Merge remote-tracking branch 'origin/master'
This commit is contained in:
Anders
commit
5f6546e399
|
|
@ -18,7 +18,7 @@ class UserController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware([ "auth" ])->only(["logout", "accountedit", "accounteditpass"]);
|
||||
$this->middleware([ "auth" ])->only(["logout"]);
|
||||
$this->middleware([ "guest" ])->only("login");
|
||||
|
||||
$this->middleware([ "check.auth:user.list" ])->only("index");
|
||||
|
|
@ -26,6 +26,8 @@ class UserController extends Controller
|
|||
$this->middleware([ "check.auth:user.create" ])->only("create");
|
||||
$this->middleware([ "check.auth:user.edit" ])->only("edit", "update");
|
||||
$this->middleware([ "check.auth:user.delete" ])->only("delete");
|
||||
|
||||
$this->middleware([ "check.auth:ownuser.edit" ])->only("update", "accountedit", "accounteditpass", "account");
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -124,7 +126,7 @@ class UserController extends Controller
|
|||
$user = User::find($id);
|
||||
|
||||
if($id === Auth::id() || auth()->user()->hasPermissionTo("user.edit")) {
|
||||
if ($request->roles != null) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
|
||||
if ($request->roles != null && auth()->user()->hasPermissionTo("user.edit")) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
|
||||
if ($request->password != "") { // If you have edited the password, then run this
|
||||
if ($request->password == $request->password2) { // If the password is the same as confirm password, then update everything from user
|
||||
$data = $request->all();
|
||||
|
|
@ -148,8 +150,8 @@ class UserController extends Controller
|
|||
|
||||
//$user->save();
|
||||
} else { // Else if you're not on the admin site (user site)
|
||||
$data = $request->all();
|
||||
if ($request->input('password') != null) { // If you're editing the password
|
||||
$data = $request->only(['name_first', 'name_last', 'email', 'phone', 'password']);
|
||||
if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back with fail message.
|
||||
return redirect()->route("users.accounteditpass")->with('error#notsamepass', '<p class="text-center">Der stod ikke det samme i `Nyt Password` & `Bekræft Nyt Password`!</p>');
|
||||
} elseif (!Hash::check($request->input('oldpassword'), $user->password)) { // If the written current password and current password in DB is not the same, go back with fail message.
|
||||
|
|
@ -162,7 +164,7 @@ class UserController extends Controller
|
|||
return redirect()->route("users.login")->with('success#passwordchange', '<p class="text-center text-white">Dit password er hermed ændret!</p>');
|
||||
}
|
||||
} else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user.
|
||||
$data = $request->all();
|
||||
$data = $request->only(['name_first', 'name_last', 'email', 'phone']);
|
||||
$user->update($data);
|
||||
|
||||
return redirect()->route("users.account")->with('success#credentialschanged', '<p class="text-center">Dine oplysninger er hermed ændret!</p>');
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@ class PermissionSeeder extends Seeder
|
|||
"user.show" => "Shows another user profile.",
|
||||
"user.edit" => "Allows editing of other users.",
|
||||
"user.delete" => "Allows deleting of other users.",
|
||||
"ownuser.edit" => "Allows editing of your own user",
|
||||
|
||||
/**
|
||||
* The CALENDAR specific permissions
|
||||
|
|
|
|||
|
|
@ -48,6 +48,7 @@ class RoleSeeder extends Seeder
|
|||
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "washing.machine.reservation.create")->first());
|
||||
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "washing.machine.reservation.delete")->first());
|
||||
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "washing.machine.reservation.list")->first());
|
||||
$brugerPermissions->add(\Spatie\Permission\Models\Permission::query()->where("name", "=", "ownuser.edit")->first());
|
||||
|
||||
//Give permissions to Bruger (id: 2)
|
||||
foreach ($brugerPermissions as $permission) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue