Cleaned up admin and mod authorization on routes and added UserPolicy
This commit is contained in:
parent
66bf4390a1
commit
1233f02d40
13 changed files with 116 additions and 53 deletions
|
@ -13,7 +13,7 @@ class AdminController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware(['auth', 'is.admin']);
|
||||
$this->middleware('auth');
|
||||
}
|
||||
|
||||
public function index()
|
||||
|
|
|
@ -16,7 +16,7 @@ class AdministrativeTestController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware(['auth', 'is.admin.mod']);
|
||||
$this->middleware('auth');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -13,7 +13,7 @@ class AdministrativeUserController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware(['auth', 'is.admin.mod']);
|
||||
$this->middleware('auth');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -23,11 +23,15 @@ class AdministrativeUserController extends Controller
|
|||
*/
|
||||
public function confirmDeleteUser(User $user)
|
||||
{
|
||||
$this->authorize('delete', $user);
|
||||
|
||||
return view('users.delete', compact('user'));
|
||||
}
|
||||
|
||||
public function deleteUser(User $user)
|
||||
{
|
||||
$this->authorize('delete', $user);
|
||||
|
||||
$user->deleteUser();
|
||||
return redirect('/admin/users');
|
||||
}
|
||||
|
@ -40,6 +44,8 @@ class AdministrativeUserController extends Controller
|
|||
*/
|
||||
public function newUser()
|
||||
{
|
||||
$this->authorize('create', User::class);
|
||||
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$groups = Group::all();
|
||||
return view('users.new', compact('groups'));
|
||||
|
@ -47,7 +53,6 @@ class AdministrativeUserController extends Controller
|
|||
return view('users.new');
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
* Function for adding a user.
|
||||
|
@ -55,6 +60,8 @@ class AdministrativeUserController extends Controller
|
|||
*/
|
||||
public function addUser(StoreUser $request)
|
||||
{
|
||||
$this->authorize('create', User::class);
|
||||
|
||||
$user = new User;
|
||||
$user->addUser($request->all());
|
||||
return redirect('/admin/users');
|
||||
|
@ -67,6 +74,8 @@ class AdministrativeUserController extends Controller
|
|||
*/
|
||||
public function editUser(User $user)
|
||||
{
|
||||
$this->authorize('edit', $user);
|
||||
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$groups = Group::all();
|
||||
return view("users.edit", compact("groups", "user"));
|
||||
|
@ -76,6 +85,8 @@ class AdministrativeUserController extends Controller
|
|||
|
||||
public function updateUser(User $user, StoreUser $request)
|
||||
{
|
||||
$this->authorize('edit', $user);
|
||||
|
||||
$user->updateUser($request->all());
|
||||
return redirect("/admin/users/group/$user->group_id");
|
||||
}
|
||||
|
|
|
@ -10,7 +10,7 @@ class ModeratorController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware(['auth', 'is.mod']);
|
||||
$this->middleware('auth');
|
||||
}
|
||||
|
||||
public function index()
|
||||
|
|
Reference in a new issue