v0.10.17 - Added permission check (create/edit/delete) on all admin sites

skolehjem/resources/views/admin/events/index.blade.php

@@ -14,7 +14,9 @@
     date_default_timezone_set('Europe/Copenhagen');
     ?>
     <div class="row align-items-center">
-        <a class="btn btn-inline btn-sde-blue mb-0" href="{{ route('events.create') }}"><img src="{{ asset('/images/icons/plus.svg') }}" alt="Create">Opret Aktivitet</a>
+        @if(auth()->user()->can('event.show'))
+            <a class="btn btn-inline btn-sde-blue mb-0" href="{{ route('events.create') }}"><img src="{{ asset('/images/icons/plus.svg') }}" alt="Create">Opret Aktivitet</a>
+        @endif
 
         <form method="post" action="{{ route("events.store") }}">
             @csrf
@@ -28,8 +30,12 @@
             <th>Aktivitet Ansvarlig</th>
             <th>Aktivitet Dato</th>
             <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/eye.svg') }}" alt="Show"></th>
-            <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/pencil.svg') }}" alt="Update"></th>
-            <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/trashcan.svg') }}" alt="Delete"></th>
+            @if(auth()->user()->can('event.edit'))
+                <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/pencil.svg') }}" alt="Update"></th>
+            @endif
+            @if(auth()->user()->can('event.delete'))
+                <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/trashcan.svg') }}" alt="Delete"></th>
+            @endif
         </tr>
         @foreach($events as $event)
             @if (date('Y-m-d H:i', strtotime('-1 day')) < date('Y-m-d H:i', strtotime($event->date)))
@@ -38,14 +44,18 @@
                     <td>{{ $event->accountable }}</td>
                     <td>{{ \Illuminate\Support\Facades\Date::createFromTimeStamp(strtotime($event->date))->format('d/m/Y \k\l\. H:i') }}</td>
                     <td><a href="{{ route("events.signups", [ "event" => $event ]) }}"><img class="w-100" src="{{ asset('/images/icons/eye-dark.svg') }}" alt="Show"></a></td>
-                    <td><a href="{{ route("events.edit", [ "event" => $event ]) }}"><img class="w-100" src="{{ asset('/images/icons/pencil-dark.svg') }}" alt="Update"></a></td>
-                    <td><form method="post" action="{{ route("events.destroy", [ "event" => $event ]) }}" class="w-100 nostyle">
-                            @csrf
-                            @method("delete")
+                    @if(auth()->user()->can('event.edit'))
+                        <td><a href="{{ route("events.edit", [ "event" => $event ]) }}"><img class="w-100" src="{{ asset('/images/icons/pencil-dark.svg') }}" alt="Update"></a></td>
+                    @endif
+                    @if(auth()->user()->can('event.delete'))
+                        <td><form method="post" action="{{ route("events.destroy", [ "event" => $event ]) }}" class="w-100 nostyle">
+                                @csrf
+                                @method("delete")
 
-                            <button class="w-100 nostyle" onclick="return confirm('Are you sure you want to delete?');" type="submit"><img class="w-100 cursor-pointer" src="{{ asset('/images/icons/trashcan-dark.svg') }}" alt="Delete"></button>
-                        </form>
-                    </td>
+                                <button class="w-100 nostyle" onclick="return confirm('Are you sure you want to delete?');" type="submit"><img class="w-100 cursor-pointer" src="{{ asset('/images/icons/trashcan-dark.svg') }}" alt="Delete"></button>
+                            </form>
+                        </td>
+                    @endif
                 </tr>
             @endif
         @endforeach