Merge branch 'admin-authentication' into 'main'
add admin gate See merge request ase22ws/abschlussprojekt-device-manager-timon-lorenz!4
This commit is contained in:
lot17014
commit
f43db84171
@ -5,10 +5,12 @@
|
||||
use App\Models\Device;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Validation\Rule;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
|
||||
class DeviceController extends Controller
|
||||
{
|
||||
//
|
||||
|
||||
public function index()
|
||||
{
|
||||
return view('devices.index', [
|
||||
@ -16,11 +18,15 @@ public function index()
|
||||
]);
|
||||
}
|
||||
|
||||
public function create(){
|
||||
public function create()
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
return view('devices.create');
|
||||
}
|
||||
|
||||
public function store(Request $request){
|
||||
public function store(Request $request)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$formFields = $request->validate([
|
||||
'title' => 'required',
|
||||
'device_type' => 'required',
|
||||
@ -36,11 +42,15 @@ public function store(Request $request){
|
||||
return redirect('/devices');
|
||||
}
|
||||
|
||||
public function edit(Device $device) {
|
||||
public function edit(Device $device)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
return view('devices.edit', ['device' => $device]);
|
||||
}
|
||||
|
||||
public function update(Device $device, Request $request){
|
||||
public function update(Device $device, Request $request)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$formFields = $request->validate([
|
||||
'title' => 'required',
|
||||
'device_type' => 'required',
|
||||
@ -56,7 +66,9 @@ public function update(Device $device, Request $request){
|
||||
return back();
|
||||
}
|
||||
|
||||
public function destroy(Device $device){
|
||||
public function destroy(Device $device): RedirectResponse
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$device->delete();
|
||||
return redirect('devices');
|
||||
}
|
||||
|
||||
@ -28,11 +28,13 @@ public function store(Device $device, Request $request)
|
||||
|
||||
public function edit(LocationTransaction $location)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
return view('locations.edit', ['location' => $location]);
|
||||
}
|
||||
|
||||
public function update(LocationTransaction $location, Request $request)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$formFields = $request->validate([
|
||||
'room_code' => 'required',
|
||||
'timestamp_located_since' => 'required'
|
||||
@ -45,6 +47,7 @@ public function update(LocationTransaction $location, Request $request)
|
||||
|
||||
public function destroy(LocationTransaction $location)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$location->delete();
|
||||
return back();
|
||||
}
|
||||
|
||||
@ -28,11 +28,13 @@ public function store(Device $device, Request $request)
|
||||
|
||||
public function edit(OwnerTransaction $owner)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
return view('owners.edit', ['owner' => $owner]);
|
||||
}
|
||||
|
||||
public function update(OwnerTransaction $owner, Request $request)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$formFields = $request->validate([
|
||||
'rz_username' => 'required',
|
||||
'timestamp_owner_since' => 'required'
|
||||
@ -45,6 +47,7 @@ public function update(OwnerTransaction $owner, Request $request)
|
||||
|
||||
public function destroy(OwnerTransaction $owner)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$owner->delete();
|
||||
return back();
|
||||
}
|
||||
|
||||
@ -8,32 +8,16 @@
|
||||
|
||||
class PurchasingInformationController extends Controller
|
||||
{
|
||||
public function create()
|
||||
{
|
||||
return view('purchasings.create');
|
||||
}
|
||||
|
||||
public function store(Request $request)
|
||||
{
|
||||
$formFields = $request->validate([
|
||||
'price' => 'required',
|
||||
'timestamp_warranty_end' => 'required',
|
||||
'timestamp_purchase' => 'required',
|
||||
'cost_centre' => 'required',
|
||||
]);
|
||||
|
||||
PurchasingInformation::create($formFields);
|
||||
|
||||
return redirect('/');
|
||||
}
|
||||
|
||||
public function edit(Device $device)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
return view('purchasings.edit', ['purchasing' => $device->purchasing]);
|
||||
}
|
||||
|
||||
public function update(Device $device, Request $request)
|
||||
{
|
||||
$this->authorize('admin-only');
|
||||
$formFields = $request->validate([
|
||||
'price' => 'required',
