 @@
}
});
function FullControl(FC) { //FC == Full Controll
function FullControl(FC) { //FC == Full Control checkbox element
var Create = $(FC).attr('id') + 'C'; // Takes FC's ID Name and puts C at the back of it
var Read = $(FC).attr('id') + 'R'; // Takes FC's ID Name and puts R at the back of it
var Update = $(FC).attr('id') + 'U'; // Takes FC's ID Name and puts U at the back of it
@ -358,6 +347,9 @@
for (i = 0; i < arr.length; i++) {
if ($('#'+arr[i]+'C').prop('checked') == true && $('#'+arr[i]+'R').prop('checked') == true && $('#'+arr[i]+'U').prop('checked') == true && $('#'+arr[i]+'D').prop('checked') == true)
$('#'+arr[i]).prop('checked', true);
else if(arr[i] == 'Feedback' || arr[i] == 'Reservation')
if($('#'+arr[i]+'R').prop('checked') == true && $('#'+arr[i]+'D').prop('checked') == true)
$('#'+arr[i]).prop('checked', true);
}
});
</script>

16
skolehjem/resources/views/app/news/index.blade.php
View File

@ -45,16 +45,26 @@
.img{
width: 1em;
height: calc(1em + 20px);
margin-top: 5px;
margin-bottom: 5px;
margin-left: 5px;
font-size: 20px;
padding: 3px 10px;
border-color: cadetblue;
padding: 0 10px;
border-color: #00788a;
border-radius: 100%;
background-color: cadetblue;
background-color: #00788a;
line-height: 30px;
float: left;
display: flex;
justify-content: center;
}
.img > a {
width: 100%;
height: 100%;
display: flex;
justify-content: center;
}
.information{