v0.10.17 - Added permission check (create/edit/delete) on all admin sites

2020-08-31 10:57:26 +02:00
parent 0418805b7c
commit 7b157fcd90
11 changed files with 211 additions and 113 deletions
@@ -11,7 +11,9 @@

@section("content")
    <div class="row align-items-center">
-        <a class="btn btn-inline btn-sde-blue mb-0" href="{{ route('washing-machines.create') }}"><img src="{{ asset('/images/icons/plus.svg') }}" alt="Create">Opret Vaskemaskine</a>
+        @if(auth()->user()->can('washing.machine.create'))
+            <a class="btn btn-inline btn-sde-blue mb-0" href="{{ route('washing-machines.create') }}"><img src="{{ asset('/images/icons/plus.svg') }}" alt="Create">Opret Vaskemaskine</a>
+        @endif
        <div class="mt-1 ml-1">
            <select name="risRosName" id="locationID">
                <option selected="selected" name="all" value="all">Alle</option>
@@ -25,21 +27,29 @@
        <tr>
            <th>Navn</th>
            <th>Lokation</th>
-            <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/pencil.svg') }}" alt="Update"></th>
-            <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/trashcan.svg') }}" alt="Delete"></th>
+            @if(auth()->user()->can('washing.machine.edit'))
+                <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/pencil.svg') }}" alt="Update"></th>
+            @endif
+            @if(auth()->user()->can('washing.machine.delete'))
+                <th style="width: 1em;"><img class="w-100" src="{{ asset('/images/icons/trashcan.svg') }}" alt="Delete"></th>
+            @endif
        </tr>
        @foreach($machines as $machine)
        <tr>
            <td>{{$machine->name}}</td>
            <td>{{\App\Location::query()->where("id", "=", $machine->location_id)->first()->name}}</td>
-            <td><a href="{{ route('washing-machines.edit', [ 'washing_machine' => $machine ]) }}"><img class="w-100" src="{{ asset('/images/icons/pencil-dark.svg') }}" alt="Update"></a></td>
-            <td><form method="post" action="{{ route('washing-machines.destroy', [ 'washing_machine' => $machine ]) }}" class="w-100 nostyle">
-                    @csrf
-                    @method("delete")
+            @if(auth()->user()->can('washing.machine.edit'))
+                <td><a href="{{ route('washing-machines.edit', [ 'washing_machine' => $machine ]) }}"><img class="w-100" src="{{ asset('/images/icons/pencil-dark.svg') }}" alt="Update"></a></td>
+            @endif
+            @if(auth()->user()->can('washing.machine.delete'))
+                <td><form method="post" action="{{ route('washing-machines.destroy', [ 'washing_machine' => $machine ]) }}" class="w-100 nostyle">
+                        @csrf
+                        @method("delete")

-                    <button class="w-100 nostyle" onclick="return confirm('Are you sure you want to delete?');" type="submit"><img class="w-100 cursor-pointer" src="{{ asset('/images/icons/trashcan-dark.svg') }}" alt="Delete"></button>
-                </form>
-            </td>
+                        <button class="w-100 nostyle" onclick="return confirm('Are you sure you want to delete?');" type="submit"><img class="w-100 cursor-pointer" src="{{ asset('/images/icons/trashcan-dark.svg') }}" alt="Delete"></button>
+                    </form>
+                </td>
+            @endif
        </tr>
        @endforeach
    </table>