v0.10.17 - Added permission check (create/edit/delete) on all admin sites

2020-08-31 10:57:26 +02:00
parent 0418805b7c
commit 7b157fcd90
11 changed files with 211 additions and 113 deletions
@@ -11,7 +11,9 @@

@section("content")
    <div class="row align-items-center">
-        <a class="btn btn-inline btn-sde-blue mb-0" href="{{ route('contacts.create') }}"><img src="{{ asset('/images/icons/plus.svg') }}" alt="Create">Opret Kontakt</a>
+        @if(auth()->user()->can('contact.create'))
+            <a class="btn btn-inline btn-sde-blue mb-0" href="{{ route('contacts.create') }}"><img src="{{ asset('/images/icons/plus.svg') }}" alt="Create">Opret Kontakt</a>
+        @endif

        <form method="post" action="{{ route("users.store") }}">
            @csrf
@@ -20,7 +22,7 @@
        <button id="filterButton" type="button" class="btn btn-sde-blue mb-0">Filter</button>
    </div>

-    <div id="showHideCheckbox" class="mt-1  ">
+    <div id="showHideCheckbox" class="mt-1">
        <input class="checkbox-inline" type="checkbox" name="checkbox" id="navn" value="navn">
        <label for="navn">Navn</label>
        <input class="checkbox-inline" type="checkbox" name="checkbox" id="titel" value="titel">
@@ -38,8 +40,12 @@
            <th>Titel</th>
            <th>E-mail</th>
            <th>Tlf</th>
-            <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/pencil.svg') }}" alt="Update"></th>
-            <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/trashcan.svg') }}" alt="Delete"></th>
+            @if(auth()->user()->can('contact.edit'))
+                <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/pencil.svg') }}" alt="Update"></th>
+            @endif
+            @if(auth()->user()->can('contact.delete'))
+                <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/trashcan.svg') }}" alt="Delete"></th>
+            @endif
        </tr>
        @foreach($contacts as $contact)
            <tr>
@@ -47,14 +53,18 @@
                <td>{{ $contact->title }}</td>
                <td>{{ $contact->email }}</td>
                <td>{{ $contact->phone }}</td>
-                <td><a href="{{ route("contacts.edit", [ "contact" => $contact ]) }}"><img class="w-100" src="{{ asset('/images/icons/pencil-dark.svg') }}" alt="Update"></a></td>
-                <td><form method="post" action="{{ route("contacts.destroy", [ "contact" => $contact ]) }}" class="w-100 nostyle">
-                        @csrf
-                        @method("delete")
+                @if(auth()->user()->can('contact.edit'))
+                    <td><a href="{{ route("contacts.edit", [ "contact" => $contact ]) }}"><img class="w-100" src="{{ asset('/images/icons/pencil-dark.svg') }}" alt="Update"></a></td>
+                @endif
+                @if(auth()->user()->can('contact.delete'))
+                    <td><form method="post" action="{{ route("contacts.destroy", [ "contact" => $contact ]) }}" class="w-100 nostyle">
+                            @csrf
+                            @method("delete")

-                        <button class="w-100 nostyle" onclick="return confirm('Are you sure you want to delete?');" type="submit"><img class="w-100 cursor-pointer" src="{{ asset('/images/icons/trashcan-dark.svg') }}" alt="Delete"></button>
-                    </form>
-                </td>
+                            <button class="w-100 nostyle" onclick="return confirm('Are you sure you want to delete?');" type="submit"><img class="w-100 cursor-pointer" src="{{ asset('/images/icons/trashcan-dark.svg') }}" alt="Delete"></button>
+                        </form>
+                    </td>
+                @endif
            </tr>
        @endforeach
    </table>