Moderators can now create moderators and upgrade or downgrade other users, but not administrators
This commit is contained in:
mwalbeck
parent
0863dbb175
commit
1c28345ddf
6 changed files with 48 additions and 16 deletions
|
|
@ -56,7 +56,7 @@ class AdministrativeUserController extends Controller
|
|||
public function addUser(StoreUser $request)
|
||||
{
|
||||
$this->authorize('create', User::class);
|
||||
|
||||
|
||||
$user = new User;
|
||||
$user->addUser($request->all());
|
||||
return redirect("/" . Auth::user()->getAdminPath() . '/users');
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ class StoreUser extends FormRequest
|
|||
*
|
||||
* @return array
|
||||
*/
|
||||
public function rules(User $user)
|
||||
public function rules()
|
||||
{
|
||||
$start_pos = strpos(request()->path(), "users/")+6;
|
||||
$length = strpos(request()->path(), "/edit")-$start_pos;
|
||||
|
|
@ -48,7 +48,7 @@ class StoreUser extends FormRequest
|
|||
"password" => "required|alpha_dash|min:8",
|
||||
"group_id" => "integer|exists:groups,id|min:1",
|
||||
"enabled" => "required|boolean",
|
||||
"access_level" => "integer|min:1|max:3",
|
||||
"access_level" => "required|integer|min:1|max:3|access_mod",
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@
|
|||
namespace App\Providers;
|
||||
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Validator;
|
||||
|
||||
class AppServiceProvider extends ServiceProvider
|
||||
{
|
||||
|
|
@ -13,7 +15,17 @@ class AppServiceProvider extends ServiceProvider
|
|||
*/
|
||||
public function boot()
|
||||
{
|
||||
//
|
||||
Validator::extend('access_mod', function($attribute, $value, $parameters, $validator) {
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (Auth::user()->isModerator()) {
|
||||
return $value < 3;
|
||||
}
|
||||
return false;
|
||||
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
14
app/User.php
14
app/User.php
|
|
@ -87,12 +87,16 @@ class User extends Authenticatable
|
|||
$this->email = trim($request["email"]);
|
||||
$this->passwordHash($request["password"]);
|
||||
$this->enabled = $request["enabled"];
|
||||
if (Auth::user()->isModerator()) {
|
||||
Group::find(Auth::user()->group_id)->save($this);
|
||||
return true;
|
||||
}
|
||||
$this->access_level = $request["access_level"];
|
||||
$this->group_id = $request["group_id"];
|
||||
|
||||
if (Auth::user()->isModerator()) {
|
||||
$this->group_id = Auth::user()->group_id;
|
||||
}
|
||||
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$this->group_id = $request["group_id"];
|
||||
}
|
||||
|
||||
$this->save();
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,17 +31,25 @@
|
|||
<div class="form-group">
|
||||
<label>Enabled</label>
|
||||
<select name="enabled" class="form-control">
|
||||
<option value="1" @if ($user->enabled == 1) selected @endif>Yes</option>
|
||||
<option value="0" @if ($user->enabled == 0) selected @endif>No</option>
|
||||
<option value="1" @if ($user->enabled === 1) selected @endif>Yes</option>
|
||||
<option value="0" @if ($user->enabled === 0) selected @endif>No</option>
|
||||
</select>
|
||||
</div>
|
||||
@if (Auth::user()->isAdministrator())
|
||||
@if (Auth::user()->isModerator())
|
||||
<div class="form-group">
|
||||
<label>Access Level</label>
|
||||
<select name="access_level" class="form-control">
|
||||
<option value="1" @if ($user->access_level == 1) selected @endif>User</option>
|
||||
<option value="2" @if ($user->access_level == 2) selected @endif>Moderator</option>
|
||||
<option value="3" @if ($user->access_level == 3) selected @endif>Administrator</option>
|
||||
<option value="1" @if ($user->access_level === 1) selected @endif>User</option>
|
||||
<option value="2" @if ($user->access_level === 2) selected @endif>Moderator</option>
|
||||
</select>
|
||||
</div>
|
||||
@elseif (Auth::user()->isAdministrator())
|
||||
<div class="form-group">
|
||||
<label>Access Level</label>
|
||||
<select name="access_level" class="form-control">
|
||||
<option value="1" @if ($user->access_level === 1) selected @endif>User</option>
|
||||
<option value="2" @if ($user->access_level === 2) selected @endif>Moderator</option>
|
||||
<option value="3" @if ($user->access_level === 3) selected @endif>Administrator</option>
|
||||
</select>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
|
|
|
|||
|
|
@ -35,7 +35,15 @@
|
|||
<option value="0">No</option>
|
||||
</select>
|
||||
</div>
|
||||
@if (Auth::user()->isAdministrator())
|
||||
@if (Auth::user()->isModerator())
|
||||
<div class="form-group">
|
||||
<label>Access Level</label>
|
||||
<select name="access_level" class="form-control">
|
||||
<option value="1">User</option>
|
||||
<option value="2">Moderator</option>
|
||||
</select>
|
||||
</div>
|
||||
@elseif (Auth::user()->isAdministrator())
|
||||
<div class="form-group">
|
||||
<label>Access Level</label>
|
||||
<select name="access_level" class="form-control">
|
||||
|
|
|
|||
Reference in a new issue