developer/lk.zachem.info
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- обновлены политики беопасности для админки.

Browse Source 
- добавлена роль регионального менеджера
This commit is contained in:
Thekindbull 2025-11-13 12:01:07 +08:00
parent c8845f2e96
commit 561ef84570
6 changed files with 135 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
app/Modules/Admin/Http/Middleware/AdminPolicyAuthorization.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace Modules\Admin\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Support\Facades\Gate;
use Modules\User\Models\User;
class AdminPolicyAuthorization
{
public function handle(Request $request, Closure $next): Response
{
if (!Auth::user()->can('viewAdminPath', User::class))
{
abort(403, 'Unauthorized action.');
}
return $next($request);
}
}

25
app/Modules/Admin/Http/Middleware/GloabalAdminPathsPolicyAuthorization.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace Modules\Admin\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Support\Facades\Gate;
use Modules\User\Models\User;
class GloabalAdminPathsPolicyAuthorization
{
public function handle(Request $request, Closure $next): Response
{
if (!Auth::user()->can('editGlobalTables', User::class))
{
abort(403, 'Unauthorized action.');
}
return $next($request);
}
}

33
app/Modules/Admin/Http/Policies/AdminPathPolicy.php Normal file
View File

@ -0,0 +1,33 @@
<?php
namespace Modules\Admin\Http\Policies;
use Modules\User\Models\User;
use Modules\User\Models\UserRole;
use Modules\User\Models\Role;
class AdminPathPolicy
{
public function viewAdminPath(User $user): bool
{
if (
UserRole::where('user_id', $user->id)->where('role_id', Role::SUPER_ADMIN)->count() == 1
|| UserRole::where('user_id', $user->id)->where('role_id', Role::CITY_MANAGER)->count() == 1
)
{
return true;
}
return false;
}
public function editGlobalTables(User $user): bool
{
if (
UserRole::where('user_id', $user->id)->where('role_id', Role::SUPER_ADMIN)->count() == 1
)
{
return true;
}
return false;
}
}

19
app/Modules/Admin/Providers/AuthServiceProvider.php Normal file
View File

@ -0,0 +1,19 @@
<?php
namespace Modules\Admin\Providers;
use Illuminate\Support\Facades\Blade;
use Livewire\Livewire;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
protected $policies = [
\Modules\User\Models\User::class => \Modules\Admin\Http\Policies\AdminPathPolicy::class
];
public function boot()
{
$this->registerPolicies();
}
}

16
app/Modules/Admin/Providers/ModuleServiceProvider.php
View File

@ -5,13 +5,18 @@
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Blade; use Illuminate\Support\Facades\Blade;
use Livewire\Livewire; use Livewire\Livewire;
use Illuminate\Support\Facades\Gate;
class ModuleServiceProvider extends ServiceProvider class ModuleServiceProvider extends ServiceProvider
{ {
protected string $moduleName = 'Admin'; protected string $moduleName = 'Admin';
protected $policies = [
\Modules\User\Models\User::class => \Modules\Admin\Http\Policies\AdminPathPolicy::class
];
public function register() public function register()
{ {
$this->app->register(AuthServiceProvider::class);
$this->app->register(RouteServiceProvider::class); $this->app->register(RouteServiceProvider::class);
} }
@ -23,6 +28,7 @@ public function boot()
$this->registerConfig(); $this->registerConfig();
$this->registerComponent(); $this->registerComponent();
$this->registerLivewire(); $this->registerLivewire();
//$this->registerPolicies();
} }
protected function registerViews() protected function registerViews()
@ -71,4 +77,14 @@ protected function registerComponent()
{ {
//Blade::component('<name>', \Modules\<NAME>\Http\Components\<NAME>::class); //Blade::component('<name>', \Modules\<NAME>\Http\Components\<NAME>::class);
} }
protected function registerPolicies1()
{
Gate::policy(\Modules\User\Models\User::class, \Modules\Admin\Http\Policies\AdminPathPolicy::class);
/*Gate::define('viewAdminPath', function ($user)
{
return Gate::authorize('viewAdminPath', \Modules\Admin\Http\Policies\AdminPathPolicy::class);
});*/
}
} }