|
||||
'timestamp_warranty_end' => 'required',
|
||||
@ -45,10 +29,4 @@ public function update(Device $device, Request $request)
|
||||
|
||||
return redirect('/');
|
||||
}
|
||||
|
||||
public function destroy(PurchasingInformation $purchasing)
|
||||
{
|
||||
$purchasing->delete();
|
||||
return back();
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,8 @@
|
||||
|
||||
namespace App\Providers;
|
||||
|
||||
// use Illuminate\Support\Facades\Gate;
|
||||
use App\Models\User;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
||||
|
||||
class AuthServiceProvider extends ServiceProvider
|
||||
@ -21,6 +22,10 @@ class AuthServiceProvider extends ServiceProvider
|
||||
*/
|
||||
public function boot(): void
|
||||
{
|
||||
//
|
||||
$this->registerPolicies();
|
||||
|
||||
Gate::define('admin-only', function (User $user) {
|
||||
return $user->has_admin_privileges;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -11,12 +11,14 @@
|
||||
<li>serial_number: {{ $device['serial_number'] }}</li>
|
||||
<li>image_url: {{ $device['image_url'] }}</li>
|
||||
</ul>
|
||||
<button><a href="{{ $device->device_id }}/edit">Edit</a></button>
|
||||
<form method="POST" action="{{ $device->device_id }}">
|
||||
@method('DELETE')
|
||||
@csrf
|
||||
<button>Delete</button>
|
||||
</form>
|
||||
@can('admin-only')
|
||||
<button><a href="{{ $device->device_id }}/edit">Edit</a></button>
|
||||
<form method="POST" action="{{ $device->device_id }}">
|
||||
@method('DELETE')
|
||||
@csrf
|
||||
<button>Delete</button>
|
||||
</form>
|
||||
@endcan
|
||||
<x-purchasing-information :device="$device" />
|
||||
@php
|
||||
$locationTransactions = $device->locations;
|
||||
|
||||
@ -3,10 +3,12 @@
|
||||
<li>room_code: {{ $location->room_code }}</li>
|
||||
<li>timestamp_located_since: {{ $location->timestamp_located_since }}</li>
|
||||
</ul>
|
||||
<button><a href="locations/{{ $location->location_transaction_id }}/edit">Edit</a></button>
|
||||
<form method="POST" action="locations/{{ $location->location_transaction_id }}">
|
||||
@method('DELETE')
|
||||
@csrf
|
||||
<button>Delete</button>
|
||||
</form>
|
||||
@can('admin-only')
|
||||
<button><a href="locations/{{ $location->location_transaction_id }}/edit">Edit</a></button>
|
||||
<form method="POST" action="locations/{{ $location->location_transaction_id }}">
|
||||
@method('DELETE')
|
||||
@csrf
|
||||
<button>Delete</button>
|
||||
</form>
|
||||
@endcan
|
||||
</div>
|
||||
@ -3,10 +3,12 @@
|
||||
<li>rz_username: {{ $owner->rz_username }}</li>
|
||||
<li>timestamp_owner_since: {{ $owner->timestamp_owner_since }}</li>
|
||||
</ul>
|
||||
<button><a href="owners/{{ $owner->owner_transaction_id }}/edit">Edit</a></button>
|
||||
<form method="POST" action="owners/{{ $owner->owner_transaction_id }}">
|
||||
@method('DELETE')
|
||||
@csrf
|
||||
<button>Delete</button>
|
||||
</form>
|
||||
@can('admin-only')
|
||||
<button><a href="owners/{{ $owner->owner_transaction_id }}/edit">Edit</a></button>
|
||||
<form method="POST" action="owners/{{ $owner->owner_transaction_id }}">
|
||||
@method('DELETE')
|
||||
@csrf
|
||||
<button>Delete</button>
|
||||
</form>
|
||||
@endcan
|
||||
</div>
|
||||
@ -10,5 +10,7 @@
|
||||
<li>cost_centre: {{ $purchasing->cost_centre }}</li>
|
||||
<li>seller: {{ $purchasing->seller }}</li>
|
||||
</ul>
|
||||
<button><a href="{{ $device->device_id }}/purchasing/edit">Edit</a></button>
|
||||
@can('admin-only')
|
||||
<button><a href="{{ $device->device_id }}/purchasing/edit">Edit</a></button>
|
||||
@endcan
|
||||
</div>
|
||||
@ -11,5 +11,7 @@
|
||||
@else
|
||||
<p>No devices found</p>
|
||||
@endunless
|
||||
<button><a href="devices/create">Device</a></button>
|
||||
@can('admin-only')
|
||||
<button><a href="devices/create">Device</a></button>
|
||||
@endcan
|
||||
@endsection
|
||||
|
||||
@ -25,53 +25,36 @@
|
||||
return view('welcome');
|
||||
});
|
||||
|
||||
// Devices routes
|
||||
// index - show all devices
|
||||
Route::get('/devices', [DeviceController::class, 'index']);
|
||||
// create - show device create form
|
||||
Route::get('/devices/create', [DeviceController::class, 'create'])->middleware('auth');
|
||||
// store - store new device
|
||||
Route::post('/devices', [DeviceController::class, 'store'])->middleware('auth');
|
||||
|
||||
// Device purchasing routes
|
||||
//Route::get('/devices/{device}/purchasing/create', [PurchasingInformationController::class, 'create']);
|
||||
