added middleware to authenticate access to admin and mod views, plus seperated a few controllers
This commit is contained in:
mwalbeck
parent
6b8526971b
commit
66bf4390a1
10 changed files with 241 additions and 144 deletions
|
|
@ -13,7 +13,7 @@ class AdminController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('auth');
|
||||
$this->middleware(['auth', 'is.admin']);
|
||||
}
|
||||
|
||||
public function index()
|
||||
|
|
|
|||
121
app/Http/Controllers/AdministrativeTestController.php
Normal file
121
app/Http/Controllers/AdministrativeTestController.php
Normal file
|
|
@ -0,0 +1,121 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use App\Http\Requests;
|
||||
use App\Test;
|
||||
use App\Question;
|
||||
use App\Option;
|
||||
use App\Group;
|
||||
use App\Http\Requests\StoreTest;
|
||||
use App\Http\Requests\StoreQuestion;
|
||||
|
||||
class AdministrativeTestController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware(['auth', 'is.admin.mod']);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Common controller functions between moderators and administrators for handling tests and associated questions
|
||||
*
|
||||
*/
|
||||
public function addTest(StoreTest $request)
|
||||
{
|
||||
$test = new Test();
|
||||
$test->createTest($request->all());
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function confirmDeleteTest(Test $test)
|
||||
{
|
||||
return view('tests.delete', compact('test'));
|
||||
}
|
||||
|
||||
public function confirmDeleteQuestion(Question $question)
|
||||
{
|
||||
return view('tests.question.delete', compact('question'));
|
||||
}
|
||||
|
||||
public function deleteQuestion(Question $question)
|
||||
{
|
||||
$test = $question->test;
|
||||
$question->deleteQuestion();
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function deleteTest(Test $test)
|
||||
{
|
||||
$test->deleteTest();
|
||||
return redirect('/admin/tests');
|
||||
}
|
||||
|
||||
public function editQuestion(Question $question)
|
||||
{
|
||||
$options = $question->options;
|
||||
return view('tests.question.edit', compact('question'), compact('options'));
|
||||
}
|
||||
|
||||
public function newQuestion(Test $test)
|
||||
{
|
||||
$question_number = $test->nextQuestionNumber();
|
||||
return view('tests.question.new', compact('test'), compact('question_number'));
|
||||
}
|
||||
|
||||
public function updateTest(Test $test, StoreTest $request)
|
||||
{
|
||||
$test->updateTest($request->all());
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function showTest(Test $test)
|
||||
{
|
||||
$questions = $test->questions;
|
||||
return view('tests.show', compact('test'), compact('questions'));
|
||||
}
|
||||
|
||||
public function newTest()
|
||||
{
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$groups = Group::all();
|
||||
return view('tests.new', compact('groups'));
|
||||
}
|
||||
return view('tests.new');
|
||||
}
|
||||
|
||||
public function editTest(Test $test)
|
||||
{
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$groups = Group::all();
|
||||
return view('tests.edit', compact('test'), compact('groups'));
|
||||
}
|
||||
return view('tests.edit', compact('test'));
|
||||
}
|
||||
|
||||
public function addQuestion(Test $test, StoreQuestion $request)
|
||||
{
|
||||
$question = new Question;
|
||||
$question->addQuestion($test, $request);
|
||||
foreach ($request["options"] as $optionData) {
|
||||
$option = new Option;
|
||||
$option->addOption($question, $optionData);
|
||||
}
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function updateQuestion(Question $question, StoreQuestion $request)
|
||||
{
|
||||
$test = $question->test;
|
||||
$question->updateQuestion($request);
|
||||
$options = $question->options;
|
||||
$optionsData = $request["options"];
|
||||
foreach ($options as $key => $option) {
|
||||
$option->updateOption($optionsData[$key+1]);
|
||||
}
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
}
|
||||
|
|
@ -9,11 +9,11 @@ use App\Http\Requests\StoreUser;
|
|||
use App\User;
|
||||
use App\Group;
|
||||
|
||||
class UserController extends Controller
|
||||
