From 3f1fb9377dc6dd8e2ae6506a15f117bde64132f8 Mon Sep 17 00:00:00 2001 From: Kevin Adametz Date: Tue, 4 Jan 2022 11:17:07 +0100 Subject: [PATCH] Zugriff Redakteur, Kundenhoheit API --- app/Http/Controllers/AttributeController.php | 2 +- app/Http/Controllers/CategoryController.php | 4 +- app/Http/Controllers/DataTableController.php | 2 +- app/Http/Controllers/IngredientController.php | 2 +- app/Http/Controllers/ProductController.php | 2 +- app/Http/Kernel.php | 1 + app/Http/Middleware/CopyReader.php | 26 +++++++++ app/Services/CustomerPriority.php | 1 + app/Services/HTMLHelper.php | 18 +++++-- app/User.php | 18 +++++-- resources/views/admin/user/index.blade.php | 2 +- .../layouts/includes/layout-sidenav.blade.php | 53 ++++++++++--------- routes/web.php | 39 +++++++------- 13 files changed, 109 insertions(+), 61 deletions(-) create mode 100644 app/Http/Middleware/CopyReader.php diff --git a/app/Http/Controllers/AttributeController.php b/app/Http/Controllers/AttributeController.php index 64797b4..3df29db 100755 --- a/app/Http/Controllers/AttributeController.php +++ b/app/Http/Controllers/AttributeController.php @@ -13,7 +13,7 @@ class AttributeController extends Controller public function __construct() { - $this->middleware('admin'); + $this->middleware('copyreader'); } public function index() diff --git a/app/Http/Controllers/CategoryController.php b/app/Http/Controllers/CategoryController.php index 81cacd9..63f459b 100755 --- a/app/Http/Controllers/CategoryController.php +++ b/app/Http/Controllers/CategoryController.php @@ -5,7 +5,7 @@ namespace App\Http\Controllers; use App\Models\Category; use App\Models\IqImage; use App\Models\ProductCategory; -use\Request; +use Request; class CategoryController extends Controller @@ -14,7 +14,7 @@ class CategoryController extends Controller public function __construct() { - $this->middleware('admin'); + $this->middleware('copyreader'); } public function index() diff --git a/app/Http/Controllers/DataTableController.php b/app/Http/Controllers/DataTableController.php index ced9cd8..2af67bf 100644 --- a/app/Http/Controllers/DataTableController.php +++ b/app/Http/Controllers/DataTableController.php @@ -15,7 +15,7 @@ class DataTableController extends Controller public function getUsers() { - $query = User::with('account')->select('users.*')->where('users.deleted_at', '=', null)->where('users.admin', "<", 4); + $query = User::with('account')->select('users.*')->where('users.deleted_at', '=', null)->where('users.admin', "<", 10); return \DataTables::eloquent($query) ->addColumn('first_name', function (User $user) { diff --git a/app/Http/Controllers/IngredientController.php b/app/Http/Controllers/IngredientController.php index bd4ad8f..4be7881 100755 --- a/app/Http/Controllers/IngredientController.php +++ b/app/Http/Controllers/IngredientController.php @@ -16,7 +16,7 @@ class IngredientController extends Controller public function __construct() { - $this->middleware('admin'); + $this->middleware('copyreader'); } public function index() diff --git a/app/Http/Controllers/ProductController.php b/app/Http/Controllers/ProductController.php index e2881cd..687edda 100755 --- a/app/Http/Controllers/ProductController.php +++ b/app/Http/Controllers/ProductController.php @@ -18,7 +18,7 @@ class ProductController extends Controller public function __construct(ProductRepository $productRepo) { - $this->middleware('admin'); + $this->middleware('copyreader'); $this->productRepo = $productRepo; } diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 5027fa1..368cf6f 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -54,6 +54,7 @@ class Kernel extends HttpKernel protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, + 'copyreader' => \App\Http\Middleware\CopyReader::class, 'admin' => \App\Http\Middleware\Admin::class, 