mwalbeck/laravel-elearning
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Added the rest of the policy files

Browse source
This commit is contained in:
mwalbeck 2016-10-26 16:17:58 +02:00
parent 1233f02d40
commit 6511f3a248
8 changed files with 326 additions and 55 deletions

135
app/Http/Controllers/AdministrativeTestController.php
View file

@ -21,65 +21,21 @@ class AdministrativeTestController extends Controller
/**
*
* Common controller functions between moderators and administrators for handling tests and associated questions
* Common controller functions between moderators and administrators for handling tests
*
*/
public function addTest(StoreTest $request)
{
$test = new Test();
$test->createTest($request->all());
return redirect("/admin/tests/$test->id");
}
public function confirmDeleteTest(Test $test)
{
return view('tests.delete', compact('test'));
}
public function confirmDeleteQuestion(Question $question)
{
return view('tests.question.delete', compact('question'));
}
public function deleteQuestion(Question $question)
{
$test = $question->test;
$question->deleteQuestion();
return redirect("/admin/tests/$test->id");
}
public function deleteTest(Test $test)
{
$test->deleteTest();
return redirect('/admin/tests');
}
public function editQuestion(Question $question)
{
$options = $question->options;
return view('tests.question.edit', compact('question'), compact('options'));
}
public function newQuestion(Test $test)
{
$question_number = $test->nextQuestionNumber();
return view('tests.question.new', compact('test'), compact('question_number'));
}
public function updateTest(Test $test, StoreTest $request)
{
$test->updateTest($request->all());
return redirect("/admin/tests/$test->id");
}
public function showTest(Test $test)
{
$this->authorize('view', $test);
$questions = $test->questions;
return view('tests.show', compact('test'), compact('questions'));
}
public function newTest()
{
$this->authorize('create', Test::class);
if (Auth::user()->isAdministrator()) {
$groups = Group::all();
return view('tests.new', compact('groups'));
@ -87,17 +43,68 @@ class AdministrativeTestController extends Controller
return view('tests.new');
}
public function addTest(StoreTest $request)
{
$this->authorize('create', Test::class);
$test = new Test();
$test->createTest($request->all());
return redirect("/admin/tests/$test->id");
}
public function editTest(Test $test)
{
$this->authorize('update', $test);
if (Auth::user()->isAdministrator()) {
$groups = Group::all();
return view('tests.edit', compact('test'), compact('groups'));
}
return view('tests.edit', compact('test'));
}
}
public function updateTest(Test $test, StoreTest $request)
{
$this->authorize('update', $test);
$test->updateTest($request->all());
return redirect("/admin/tests/$test->id");
}
public function confirmDeleteTest(Test $test)
{
$this->authorize('delete', $test);
return view('tests.delete', compact('test'));
}
public function deleteTest(Test $test)
{
$this->authorize('delete', $test);
$test->deleteTest();
return redirect('/admin/tests');
}
/**
*
* Common controller functions between moderators and administrators for handling questions
*
*/
public function newQuestion(Test $test)
{
$this->authorize('createQuestion', $test);
$this->authorize('create', Question::class);
$question_number = $test->nextQuestionNumber();
return view('tests.question.new', compact('test'), compact('question_number'));
}
public function addQuestion(Test $test, StoreQuestion $request)
{
$this->authorize('createQuestion', $test);
$this->authorize('create', Question::class);
$question = new Question;
$question->addQuestion($test, $request);
foreach ($request["options"] as $optionData) {
@ -107,8 +114,18 @@ class AdministrativeTestController extends Controller
return redirect("/admin/tests/$test->id");
}
public function editQuestion(Question $question)
{
$this->authorize('update', $question);
$options = $question->options;
return view('tests.question.edit', compact('question'), compact('options'));
}
public function updateQuestion(Question $question, StoreQuestion $request)
{
$this->authorize('update', $question);
$test = $question->test;
$question->updateQuestion($request);
$options = $question->options;
@ -118,4 +135,20 @@ class AdministrativeTestController extends Controller
}
return redirect("/admin/tests/$test->id");
}
}
public function confirmDeleteQuestion(Question $question)
{
$this->authorize('delete', $question);
return view('tests.question.delete', compact('question'));
}
public function deleteQuestion(Question $question)
{
$this->authorize('delete', $question);
$test = $question->test;
$question->deleteQuestion();
return redirect("/admin/tests/$test->id");
}
}

4
app/Http/Controllers/AdministrativeUserController.php
View file

@ -74,7 +74,7 @@ class AdministrativeUserController extends Controller
*/
public function editUser(User $user)
{
$this->authorize('edit', $user);
$this->authorize('update', $user);
if (Auth::user()->isAdministrator()) {
$groups = Group::all();
@ -85,7 +85,7 @@ class AdministrativeUserController extends Controller
public function updateUser(User $user, StoreUser $request)
{
$this->authorize('edit', $user);
$this->authorize('update', $user);
$user->updateUser($request->all());
return redirect("/admin/users/group/$user->group_id");

