- обновлены политики беопасности для админки.
- добавлена роль регионального менеджера
This commit is contained in:
Thekindbull
parent
c8845f2e96
commit
561ef84570
@ -0,0 +1,25 @@
|
||||
<?php
|
||||
|
||||
namespace Modules\Admin\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Modules\User\Models\User;
|
||||
|
||||
|
||||
|
||||
class AdminPolicyAuthorization
|
||||
{
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if (!Auth::user()->can('viewAdminPath', User::class))
|
||||
{
|
||||
abort(403, 'Unauthorized action.');
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
<?php
|
||||
|
||||
namespace Modules\Admin\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Modules\User\Models\User;
|
||||
|
||||
|
||||
|
||||
class GloabalAdminPathsPolicyAuthorization
|
||||
{
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if (!Auth::user()->can('editGlobalTables', User::class))
|
||||
{
|
||||
abort(403, 'Unauthorized action.');
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
33
app/Modules/Admin/Http/Policies/AdminPathPolicy.php
Normal file
33
app/Modules/Admin/Http/Policies/AdminPathPolicy.php
Normal file
@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
namespace Modules\Admin\Http\Policies;
|
||||
|
||||
use Modules\User\Models\User;
|
||||
use Modules\User\Models\UserRole;
|
||||
use Modules\User\Models\Role;
|
||||
|
||||
class AdminPathPolicy
|
||||
{
|
||||
public function viewAdminPath(User $user): bool
|
||||
{
|
||||
if (
|
||||
UserRole::where('user_id', $user->id)->where('role_id', Role::SUPER_ADMIN)->count() == 1
|
||||
|| UserRole::where('user_id', $user->id)->where('role_id', Role::CITY_MANAGER)->count() == 1
|
||||
)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function editGlobalTables(User $user): bool
|
||||
{
|
||||
if (
|
||||
UserRole::where('user_id', $user->id)->where('role_id', Role::SUPER_ADMIN)->count() == 1
|
||||
)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
19
app/Modules/Admin/Providers/AuthServiceProvider.php
Normal file
19
app/Modules/Admin/Providers/AuthServiceProvider.php
Normal file
@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
namespace Modules\Admin\Providers;
|
||||
|
||||
use Illuminate\Support\Facades\Blade;
|
||||
use Livewire\Livewire;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
||||
|
||||
class AuthServiceProvider extends ServiceProvider
|
||||
{
|
||||
protected $policies = [
|
||||
\Modules\User\Models\User::class => \Modules\Admin\Http\Policies\AdminPathPolicy::class
|
||||
];
|
||||
public function boot()
|
||||
{
|
||||
$this->registerPolicies();
|
||||
}
|
||||
}
|
||||
@ -5,13 +5,18 @@
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Illuminate\Support\Facades\Blade;
|
||||
use Livewire\Livewire;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
|
||||
class ModuleServiceProvider extends ServiceProvider
|
||||
{
|
||||
protected string $moduleName = 'Admin';
|
||||
|
||||
protected $policies = [
|
||||
\Modules\User\Models\User::class => \Modules\Admin\Http\Policies\AdminPathPolicy::class
|
||||
];
|
||||
public function register()
|
||||
{
|
||||
$this->app->register(AuthServiceProvider::class);
|
||||
$this->app->register(RouteServiceProvider::class);
|
||||
}
|
||||
|
||||
@ -23,6 +28,7 @@ public function boot()
|
||||
$this->registerConfig();
|
||||
$this->registerComponent();
|
||||
$this->registerLivewire();
|
||||
//$this->registerPolicies();
|
||||
}
|
||||
|
||||
protected function registerViews()
|
||||
@ -71,4 +77,14 @@ protected function registerComponent()
|
||||
{
|
||||
//Blade::component('<name>', \Modules\<NAME>\Http\Components\<NAME>::class);
|
||||
}
|
||||
|
||||
protected function registerPolicies1()
|
||||
{
|
||||
|
||||
Gate::policy(\Modules\User\Models\User::class, \Modules\Admin\Http\Policies\AdminPathPolicy::class);
|
||||
/*Gate::define('viewAdminPath', function ($user)
|
||||
{
|
||||
return Gate::authorize('viewAdminPath', \Modules\Admin\Http\Policies\AdminPathPolicy::class);
|
||||
});*/
|
||||
}
|
||||
}
|
||||
@ -2,49 +2,42 @@
|
||||
|
||||
use Illuminate\Support\Facades\Route;
|
||||
use Modules\Admin\Http\Controllers\AdminController;
|
||||
use Modules\Admin\Http\Middleware\AdminPolicyAuthorization;
|
||||
use Modules\Admin\Http\Middleware\GloabalAdminPathsPolicyAuthorization;
|
||||
|
||||
Route::middleware(['auth'])->group(function ()
|
||||
Route::middleware(['auth', AdminPolicyAuthorization::class])->group(function ()
|
||||
{
|
||||
|
||||
Route::get('/admin', [AdminController::class, 'index']);
|
||||
|
||||
Route::middleware(['hasAccess'])->group(function ()
|
||||
Route::middleware(['auth', AdminPolicyAuthorization::class])->group(function ()
|
||||
{
|
||||
/** Routes that need to be protected - Маршруты которые нужно защитить */
|
||||
Route::post('/admin/cities/{city}/update', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'update'])->name('admin.cities.update');
|
||||
Route::post('/admin/cities/create', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'create'])->name('admin.cities.create');
|
||||
Route::post('/admin/cities/{city}/delete', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'delete'])->name('admin.cities.delete');
|
||||
Route::post('/admin/cities/{city}/restore', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'restore'])->withTrashed()->name('admin.cities.restore');
|
||||
Route::get('/admin/complexes/{complex}/edit', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'edit'])->name('admin.complexes.edit');