'superadmin' => \App\Http\Middleware\SuperAdmin::class, 'sysadmin' => \App\Http\Middleware\SysAdmin::class, diff --git a/app/Http/Middleware/CopyReader.php b/app/Http/Middleware/CopyReader.php new file mode 100644 index 0000000..5f41726 --- /dev/null +++ b/app/Http/Middleware/CopyReader.php @@ -0,0 +1,26 @@ +isCopyReader() ) + { + return $next($request); + } + return redirect('/home'); + + } +} diff --git a/app/Services/CustomerPriority.php b/app/Services/CustomerPriority.php index 31a8765..4f48b9e 100644 --- a/app/Services/CustomerPriority.php +++ b/app/Services/CustomerPriority.php @@ -234,6 +234,7 @@ class CustomerPriority ->where('auth_user_id', '=', NULL) ->where('number', '!=', NULL) //has number ->where('id', '!=', $shopping_user->id) + ->where('member_id', '!=', $shopping_user->member_id) ->where('billing_lastname', '=', $shopping_user->billing_lastname) ->where('billing_zipcode', '=', $shopping_user->billing_zipcode) ->get()->pluck('number', 'id')->unique()->toArray(); diff --git a/app/Services/HTMLHelper.php b/app/Services/HTMLHelper.php index 8310aeb..f49a90a 100644 --- a/app/Services/HTMLHelper.php +++ b/app/Services/HTMLHelper.php @@ -33,9 +33,11 @@ class HTMLHelper private static $roles = [ 0 => 'Kunde', - 1 => 'Admin', - 2 => 'SuperAdmin', - 3 => 'SySAdmin', + 1 => 'Redakteur', + 7 => 'Admin', + 8 => 'SuperAdmin', + 9 => 'SySAdmin', + //10 => "API", ]; @@ -55,12 +57,18 @@ class HTMLHelper case 1: return 'badge-warning'; break; - case 2: + case 7: return 'badge-primary'; break; - case 3: + case 8: return 'badge-primary'; break; + case 9: + return 'badge-danger'; + break; + case 10: + return 'badge-danger'; + break; } } diff --git a/app/User.php b/app/User.php index 1e68345..5e396a6 100644 --- a/app/User.php +++ b/app/User.php @@ -220,12 +220,22 @@ class User extends Authenticatable return $ret; } + /** + * @return bool + */ + public function isCopyReader() + { + if($this->admin >= 1){ + return true; + } + return false; + } /** * @return bool */ public function isAdmin() { - if($this->admin >= 1){ + if($this->admin >= 7){ return true; } return false; @@ -236,7 +246,7 @@ class User extends Authenticatable */ public function isSuperAdmin() { - if($this->admin >= 2){ + if($this->admin >= 8){ return true; } return false; @@ -247,7 +257,7 @@ class User extends Authenticatable */ public function isSySAdmin() { - if($this->admin >= 3){ + if($this->admin >= 9){ return true; } return false; @@ -258,7 +268,7 @@ class User extends Authenticatable */ public function isApiUser() { - if($this->admin >= 4){ + if($this->admin >= 10){ return true; } return false; diff --git a/resources/views/admin/user/index.blade.php b/resources/views/admin/user/index.blade.php index d8e075b..362edc5 100644 --- a/resources/views/admin/user/index.blade.php +++ b/resources/views/admin/user/index.blade.php @@ -415,7 +415,7 @@ { data: 'action_delete', orderable: false, searchable: false}, ], "bLengthChange": false, - "iDisplayLength": 50, + "iDisplayLength": 25, "language": { "url": "/js/German.json" } diff --git a/resources/views/layouts/includes/layout-sidenav.blade.php b/resources/views/layouts/includes/layout-sidenav.blade.php index f114e28..dd22a73 100644 --- a/resources/views/layouts/includes/layout-sidenav.blade.php +++ b/resources/views/layouts/includes/layout-sidenav.blade.php @@ -108,11 +108,36 @@ @endif @endif + @if(Auth::user()->isCopyReader()) +
  • +
  • REDAKTEUR
    • +
  • + + +
    {{ __('navigation.products') }}
    +     + +
    • + + @endif @if(Auth::user()->isAdmin())
  • ADMIN
    • -
  • {{ __('navigation.member') }}
    • @@ -134,8 +159,6 @@ - -
  • @@ -152,29 +175,7 @@
    {{ __('navigation.invoice') }}
    • - - -
  • - - -
    {{ __('navigation.products') }}
    -     - -
    • - +