class AdministrativeUserController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('auth');
|
||||
$this->middleware(['auth', 'is.admin.mod']);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -10,7 +10,7 @@ class ModeratorController extends Controller
|
|||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('auth');
|
||||
$this->middleware(['auth', 'is.mod']);
|
||||
}
|
||||
|
||||
public function index()
|
||||
|
|
|
|||
|
|
@ -15,6 +15,11 @@ use App\Http\Requests\StoreQuestion;
|
|||
|
||||
class TestController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('auth');
|
||||
}
|
||||
|
||||
public function startTest(Test $test)
|
||||
{
|
||||
if (null !== session("start_time") && session("time_limit") !== 0 && session("start_time")+session("time_limit") > time()) {
|
||||
|
|
@ -123,106 +128,4 @@ class TestController extends Controller
|
|||
$test->sessionPurge();
|
||||
return redirect("/home");
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Common controller functions between moderators and administrators for handling tests and associated questions
|
||||
*
|
||||
*/
|
||||
|
||||
public function addTest(StoreTest $request)
|
||||
{
|
||||
$test = new Test();
|
||||
$test->createTest($request->all());
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function confirmDeleteTest(Test $test)
|
||||
{
|
||||
return view('tests.delete', compact('test'));
|
||||
}
|
||||
|
||||
public function confirmDeleteQuestion(Question $question)
|
||||
{
|
||||
return view('tests.question.delete', compact('question'));
|
||||
}
|
||||
|
||||
public function deleteQuestion(Question $question)
|
||||
{
|
||||
$test = $question->test;
|
||||
$question->deleteQuestion();
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function deleteTest(Test $test)
|
||||
{
|
||||
$test->deleteTest();
|
||||
return redirect('/admin/tests');
|
||||
}
|
||||
|
||||
public function editQuestion(Question $question)
|
||||
{
|
||||
$options = $question->options;
|
||||
return view('tests.question.edit', compact('question'), compact('options'));
|
||||
}
|
||||
|
||||
public function newQuestion(Test $test)
|
||||
{
|
||||
$question_number = $test->nextQuestionNumber();
|
||||
return view('tests.question.new', compact('test'), compact('question_number'));
|
||||
}
|
||||
|
||||
public function updateTest(Test $test, StoreTest $request)
|
||||
{
|
||||
$test->updateTest($request->all());
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function showTest(Test $test)
|
||||
{
|
||||
$questions = $test->questions;
|
||||
return view('tests.show', compact('test'), compact('questions'));
|
||||
}
|
||||
|
||||
public function newTest()
|
||||
{
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$groups = Group::all();
|
||||
return view('tests.new', compact('groups'));
|
||||
}
|
||||
return view('tests.new');
|
||||
}
|
||||
|
||||
public function editTest(Test $test)
|
||||
{
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
$groups = Group::all();
|
||||
return view('tests.edit', compact('test'), compact('groups'));
|
||||
}
|
||||
return view('tests.edit', compact('test'));
|
||||
}
|
||||
|
||||
public function addQuestion(Test $test, StoreQuestion $request)
|
||||
{
|
||||
$question = new Question;
|
||||
$question->addQuestion($test, $request);
|
||||
foreach ($request["options"] as $optionData) {
|
||||
$option = new Option;
|
||||
$option->addOption($question, $optionData);
|
||||
}
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
public function updateQuestion(Question $question, StoreQuestion $request)
|
||||
{
|
||||
$test = $question->test;
|
||||
$question->updateQuestion($request);
|
||||
$options = $question->options;
|
||||
$optionsData = $request["options"];
|
||||
foreach ($options as $key => $option) {
|
||||
$option->updateOption($optionsData[$key+1]);
|
||||
}
|
||||
return redirect("/admin/tests/$test->id");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -52,5 +52,8 @@ class Kernel extends HttpKernel
|
|||
'can' => \Illuminate\Auth\Middleware\Authorize::class,
|
||||
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
|
||||
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
|
||||