43
app/Modules/Admin/Routes/web.php
View File

@ -2,49 +2,42 @@
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
use Modules\Admin\Http\Controllers\AdminController; use Modules\Admin\Http\Controllers\AdminController;
use Modules\Admin\Http\Middleware\AdminPolicyAuthorization;
use Modules\Admin\Http\Middleware\GloabalAdminPathsPolicyAuthorization;
Route::middleware(['auth'])->group(function () Route::middleware(['auth', AdminPolicyAuthorization::class])->group(function ()
{ {
Route::middleware(['auth', AdminPolicyAuthorization::class])->group(function ()
Route::get('/admin', [AdminController::class, 'index']);
Route::middleware(['hasAccess'])->group(function ()
{ {
/** Routes that need to be protected - Маршруты которые нужно защитить */ Route::post('/admin/cities/{city}/update', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'update'])->name('admin.cities.update');
Route::post('/admin/cities/create', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'create'])->name('admin.cities.create');
Route::post('/admin/cities/{city}/delete', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'delete'])->name('admin.cities.delete');
Route::post('/admin/cities/{city}/restore', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'restore'])->withTrashed()->name('admin.cities.restore');
Route::get('/admin/complexes/{complex}/edit', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'edit'])->name('admin.complexes.edit');
Route::post('/admin/complexes/create', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'create'])->name('admin.complexes.create');
Route::post('/admin/complexes/{complex}/delete', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'delete'])->name('admin.complexes.delete');
Route::post('/admin/complexes/{complex}/update', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'update'])->withTrashed()->name('admin.complexes.update');
Route::post('/admin/complexes/{complex}/restore', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'restore'])->withTrashed()->name('admin.complexes.restore');
Route::get('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'index'])->name('admin.bitrix.webhooks');
Route::post('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'create'])->name('admin.bitrix.webhooks.create');
}); });
Route::post('/admin/set', [Modules\Admin\Http\Controllers\AdminController::class, 'setSuperAdmin'])->name('admin.setSuperAdmin');
Route::get('/admin', [Modules\Admin\Http\Controllers\AdminController::class, 'index'])->name('admin.index'); Route::get('/admin', [Modules\Admin\Http\Controllers\AdminController::class, 'index'])->name('admin.index');
Route::post('/admin/set', [Modules\Admin\Http\Controllers\AdminController::class, 'setSuperAdmin'])->name('admin.setSuperAdmin');
Route::get('/admin/users', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'index'])->name('admin.users'); Route::get('/admin/users', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'index'])->name('admin.users');
Route::get('/admin/users/{user}/edit', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'edit'])->name('admin.users.edit'); Route::get('/admin/users/{user}/edit', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'edit'])->name('admin.users.edit');
Route::post('/admin/users/{user}/update', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'update'])->name('admin.users.update'); Route::post('/admin/users/{user}/update', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'update'])->name('admin.users.update');
Route::post('/admin/user-role/{userRole}/delete', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'deleteUserRole'])->name('admin.users.role.delete'); Route::post('/admin/user-role/{userRole}/delete', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'deleteUserRole'])->name('admin.users.role.delete');
Route::get('/admin/companies', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'index'])->name('admin.companies'); Route::get('/admin/companies', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'index'])->name('admin.companies');
Route::get('/admin/companies/{company}/edit', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'edit'])->name('admin.companies.edit'); Route::get('/admin/companies/{company}/edit', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'edit'])->name('admin.companies.edit');
Route::post('/admin/companies/{company}/update', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'update'])->name('admin.companies.update'); Route::post('/admin/companies/{company}/update', [Modules\Admin\Http\Controllers\AdminCompaniesController::class, 'update'])->name('admin.companies.update');