14
app/Http/Controllers/GroupController.php
View file

@ -17,17 +17,23 @@ class GroupController extends Controller
public function showGroups()
{
$this->authorize('viewall', Group::class);
$groups = Group::all();
return view('groups.showall', compact('groups'));
}
public function newGroup()
{
$this->authorize('create', Group::class);
return view('groups.new');
}
public function addGroup(StoreGroup $request)
{
$this->authorize('create', Group::class);
$group = new Group;
$group->addGroup($request->all());
return redirect('/admin/groups');
@ -35,22 +41,30 @@ class GroupController extends Controller
public function editGroup(Group $group)
{
$this->authorize('update', $group);
return view('groups.edit', compact('group'));
}
public function updateGroup(Group $group, StoreGroup $request)
{
$this->authorize('update', $group);
$group->updateGroup($request->all());
return redirect("/admin/groups");
}
public function confirmDeleteGroup(Group $group)
{
$this->authorize('delete', $group);
return view('groups.delete', compact('group'));
}
public function deleteGroup(Group $group)
{
$this->authorize('delete', $group);
$group->deleteGroup();
return redirect('/admin/groups');
}

78
app/Policies/GroupPolicy.php Normal file
View file

@ -0,0 +1,78 @@
<?php
namespace App\Policies;
use App\User;
use App\Group;
use Illuminate\Auth\Access\HandlesAuthorization;
class GroupPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view the group.
*
* @param \App\User $user
* @param \App\Group $group
* @return mixed
*/
public function view(User $user, Group $group)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $group->id)) {
return true;
}
return false;
}
public function viewall(User $user)
{
if ($user->isAdministrator()) {
return true;
}
return false;
}
/**
* Determine whether the user can create groups.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
if ($user->isAdministrator()) {
return true;
}
return false;
}
/**
* Determine whether the user can update the group.
*
* @param \App\User $user
* @param \App\Group $group
* @return mixed
*/
public function update(User $user, Group $group)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $group->group_id)) {
return true;
}
return false;
}
/**
* Determine whether the user can delete the group.
*
* @param \App\User $user
* @return mixed
*/
public function delete(User $user)
{
if ($user->isAdministrator()) {
return true;
}
return false;
}
}

58
app/Policies/QuestionPolicy.php Normal file
View file

@ -0,0 +1,58 @@
<?php
namespace App\Policies;
use App\User;
use App\Question;
use App\Test;
use Illuminate\Auth\Access\HandlesAuthorization;
class QuestionPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can create questions.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
if ($user->isAdministrator() || $user->isModerator()) {
dd("hit");
return true;
}
return false;
}
/**
* Determine whether the user can update the question.
*
* @param \App\User $user
* @param \App\Question $question
* @return mixed
*/
public function update(User $user, Question $question)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $question->test->group_id)) {
return true;
}
return false;
}
/**
* Determine whether the user can delete the question.
*
* @param \App\User $user
* @param \App\Question $question
* @return mixed
*/
public function delete(User $user, Question $question)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $question->test->group_id)) {
return true;
}
return false;
}
}

80
app/Policies/TestPolicy.php Normal file
View file

@ -0,0 +1,80 @@
<?php
namespace App\Policies;
use App\User;
use App\Question;
use App\Test;
use Illuminate\Auth\Access\HandlesAuthorization;
class TestPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view the test.
*
* @param \App\User $user
* @param \App\Test $test
* @return mixed
*/
public function view(User $user, Test $test)
{
if ($user->isAdministrator() || ($user->isModerator() AND ($user->group_id === $test->group_id || $test->group_id === 1))) {
return true;
}
return false;
}
/**
* Determine whether the user can create tests.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
if ($user->isAdministrator() || $user->isModerator()) {
return true;
}
return false;
}
/**
* Determine whether the user can update the test.
*
* @param \App\User $user
* @param \App\Test $test
* @return mixed
*/
public function update(User $user, Test $test)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $test->group_id)) {
return true;
}
return false;
}
/**
* Determine whether the user can delete the test.
*
* @param \App\User $user
* @param \App\Test $test
* @return mixed
*/
public function delete(User $user, Test $test)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $test->group_id)) {
return true;
}
return false;
}
public function createQuestion(User $user, Test $test)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $test->group_id)) {
return true;
}
return false;
}
}

9
app/Policies/UserPolicy.php
View file

@ -27,9 +27,14 @@ class UserPolicy
return false;
}
public function view(User $user)
{
return false;
}
public function update(User $user, User $user2)
{
if ($user->isAdministrator() || $user->isModerator() AND $user->group_id === $user2->group_id) {
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $user2->group_id)) {
return true;
}
return false;
@ -37,7 +42,7 @@ class UserPolicy
public function delete(User $user, User $user2)
{
if ($user->isAdministrator() || $user->isModerator() AND $user->group_id === $user2->group_id || $user === $user2) {
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $user2->group_id) || $user === $user2) {
return true;
}
return false;

3
app/Providers/AuthServiceProvider.php
View file

@ -15,6 +15,9 @@ class AuthServiceProvider extends ServiceProvider
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
'App\User' => 'App\Policies\UserPolicy',
'App\Test' => 'App\Policies\TestPolicy',
'App\Group' => 'App\Policies\GroupPolicy',
'App\Question' => 'App\Policies\QuestionPolicy',
];
/**