odon
/
free-pmo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Apply project actions authorization

pull/6/head
Nafies Luthfi 8 years ago
parent
87e890ba64
commit
4f51094087
4 changed files with 20 additions and 36 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 19
      app/Http/Controllers/Projects/ProjectsController.php
  2. 33
      app/Http/Requests/Projects/DeleteRequest.php
  3. 2
      resources/views/projects/edit.blade.php
  4. 2
      resources/views/projects/index.blade.php

19
app/Http/Controllers/Projects/ProjectsController.php
View File

@ -6,7 +6,6 @@ use App\Entities\Projects\Project;
use App\Entities\Projects\ProjectsRepository;
use App\Http\Controllers\Controller;
use App\Http\Requests\Projects\CreateRequest;
use App\Http\Requests\Projects\DeleteRequest;
use App\Http\Requests\Projects\UpdateRequest;
use Illuminate\Http\Request;
@ -39,6 +38,8 @@ class ProjectsController extends Controller
public function create()
{
$this->authorize('create', new Project);
$customers = $this->repo->getCustomersList();
return view('projects.create', compact('customers'));
@ -46,6 +47,8 @@ class ProjectsController extends Controller
public function store(CreateRequest $request)
{
$this->authorize('create', new Project);
$project = $this->repo->create($request->except('_token'));
flash()->success(trans('project.created'));
@ -54,11 +57,15 @@ class ProjectsController extends Controller
public function show(Project $project)
{
$this->authorize('view', $project);
return view('projects.show', compact('project'));
}
public function edit(Project $project)
{
$this->authorize('update', $project);
$customers = $this->repo->getCustomersList();
return view('projects.edit', compact('project', 'customers'));
@ -66,6 +73,8 @@ class ProjectsController extends Controller
public function update(UpdateRequest $request, Project $project)
{
$this->authorize('update', $project);
$project = $this->repo->update($request->except(['_method', '_token']), $project->id);
flash()->success(trans('project.updated'));
@ -74,12 +83,16 @@ class ProjectsController extends Controller
public function delete(Project $project)
{
$this->authorize('delete', $project);
return view('projects.delete', compact('project'));
}
public function destroy(DeleteRequest $request, Project $project)
public function destroy(Project $project)
{
if ($project->id == $request->get('project_id')) {
$this->authorize('delete', $project);
if ($project->id == request('project_id')) {
$this->repo->delete($project->id);
flash()->success(trans('project.deleted'));
} else {

33
app/Http/Requests/Projects/DeleteRequest.php
View File

@ -1,33 +0,0 @@
<?php
namespace App\Http\Requests\Projects;
use App\Entities\Projects\Project;
use App\Http\Requests\Request;
class DeleteRequest extends Request
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
$project = Project::findOrFail($this->segment(2));
return auth()->user()->can('update', $project);
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'project_id' => 'required',
];
}
}

2
resources/views/projects/edit.blade.php
View File

@ -47,7 +47,9 @@
{!! Form::submit(trans('project.update'), ['class' =>'btn btn-primary']) !!}
{!! link_to_route('projects.show', trans('app.show'), [$project->id], ['class' => 'btn btn-info']) !!}
{!! link_to_route('projects.index', trans('project.back_to_index'), ['status' => $project->status_id], ['class' => 'btn btn-default']) !!}
@can('delete', $project)
{!! link_to_route('projects.delete', trans('app.delete'), [$project->id], ['class' =>'btn btn-danger pull-right']) !!}
@endcan
</div>
</div>
{!! Form::close() !!}

2
resources/views/projects/index.blade.php
View File

@ -4,7 +4,9 @@
@section('content')
<h1 class="page-header">
@can('create', new App\Entities\Projects\Project)
{!! link_to_route('projects.create', trans('project.create'), [], ['class' => 'btn btn-success pull-right']) !!}
@endcan
{{ trans('project.index_title', ['status' => $status]) }} <small>{{ $projects->total() }} {{ trans('project.found') }}</small>
</h1>
<div class="well well-sm text-right">

Write Preview
Loading…
Cancel
Save