'is.admin.mod' => \App\Http\Middleware\IsAdminOrMod::class,
|
||||
'is.admin' => \App\Http\Middleware\IsAdministrator::class,
|
||||
'is.mod' => \App\Http\Middleware\IsModerator::class,
|
||||
];
|
||||
}
|
||||
|
|
|
|||
24
app/Http/Middleware/IsAdminOrMod.php
Normal file
24
app/Http/Middleware/IsAdminOrMod.php
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class IsAdminOrMod
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if (Auth::user()->isAdministrator() || Auth::user()->isModerator()) {
|
||||
return $next($request);
|
||||
}
|
||||
return redirect("/home");
|
||||
}
|
||||
}
|
||||
23
app/Http/Middleware/IsAdministrator.php
Normal file
23
app/Http/Middleware/IsAdministrator.php
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
|
||||
class IsAdministrator
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if (Auth::user()->isAdministrator()) {
|
||||
return $next($request);
|
||||
}
|
||||
return redirect("/home");
|
||||
}
|
||||
}
|
||||
23
app/Http/Middleware/IsModerator.php
Normal file
23
app/Http/Middleware/IsModerator.php
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
|
||||
class IsModerator
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if (Auth::user()->isModerator()) {
|
||||
return $next($request);
|
||||
}
|
||||
return redirect("/home");
|
||||
}
|
||||
}
|
||||
|
|
@ -40,28 +40,28 @@ Route::group(['prefix' => 'mod'], function () {
|
|||
|
||||
Route::get('/', 'ModeratorController@index');
|
||||
Route::get('/tests', 'ModeratorController@showTests');
|
||||
Route::get('/tests/new', 'TestController@newTest');
|
||||
Route::post('/tests/new', 'TestController@addTest');
|
||||
Route::get('/tests/{test}', 'TestController@showTest');
|
||||
Route::get('/tests/{test}/edit', 'TestController@editTest');
|
||||
Route::patch('/tests/{test}/edit', 'TestController@updateTest');
|
||||
Route::get('/tests/{test}/delete', 'TestController@confirmDeleteTest');
|
||||
Route::delete('/tests/{test}/delete', 'TestController@deleteTest');
|
||||
Route::get('/tests/{test}/question', 'TestController@newQuestion');
|
||||
Route::post('/tests/{test}/question', 'TestController@addQuestion');
|
||||
Route::get('/questions/{question}/edit', 'TestController@editQuestion');
|
||||
Route::patch('/questions/{question}', 'TestController@updateQuestion');
|
||||
Route::get('/questions/{question}/delete', 'TestController@confirmDeleteQuestion');
|
||||
Route::delete('/questions/{question}/', 'TestController@deleteQuestion');
|
||||
Route::get('/tests/new', 'AdministrativeTestController@newTest');
|
||||
Route::post('/tests/new', 'AdministrativeTestController@addTest');
|
||||
Route::get('/tests/{test}', 'AdministrativeTestController@showTest');
|
||||
Route::get('/tests/{test}/edit', 'AdministrativeTestController@editTest');
|
||||
Route::patch('/tests/{test}/edit', 'AdministrativeTestController@updateTest');
|
||||
Route::get('/tests/{test}/delete', 'AdministrativeTestController@confirmDeleteTest');
|
||||
Route::delete('/tests/{test}/delete', 'AdministrativeTestController@deleteTest');
|
||||
Route::get('/tests/{test}/question', 'AdministrativeTestController@newQuestion');
|
||||
Route::post('/tests/{test}/question', 'AdministrativeTestController@addQuestion');
|
||||
Route::get('/questions/{question}/edit', 'AdministrativeTestController@editQuestion');
|
||||
Route::patch('/questions/{question}', 'AdministrativeTestController@updateQuestion');
|
||||
Route::get('/questions/{question}/delete', 'AdministrativeTestController@confirmDeleteQuestion');
|
||||
Route::delete('/questions/{question}/', 'AdministrativeTestController@deleteQuestion');
|
||||
|
||||
|
||||
Route::get('/users', 'ModeratorController@showUsers');
|
||||
Route::get('/users/new', 'UserController@newUser');
|
||||
Route::post('/users/new', 'UserController@addUser');
|
||||
Route::get('/users/{user}/edit', 'UserController@editUser');
|
||||
Route::post('/users/{user}/edit', 'UserController@updateUser');
|
||||
Route::get('/users/{user}/delete', 'UserController@confirmDeleteUser');
|
||||
Route::delete('/users/{user}', 'UserController@deleteUser');
|
||||
Route::get('/users/new', 'AdministrativeUserController@newUser');