Route::post('/admin/companies/{company}/delete', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'update'])->name('admin.companies.delete'); Route::post('/admin/companies/{company}/delete', [Modules\Admin\Http\Controllers\AdminUsersController::class, 'update'])->name('admin.companies.delete');
Route::get('/admin/cities', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'index'])->name('admin.cities'); Route::get('/admin/cities', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'index'])->name('admin.cities');
Route::post('/admin/cities/{city}/update', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'update'])->name('admin.cities.update');
Route::post('/admin/cities/create', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'create'])->name('admin.cities.create');
Route::post('/admin/cities/{city}/delete', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'delete'])->name('admin.cities.delete');
Route::post('/admin/cities/{city}/restore', [Modules\Admin\Http\Controllers\AdminCitiesController::class, 'restore'])->withTrashed()->name('admin.cities.restore');
Route::get('/admin/cities/managers', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'index'])->name('admin.cities.managers'); Route::get('/admin/cities/managers', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'index'])->name('admin.cities.managers');
Route::post('/admin/cities/managers/create', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'create'])->name('admin.cities.managers.create'); Route::post('/admin/cities/managers/create', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'create'])->name('admin.cities.managers.create');
Route::post('/admin/cities/managers/{manager}/delete', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'delete'])->name('admin.cities.managers.delete'); Route::post('/admin/cities/managers/{manager}/delete', [Modules\Admin\Http\Controllers\AdminCityManagersController::class, 'delete'])->name('admin.cities.managers.delete');
Route::get('/admin/complexes', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'index'])->name('admin.complexes'); Route::get('/admin/complexes', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'index'])->name('admin.complexes');
Route::get('/admin/complexes/{complex}/edit', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'edit'])->name('admin.complexes.edit');
Route::post('/admin/complexes/create', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'create'])->name('admin.complexes.create');
Route::post('/admin/complexes/{complex}/delete', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'delete'])->name('admin.complexes.delete');
Route::post('/admin/complexes/{complex}/update', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'update'])->withTrashed()->name('admin.complexes.update');
Route::post('/admin/complexes/{complex}/restore', [Modules\Admin\Http\Controllers\AdminComplexesController::class, 'restore'])->withTrashed()->name('admin.complexes.restore');
Route::get('/admin/payments', [Modules\Admin\Http\Controllers\AdminPaymentsController::class, 'index'])->name('admin.payments'); Route::get('/admin/payments', [Modules\Admin\Http\Controllers\AdminPaymentsController::class, 'index'])->name('admin.payments');
Route::get('/admin/posts', [Modules\Admin\Http\Controllers\AdminPostsController::class, 'index'])->name('admin.posts'); Route::get('/admin/posts', [Modules\Admin\Http\Controllers\AdminPostsController::class, 'index'])->name('admin.posts');
@ -66,8 +59,6 @@
Route::post('/admin/bitrix/agents/{agent}/set', [Modules\Admin\Http\Controllers\AdminBitrixController::class, 'setAgentId'])->name('admin.bitrix.agent.set'); Route::post('/admin/bitrix/agents/{agent}/set', [Modules\Admin\Http\Controllers\AdminBitrixController::class, 'setAgentId'])->name('admin.bitrix.agent.set');
Route::get('/admin/bitrix/agents/{agent}/deals/sync', [Modules\Admin\Http\Controllers\AdminBitrixController::class, 'syncDeals'])->name('admin.bitrix.agent.deals.sync'); Route::get('/admin/bitrix/agents/{agent}/deals/sync', [Modules\Admin\Http\Controllers\AdminBitrixController::class, 'syncDeals'])->name('admin.bitrix.agent.deals.sync');
Route::get('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'index'])->name('admin.bitrix.webhooks');
Route::post('/admin/bitrix/webhooks', [Modules\Admin\Http\Controllers\AdminBitrixWebhooksController::class, 'create'])->name('admin.bitrix.webhooks.create');
}); });