  • diff --git a/routes/web.php b/routes/web.php index 6c0b18d..6101827 100644 --- a/routes/web.php +++ b/routes/web.php @@ -202,26 +202,8 @@ Route::domain(config('app.domain'))->group(function () { Route::get('/user/promotion/delete/{id}/{del?}', 'User\PromotionController@delete')->name('user_promotion_delete'); }); - - Route::group(['middleware' => ['admin']], function() + Route::group(['middleware' => ['copyreader']], function() { - //translate - Route::get('/admin/translate/all', 'TranslationController@index')->name('admin_translate_all'); - Route::get('/admin/translate/all/edit/{lang}/{from?}', 'TranslationController@edit')->name('admin_translate_all_edit'); - Route::post('/admin/translate/all/update/{lang}/{from?}', 'TranslationController@update')->name('admin_translate_all_update'); - - Route::get('/admin/translate/file', 'TranslationFileController@index')->name('admin_translate_file'); - Route::get('/admin/translation/file/{file}/{language?}/{langsource?}/{show?}', 'TranslationFileController@edit')->name('admin_translate_file_edit'); - Route::post('/admin/translation/file/{file}/{language?}/{langsource?}/{show?}', 'TranslationFileController@update')->name('admin_translate_file_update'); - - //site - Route::get('/admin/sites/{site}', 'SitesController@show')->name('admin_sites'); - Route::post('/admin/sites/store/{site}', 'SitesController@store')->name('admin_sites_store'); - Route::post('/admin/sites/image/upload/{site}', 'SitesController@imageUpload')->name('admin_sites_image_upload'); - Route::get('/admin/sites/image/delete/{site}/{image_id}', 'SitesController@imageDelete')->name('admin_sites_image_delete'); - Route::get('/admin/sites/image/attribute/{site}/{image_id}/{attr}/{val}', 'SitesController@imageAttribute')->name('admin_sites_image_attribute'); - - //products Route::get('/admin/product/show', 'ProductController@index')->name('admin_product_show'); Route::post('/admin/product/store', 'ProductController@store')->name('admin_product_store'); @@ -255,8 +237,27 @@ Route::domain(config('app.domain'))->group(function () { Route::get('/admin/product/attributes', 'AttributeController@index')->name('admin_product_attributes'); Route::post('/admin/product/attribute/store', 'AttributeController@store')->name('admin_product_attribute_store'); Route::get('/admin/product/attribute/delete/{id}', 'AttributeController@delete')->name('admin_product_attribute_delete'); + }); + Route::group(['middleware' => ['admin']], function() + { + //translate + Route::get('/admin/translate/all', 'TranslationController@index')->name('admin_translate_all'); + Route::get('/admin/translate/all/edit/{lang}/{from?}', 'TranslationController@edit')->name('admin_translate_all_edit'); + Route::post('/admin/translate/all/update/{lang}/{from?}', 'TranslationController@update')->name('admin_translate_all_update'); + + Route::get('/admin/translate/file', 'TranslationFileController@index')->name('admin_translate_file'); + Route::get('/admin/translation/file/{file}/{language?}/{langsource?}/{show?}', 'TranslationFileController@edit')->name('admin_translate_file_edit'); + Route::post('/admin/translation/file/{file}/{language?}/{langsource?}/{show?}', 'TranslationFileController@update')->name('admin_translate_file_update'); + + //site + Route::get('/admin/sites/{site}', 'SitesController@show')->name('admin_sites'); + Route::post('/admin/sites/store/{site}', 'SitesController@store')->name('admin_sites_store'); + Route::post('/admin/sites/image/upload/{site}', 'SitesController@imageUpload')->name('admin_sites_image_upload'); + Route::get('/admin/sites/image/delete/{site}/{image_id}', 'SitesController@imageDelete')->name('admin_sites_image_delete'); + Route::get('/admin/sites/image/attribute/{site}/{image_id}/{attr}/{val}', 'SitesController@imageAttribute')->name('admin_sites_image_attribute'); + //Route::get('/admin/products/import', 'ImportProductController@import')->name('admin_product_import'); //leads