developer/lk.zachem.info
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Добавлена политика на работу с агентствами

Browse Source
This commit is contained in:
Thekindbull 2025-11-11 16:06:38 +08:00
parent b5b50159a7
commit 14675465c4
8 changed files with 68 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/Modules/Main/Http/Controllers/Company/CreateAgentController.php
View File

@ -16,21 +16,11 @@ class CreateAgentController extends Controller
{ {
public function __invoke(Request $request, Company $company) public function __invoke(Request $request, Company $company)
{ {
if (!$company) if ($request->user()->cannot('update', $company))
{ {
$admin = CompanyAdmin::where('user_id', auth()->id()); abort(403, 'Unauthorized action');
if (!$admin->count())
{
abort(404);
return;
}
$admin = $admin->first();
$company = Company::find($admin->company_id);
}
if (!$company)
{
return back()->with('error', 'Не удалось установить принадлежность создаваемого агента');
} }
$user = User::where('email', $request->email)->orWhere('phone', $request->phone)->first(); $user = User::where('email', $request->email)->orWhere('phone', $request->phone)->first();
if ($user) if ($user)
{ {

5
app/Modules/Main/Http/Controllers/Company/CreateCompanyController.php
View File

@ -16,6 +16,11 @@ class CreateCompanyController extends Controller
*/ */
public function __invoke(Request $request) public function __invoke(Request $request)
{ {
if ($request->user()->cannot('create', Company::class))
{
abort(403, 'Unauthorized action');
}
$company = false; $company = false;
$request->enum('type', CompanyType::class); $request->enum('type', CompanyType::class);
$validated = $request->validate([ $validated = $request->validate([

4
app/Modules/Main/Http/Controllers/Company/CreateCompanyFormController.php
View File

@ -15,6 +15,10 @@ class CreateCompanyFormController extends Controller
*/ */
public function __invoke(Request $request) public function __invoke(Request $request)
{ {
if ($request->user()->cannot('create', Company::class))
{
abort(403, 'Unauthorized action');
}
$type = false; $type = false;
$city_id = false; $city_id = false;
if ($request->has('type')) if ($request->has('type'))

7
app/Modules/Main/Http/Controllers/Company/DeleteAgentController.php
View File

@ -10,8 +10,13 @@
class DeleteAgentController extends Controller class DeleteAgentController extends Controller
{ {
public function __invoke(Agent $agent) public function __invoke(Request $request, Agent $agent)
{ {
if ($request->user()->cannot('update', $agent->company))
{
abort(403, 'Unauthorized action');
}
$admin = CompanyAdmin::where('user_id', auth()->id()) $admin = CompanyAdmin::where('user_id', auth()->id())
->where( ->where(
'company_id', 'company_id',

5
app/Modules/Main/Http/Controllers/Company/DetailsController.php
View File

@ -54,6 +54,11 @@ public function index($companyId = null)
} }
public function store(Request $request, Company $company) public function store(Request $request, Company $company)
{ {
if ($request->user()->cannot('update', $company))
{
abort(403, 'Unauthorized action');
}
$userId = auth()->user()->id; $userId = auth()->user()->id;
$admin = CompanyAdmin::where('user_id', $userId)->get(); $admin = CompanyAdmin::where('user_id', $userId)->get();
if ($admin->count() == 1) if ($admin->count() == 1)

36
app/Modules/Main/Http/Policies/CompanyPolicy.php Normal file
View File

@ -0,0 +1,36 @@
<?php
namespace Modules\Main\Http\Policies;
use Modules\User\Models\User;
use Modules\User\Models\UserRole;
use Modules\User\Models\Role;
use Modules\Main\Models\Company\Company;
use Modules\Main\Models\Company\CompanyAdmin;
class CompanyPolicy
{
public function create(User $user): bool
{
if (UserRole::where('user_id', $user->id)->where('role_id', Role::SUPER_ADMIN)->count() == 1)
{
return true;
}
return false;
}
public function update(User $user, Company $company): bool
{
if (UserRole::where('user_id', $user->id)->where('role_id', Role::SUPER_ADMIN)->count() == 1)
{
return true;
}
if (
CompanyAdmin::where('user_id', $user->id)->where('company_id', $company->id)->count() == 1
&& UserRole::where('user_id', $user->id)->where('role_id', Role::COMPANY_ADMIN)->count() == 1
)
{
return true;
}
return false;
}
}

1
app/Modules/Main/Models/Company/Company.php
View File

@ -7,6 +7,7 @@
use Modules\Payment\Traits\Paymentable; use Modules\Payment\Traits\Paymentable;
use Modules\Main\Models\City; use Modules\Main\Models\City;
use Modules\Bitrix\Traits\Bitrixable; use Modules\Bitrix\Traits\Bitrixable;
class Company extends Model class Company extends Model
{ {
use HasFactory; use HasFactory;

8
app/Modules/Main/Providers/ModuleServiceProvider.php
View File

@ -5,6 +5,8 @@
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Blade; use Illuminate\Support\Facades\Blade;
use Livewire\Livewire; use Livewire\Livewire;
use Illuminate\Support\Facades\Gate;
class ModuleServiceProvider extends ServiceProvider class ModuleServiceProvider extends ServiceProvider
{ {
@ -23,6 +25,7 @@ public function boot()
$this->registerConfig(); $this->registerConfig();
$this->registerComponent(); $this->registerComponent();
$this->registerLivewire(); $this->registerLivewire();
$this->registerPolicies();
} }
protected function registerViews() protected function registerViews()
@ -69,4 +72,9 @@ protected function registerComponent()
{ {
//Blade::component('<name>', \Modules\<NAME>\Http\Components\<NAME>::class); //Blade::component('<name>', \Modules\<NAME>\Http\Components\<NAME>::class);
} }
protected function registerPolicies()
{
Gate::policy(\Modules\Main\Models\Company\Company::class, \Modules\Main\Http\Policies\CompanyPolicy::class);
}
} }