vict3459/Ekapp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
This commit is contained in:
Anders
2020-08-03 08:54:35 +02:00
parent 1d63879117 f14dc22d92
commit 5f6546e399
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skolehjem/app/Http/Controllers/UserController.php
+6 -4
View File
@@ -18,7 +18,7 @@ class UserController extends Controller
{
public function __construct()
{
$this->middleware([ "auth" ])->only(["logout", "accountedit", "accounteditpass"]);
$this->middleware([ "auth" ])->only(["logout"]);
$this->middleware([ "guest" ])->only("login");
$this->middleware([ "check.auth:user.list" ])->only("index");
@@ -26,6 +26,8 @@ class UserController extends Controller
$this->middleware([ "check.auth:user.create" ])->only("create");
$this->middleware([ "check.auth:user.edit" ])->only("edit", "update");
$this->middleware([ "check.auth:user.delete" ])->only("delete");
$this->middleware([ "check.auth:ownuser.edit" ])->only("update", "accountedit", "accounteditpass", "account");
}
/**
@@ -124,7 +126,7 @@ class UserController extends Controller
$user = User::find($id);
if($id === Auth::id() || auth()->user()->hasPermissionTo("user.edit")) {
if ($request->roles != null) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
if ($request->roles != null && auth()->user()->hasPermissionTo("user.edit")) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
if ($request->password != "") { // If you have edited the password, then run this
if ($request->password == $request->password2) { // If the password is the same as confirm password, then update everything from user
$data = $request->all();
@@ -148,8 +150,8 @@ class UserController extends Controller
//$user->save();
} else { // Else if you're not on the admin site (user site)
$data = $request->all();
if ($request->input('password') != null) { // If you're editing the password
$data = $request->only(['name_first', 'name_last', 'email', 'phone', 'password']);
if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back with fail message.
return redirect()->route("users.accounteditpass")->with('error#notsamepass', '<p class="text-center">Der stod ikke det samme i `Nyt Password` & `Bekræft Nyt Password`!</p>');
} elseif (!Hash::check($request->input('oldpassword'), $user->password)) { // If the written current password and current password in DB is not the same, go back with fail message.
@@ -162,7 +164,7 @@ class UserController extends Controller
return redirect()->route("users.login")->with('success#passwordchange', '<p class="text-center text-white">Dit password er hermed ændret!</p>');
}
} else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user.
$data = $request->all();
$data = $request->only(['name_first', 'name_last', 'email', 'phone']);
$user->update($data);
return redirect()->route("users.account")->with('success#credentialschanged', '<p class="text-center">Dine oplysninger er hermed ændret!</p>');