|
||||
Route::post('/users/new', 'AdministrativeUserController@addUser');
|
||||
Route::get('/users/{user}/edit', 'AdministrativeUserController@editUser');
|
||||
Route::post('/users/{user}/edit', 'AdministrativeUserController@updateUser');
|
||||
Route::get('/users/{user}/delete', 'AdministrativeUserController@confirmDeleteUser');
|
||||
Route::delete('/users/{user}', 'AdministrativeUserController@deleteUser');
|
||||
});
|
||||
|
||||
/*---------- Routes for the administrator section ----------*/
|
||||
|
|
@ -73,29 +73,29 @@ Route::group(['prefix' => 'admin'], function () {
|
|||
Route::get('/tests', 'AdminController@showGroups');
|
||||
Route::get('/tests/all', 'AdminController@showAllTests');
|
||||
Route::get('/tests/group/{group}', 'AdminController@showGroupTests');
|
||||
Route::get('/tests/new', 'TestController@newTest');
|
||||
Route::post('/tests/new', 'TestController@addTest');
|
||||
Route::get('/tests/{test}', 'TestController@showTest');
|
||||
Route::get('/tests/{test}/edit', 'TestController@editTest');
|
||||
Route::patch('/tests/{test}/edit', 'TestController@updateTest');
|
||||
Route::get('/tests/{test}/delete', 'TestController@confirmDeleteTest');
|
||||
Route::delete('/tests/{test}/delete', 'TestController@deleteTest');
|
||||
Route::get('/tests/{test}/question', 'TestController@newQuestion');
|
||||
Route::post('/tests/{test}/question', 'TestController@addQuestion');
|
||||
Route::get('/questions/{question}/edit', 'TestController@editQuestion');
|
||||
Route::patch('/questions/{question}', 'TestController@updateQuestion');
|
||||
Route::get('/questions/{question}/delete', 'TestController@confirmDeleteQuestion');
|
||||
Route::delete('/questions/{question}/', 'TestController@deleteQuestion');
|
||||
Route::get('/tests/new', 'AdministrativeTestController@newTest');
|
||||
Route::post('/tests/new', 'AdministrativeTestController@addTest');
|
||||
Route::get('/tests/{test}', 'AdministrativeTestController@showTest');
|
||||
Route::get('/tests/{test}/edit', 'AdministrativeTestController@editTest');
|
||||
Route::patch('/tests/{test}/edit', 'AdministrativeTestController@updateTest');
|
||||
Route::get('/tests/{test}/delete', 'AdministrativeTestController@confirmDeleteTest');
|
||||
Route::delete('/tests/{test}/delete', 'AdministrativeTestController@deleteTest');
|
||||
Route::get('/tests/{test}/question', 'AdministrativeTestController@newQuestion');
|
||||
Route::post('/tests/{test}/question', 'AdministrativeTestController@addQuestion');
|
||||
Route::get('/questions/{question}/edit', 'AdministrativeTestController@editQuestion');
|
||||
Route::patch('/questions/{question}', 'AdministrativeTestController@updateQuestion');
|
||||
Route::get('/questions/{question}/delete', 'AdministrativeTestController@confirmDeleteQuestion');
|
||||
Route::delete('/questions/{question}/', 'AdministrativeTestController@deleteQuestion');
|
||||
|
||||
Route::get('/users', 'AdminController@showGroups');
|
||||
Route::get('/users/all', 'AdminController@showAllUsers');
|
||||
Route::get('/users/group/{group}', 'AdminController@showGroupUsers');
|
||||
Route::get('/users/new', 'UserController@newUser');
|
||||
Route::post('/users/new', 'UserController@addUser');
|
||||
Route::get('/users/{user}/edit', 'UserController@editUser');
|
||||
Route::post('/users/{user}/edit', 'UserController@updateUser');
|
||||
Route::get('/users/{user}/delete', 'UserController@confirmDeleteUser');
|
||||
Route::delete('/users/{user}', 'UserController@deleteUser');
|
||||
Route::get('/users/new', 'AdministrativeUserController@newUser');
|
||||
Route::post('/users/new', 'AdministrativeUserController@addUser');
|
||||
Route::get('/users/{user}/edit', 'AdministrativeUserController@editUser');
|
||||
Route::post('/users/{user}/edit', 'AdministrativeUserController@updateUser');
|
||||
Route::get('/users/{user}/delete', 'AdministrativeUserController@confirmDeleteUser');
|
||||
Route::delete('/users/{user}', 'AdministrativeUserController@deleteUser');
|
||||
|
||||
Route::get('/groups', 'GroupController@showGroups');
|
||||
Route::get('/groups/new', 'GroupController@newGroup');
|
||||
|
|
|
|||
Reference in a new issue