//Route::post('/devices/{device}/purchasing', [PurchasingInformationController::class, 'store']);
|
||||
Route::get('/devices/{device}/purchasing/edit', [PurchasingInformationController::class, 'edit']);
|
||||
Route::put('/devices/{device}/purchasing', [PurchasingInformationController::class, 'update']);
|
||||
//Route::delete('/devices/{device}/purchasing', [PurchasingInformationController::class, 'destroy']);
|
||||
Route::get('/devices/{device}/purchasing/edit', [PurchasingInformationController::class, 'edit'])->middleware('auth');
|
||||
Route::put('/devices/{device}/purchasing', [PurchasingInformationController::class, 'update'])->middleware('auth');
|
||||
|
||||
// Device location routes
|
||||
Route::get('/devices/{device}/locations/create', [LocationTransactionController::class, 'create']);
|
||||
Route::post('/devices/{device}/locations', [LocationTransactionController::class, 'store']);
|
||||
Route::get('/devices/locations/{location}/edit', [LocationTransactionController::class, 'edit']);
|
||||
Route::put('/devices/locations/{location}', [LocationTransactionController::class, 'update']);
|
||||
Route::delete('/devices/locations/{location}', [LocationTransactionController::class, 'destroy']);
|
||||
Route::get('/devices/{device}/locations/create', [LocationTransactionController::class, 'create'])->middleware('auth');
|
||||
Route::post('/devices/{device}/locations', [LocationTransactionController::class, 'store'])->middleware('auth');
|
||||
Route::get('/devices/locations/{location}/edit', [LocationTransactionController::class, 'edit'])->middleware('auth');
|
||||
Route::put('/devices/locations/{location}', [LocationTransactionController::class, 'update'])->middleware('auth');
|
||||
Route::delete('/devices/locations/{location}', [LocationTransactionController::class, 'destroy'])->middleware('auth');
|
||||
|
||||
// Device owner routes
|
||||
Route::get('/devices/{device}/owners/create', [OwnerTransactionController::class, 'create']);
|
||||
Route::post('/devices/{device}/owners', [OwnerTransactionController::class, 'store']);
|
||||
Route::get('/devices/owners/{owner}/edit', [OwnerTransactionController::class, 'edit']);
|
||||
Route::put('/devices/owners/{owner}', [OwnerTransactionController::class, 'update']);
|
||||
Route::delete('/devices/owners/{owner}', [OwnerTransactionController::class, 'destroy']);
|
||||
Route::get('/devices/{device}/owners/create', [OwnerTransactionController::class, 'create'])->middleware('auth');
|
||||
Route::post('/devices/{device}/owners', [OwnerTransactionController::class, 'store'])->middleware('auth');
|
||||
Route::get('/devices/owners/{owner}/edit', [OwnerTransactionController::class, 'edit'])->middleware('auth');
|
||||
Route::put('/devices/owners/{owner}', [OwnerTransactionController::class, 'update'])->middleware('auth');
|
||||
Route::delete('/devices/owners/{owner}', [OwnerTransactionController::class, 'destroy'])->middleware('auth');
|
||||
|
||||
//
|
||||
// edit - show edit form
|
||||
// Devices routes
|
||||
Route::get('/devices', [DeviceController::class, 'index'])->middleware('auth');
|
||||
Route::get('/devices/create', [DeviceController::class, 'create'])->middleware('auth');
|
||||
Route::post('/devices', [DeviceController::class, 'store'])->middleware('auth')->middleware('auth');
|
||||
Route::get('devices/{device}/edit', [DeviceController::class, 'edit'])->middleware('auth');
|
||||
// update - update device
|
||||
Route::put('devices/{device}', [DeviceController::class, 'update'])->middleware('auth');
|
||||
// destroy - delete device
|
||||
Route::delete('devices/{device}', [DeviceController::class, 'destroy'])->middleware('auth');
|
||||
// show - show sigle device
|
||||
Route::get('/devices/{device}', [DeviceController::class, 'show']);
|
||||
Route::get('/devices/{device}', [DeviceController::class, 'show'])->middleware('auth');
|
||||
|
||||
//User routes
|
||||
// create - show register form
|
||||
Route::get('/register', [UserController::class, 'create']);
|
||||
// store - store new user
|
||||
Route::post('/users', [UserController::class, 'store']);
|
||||
// login - show user login form
|
||||
Route::get('/login', [UserController::class, 'login'])->name('login');
|
||||
// authenticate - log in user
|
||||
Route::post('/users/authenticate', [UserController::class, 'authenticate']);
|
||||
// logout - log out user
|
||||
Route::post('/logout', [UserController::class, 'logout']);
|
||||
Loading…
Reference in New Issue
Block a user