Adjust and apply user's authorization to the system

8 years ago · b6b55a13ac
7 changed files with 14 additions and 42 deletions
--- a/app/Http/Requests/Tasks/CreateRequest.php
+++ b/app/Http/Requests/Tasks/CreateRequest.php
@ -2,7 +2,6 @@

 namespace App\Http\Requests\Tasks;

-use App\Entities\Projects\Job;
 use App\Http\Requests\Request;

 class CreateRequest extends Request
@ -14,8 +13,7 @@ class CreateRequest extends Request
     */
    public function authorize()
    {
-        $job = Job::findOrFail($this->segment(2));
-        return auth()->user()->can('manage_job', $job);
+        return auth()->user()->can('manage_agency');
    }

    /**
--- a/app/Http/Requests/Tasks/DeleteRequest.php
+++ b/app/Http/Requests/Tasks/DeleteRequest.php
@ -2,7 +2,6 @@

 namespace App\Http\Requests\Tasks;

-use App\Entities\Projects\Job;
 use App\Http\Requests\Request;

 class DeleteRequest extends Request
@ -15,8 +14,7 @@ class DeleteRequest extends Request
     */
    public function authorize()
    {
-        $job = Job::findOrFail($this->get('job_id'));
-        return auth()->user()->can('manage_job', $job);
+        return auth()->user()->can('manage_agency');
    }

    /**
--- a/app/Http/Requests/Tasks/UpdateRequest.php
+++ b/app/Http/Requests/Tasks/UpdateRequest.php
@ -2,7 +2,6 @@

 namespace App\Http\Requests\Tasks;

-use App\Entities\Projects\Job;
 use App\Http\Requests\Request;

 class UpdateRequest extends Request
@ -15,8 +14,7 @@ class UpdateRequest extends Request
     */
    public function authorize()
    {
-        $job = Job::findOrFail($this->get('job_id'));
-        return auth()->user()->can('manage_job', $job);
+        return auth()->user()->can('manage_agency');
    }

    /**
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@ -33,29 +33,13 @@ class AuthServiceProvider extends ServiceProvider
        // Dynamically register permissions with Laravel's Gate.
        foreach ($this->getPermissions() as $permission) {
            Gate::define($permission, function ($user) {
-                return true;
+                return $user->hasRole('admin');
            });
        }

-        Gate::define('manage_agency', function ($user) {
-            return true;
-        });
-
-        Gate::define('add_project', function ($user) {
-            return true;
-        });
-
-        Gate::define('manage_project', function ($user, $project) {
-            return true;
-        });
-
        Gate::define('manage_jobs', function ($user, $project) {
            return true;
        });
-
-        Gate::define('manage_job', function ($user, $job) {
-            return $user->id == $job->worker_id;
-        });
    }

    /**
@ -66,13 +50,11 @@ class AuthServiceProvider extends ServiceProvider
    protected function getPermissions()
    {
        return [
-            'manage_users',
+            'manage_agency',
            'manage_backups',
            'manage_options',
-            'manage_projects',
            'manage_payments',
            'manage_subscriptions',
-            'see_reports',
        ];
    }
 }
--- a/resources/views/layouts/partials/sidebar.blade.php
+++ b/resources/views/layouts/partials/sidebar.blade.php
@ -28,17 +28,9 @@
            <li>{!! html_link_to_route('payments.index', trans('payment.payments'), [], ['icon' => 'money']) !!}</li>
            <li>{!! html_link_to_route('customers.index', trans('customer.list'), [], ['icon' => 'users']) !!}</li>
            <li>{!! html_link_to_route('vendors.index', trans('vendor.list'), [], ['icon' => 'users']) !!}</li>
-            <li>
-                <a href="{{ route('options.index') }}"><i class="fa fa-gears fa-fw"></i> Options <span class="fa arrow"></span></a>
-                <ul class="nav nav-second-level">
-                    @can('manage_options')
-                    <li><a href="{{ route('options.index') }}"><i class="fa fa-gears fa-fw"></i> Options</a></li>
-                    @endcan
-                    @can('manage_backups')
-                    <li><a href="{{ route('backups.index') }}"><i class="fa fa-refresh fa-fw"></i> Backup/Restore DB</a></li>
-                    @endcan
-                </ul>
-            </li>
+            @endcan
+            @can('manage_backups')
+            <li><a href="{{ route('backups.index') }}"><i class="fa fa-refresh fa-fw"></i> Backup/Restore DB</a></li>
            @endcan
            <li>{!! html_link_to_route('auth.change-password', trans('auth.change_password'), [], ['icon' => 'lock']) !!}</li>
            <li>{!! html_link_to_route('auth.logout', trans('auth.logout'), [], ['icon' => 'sign-out']) !!}</li>
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@ -12,7 +12,10 @@
            <div class="panel-body">
                {!! FormField::text('name', ['label' => trans('app.name')]) !!}
                {!! FormField::email('email', ['label' => trans('user.email')]) !!}
-                {!! FormField::checkboxes('role', $roles::toArray(), ['label' => trans('user.role')]) !!}
+                {!! FormField::checkboxes('role', $roles::toArray(), [
+                    'label' => trans('user.role'),
+                    'value' => $user->roles->pluck('role_id')
+                ]) !!}

                {!! FormField::password('password', [
                    'label' => trans('auth.password'),
--- a/tests/TestCase.php
+++ b/tests/TestCase.php
@ -30,7 +30,7 @@ abstract class TestCase extends BaseTestCase

    protected function userSigningIn()
    {
-        $user = $this->createUser();
+        $user = $this->createUser('worker');
        $this->actingAs($user);

        return $user;
@ -39,6 +39,7 @@ abstract class TestCase extends BaseTestCase
    protected function createUser($role = 'admin')
    {
        $user = factory(User::class)->create();
+        $user->assignRole($role);
        return $user;
    }