Cleaned up admin and mod authorization on routes and added UserPolicy

This commit is contained in:
mwalbeck 2016-10-26 13:10:30 +02:00
parent 66bf4390a1
commit 1233f02d40
13 changed files with 116 additions and 53 deletions

View file

@ -13,7 +13,7 @@ class AdminController extends Controller
{
public function __construct()
{
$this->middleware(['auth', 'is.admin']);
$this->middleware('auth');
}
public function index()

View file

@ -16,7 +16,7 @@ class AdministrativeTestController extends Controller
{
public function __construct()
{
$this->middleware(['auth', 'is.admin.mod']);
$this->middleware('auth');
}
/**

View file

@ -13,7 +13,7 @@ class AdministrativeUserController extends Controller
{
public function __construct()
{
$this->middleware(['auth', 'is.admin.mod']);
$this->middleware('auth');
}
/**
@ -23,11 +23,15 @@ class AdministrativeUserController extends Controller
*/
public function confirmDeleteUser(User $user)
{
$this->authorize('delete', $user);
return view('users.delete', compact('user'));
}
public function deleteUser(User $user)
{
$this->authorize('delete', $user);
$user->deleteUser();
return redirect('/admin/users');
}
@ -40,6 +44,8 @@ class AdministrativeUserController extends Controller
*/
public function newUser()
{
$this->authorize('create', User::class);
if (Auth::user()->isAdministrator()) {
$groups = Group::all();
return view('users.new', compact('groups'));
@ -47,7 +53,6 @@ class AdministrativeUserController extends Controller
return view('users.new');
}
/**
*
* Function for adding a user.
@ -55,6 +60,8 @@ class AdministrativeUserController extends Controller
*/
public function addUser(StoreUser $request)
{
$this->authorize('create', User::class);
$user = new User;
$user->addUser($request->all());
return redirect('/admin/users');
@ -67,6 +74,8 @@ class AdministrativeUserController extends Controller
*/
public function editUser(User $user)
{
$this->authorize('edit', $user);
if (Auth::user()->isAdministrator()) {
$groups = Group::all();
return view("users.edit", compact("groups", "user"));
@ -76,6 +85,8 @@ class AdministrativeUserController extends Controller
public function updateUser(User $user, StoreUser $request)
{
$this->authorize('edit', $user);
$user->updateUser($request->all());
return redirect("/admin/users/group/$user->group_id");
}

View file

@ -10,7 +10,7 @@ class ModeratorController extends Controller
{
public function __construct()
{
$this->middleware(['auth', 'is.mod']);
$this->middleware('auth');
}
public function index()