|
||||
Route::post('/admin/complexes/create', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'create'])->name('admin.complexes.create');
|
||||
Route::post('/admin/complexes/{complex}/delete', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'delete'])->name('admin.complexes.delete');
|
||||
Route::post('/admin/complexes/{complex}/update', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'update'])->withTrashed()->name('admin.complexes.update');
|
||||
Route::post('/admin/complexes/{complex}/restore', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'restore'])->withTrashed()->name('admin.complexes.restore');
|
||||
Route::get('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'index'])->name('admin.bitrix.webhooks');
|
||||
Route::post('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'create'])->name('admin.bitrix.webhooks.create');
|
||||
});
|
||||
Route::post('/admin/set', [Modules\Admin\Http\Controllers\AdminController::class, 'setSuperAdmin'])->name('admin.setSuperAdmin');
|
||||
|
||||
|
||||
Route::get('/admin', [Modules\Admin\Http\Controllers\AdminController::class, 'index'])->name('admin.index');
|
||||
|
||||
Route::post('/admin/set', [Modules\Admin\Http\Controllers\AdminController::class, 'setSuperAdmin'])->name('admin.setSuperAdmin');
|
||||
Route::get('/admin/users', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'index'])->name('admin.users');
|
||||
Route::get('/admin/users/{user}/edit', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'edit'])->name('admin.users.edit');
|
||||
Route::post('/admin/users/{user}/update', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'update'])->name('admin.users.update');
|
||||
Route::post('/admin/user-role/{userRole}/delete', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'deleteUserRole'])->name('admin.users.role.delete');
|
||||
|
||||
Route::get('/admin/companies', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'index'])->name('admin.companies');
|
||||
Route::get('/admin/companies/{company}/edit', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'edit'])->name('admin.companies.edit');
|
||||
Route::post('/admin/companies/{company}/update', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'update'])->name('admin.companies.update');
|
||||
Route::post('/admin/companies/{company}/delete', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'update'])->name('admin.companies.delete');
|
||||
|
||||
Route::get('/admin/cities', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'index'])->name('admin.cities');
|
||||
Route::post('/admin/cities/{city}/update', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'update'])->name('admin.cities.update');
|
||||
Route::post('/admin/cities/create', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'create'])->name('admin.cities.create');
|
||||
Route::post('/admin/cities/{city}/delete', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'delete'])->name('admin.cities.delete');
|
||||
Route::post('/admin/cities/{city}/restore', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'restore'])->withTrashed()->name('admin.cities.restore');
|
||||
|
||||
Route::get('/admin/cities/managers', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'index'])->name('admin.cities.managers');
|
||||
Route::post('/admin/cities/managers/create', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'create'])->name('admin.cities.managers.create');
|
||||
Route::post('/admin/cities/managers/{manager}/delete', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'delete'])->name('admin.cities.managers.delete');
|
||||
|
||||
|
||||
|
||||
Route::get('/admin/complexes', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'index'])->name('admin.complexes');
|
||||
Route::get('/admin/complexes/{complex}/edit', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'edit'])->name('admin.complexes.edit');
|
||||
Route::post('/admin/complexes/create', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'create'])->name('admin.complexes.create');
|
||||
Route::post('/admin/complexes/{complex}/delete', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'delete'])->name('admin.complexes.delete');
|
||||
Route::post('/admin/complexes/{complex}/update', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'update'])->withTrashed()->name('admin.complexes.update');
|
||||
Route::post('/admin/complexes/{complex}/restore', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'restore'])->withTrashed()->name('admin.complexes.restore');
|
||||
|
||||
Route::get('/admin/payments', [Modules\Admin\Http\Controllers\AdminPaymentsController::class, 'index'])->name('admin.payments');
|
||||
|
||||
Route::get('/admin/posts', [Modules\Admin\Http\Controllers\AdminPostsController::class, 'index'])->name('admin.posts');
|
||||
@ -66,8 +59,6 @@
|
||||
Route::post('/admin/bitrix/agents/{agent}/set', [Modules\Admin\Http\Controllers\AdminBitrixController::class, 'setAgentId'])->name('admin.bitrix.agent.set');
|
||||
Route::get('/admin/bitrix/agents/{agent}/deals/sync', [Modules\Admin\Http\Controllers\AdminBitrixController::class, 'syncDeals'])->name('admin.bitrix.agent.deals.sync');
|
||||
|
||||
Route::get('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'index'])->name('admin.bitrix.webhooks');
|
||||
Route::post('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'create'])->name('admin.bitrix.webhooks.create');
|
||||
|
||||
|
||||
});
|
||||
Loading…
Reference in New Issue
Block a user