diff --git a/app/Http/Controllers/AdminDashboardController.php b/app/Http/Controllers/AdminDashboardController.php
deleted file mode 100644
index d287d2016acfa76ce221d78f6171107b081167b6..0000000000000000000000000000000000000000
--- a/app/Http/Controllers/AdminDashboardController.php
+++ /dev/null
@@ -1,15 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-
-use App\Http\Requests;
-
-class AdminDashboardController extends Controller
-{
- public function index()
- {
- return 'Admin';
- }
-}
diff --git a/app/Http/Controllers/ScheduleController.php b/app/Http/Controllers/ScheduleController.php
index f21761eb77bf346b444a6eb3a3be0fd9d18ef438..953e9f7865ffe3be6cd62623f0fa2ab57794f733 100644
--- a/app/Http/Controllers/ScheduleController.php
+++ b/app/Http/Controllers/ScheduleController.php
@@ -8,6 +8,12 @@ use App\Http\Requests;
class ScheduleController extends Controller
{
+ public function __construct()
+ {
+ $this->middleware('auth');
+ $this->middleware('scheduler');
+ }
+
public function index()
{
return Schedule::all();
@@ -48,3 +54,4 @@ class ScheduleController extends Controller
Schedule::find($id)->delete();
return Schedule::all();
}
+}
\ No newline at end of file
diff --git a/app/Http/Controllers/TpsController.php b/app/Http/Controllers/TpsController.php
index 436e9bc1e277515fb241922d23af3e3672c64cfb..afe211cb181277300f360f2deda8fdb195273eef 100644
--- a/app/Http/Controllers/TpsController.php
+++ b/app/Http/Controllers/TpsController.php
@@ -8,6 +8,12 @@ use App\Http\Requests;
class TpsController extends Controller
{
+ public function __construct()
+ {
+ $this->middleware('auth');
+ $this->middleware('manager');
+ }
+
public function index()
{
return Tps::all();
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index fe4904f60b90a1e5a41da40016d5a8a22159f478..b7097e8e76e8b3d9a37e945e4dec941a9b887222 100644
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -8,6 +8,12 @@ use App\Http\Requests;
class UserController extends Controller
{
+ public function __construct()
+ {
+ $this->middleware('auth');
+ $this->middleware('user');
+ }
+
public function index()
{
return User::all();
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 3efdcaa3e4e1b3b94543037ef62ce9857a8797a8..1a7967180260757238b72837318357808d0256de 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -48,6 +48,8 @@ class Kernel extends HttpKernel
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
- 'permissions.required' => \App\Http\Middleware\PermissionsRequiredMiddleware::class,
+ 'user' => \App\Http\Middleware\AuthorizedUser::class,
+ 'manager' => \App\Http\Middleware\AuthorizedManager::class,
+ 'scheduler' => \App\Http\Middleware\AuthorizedScheduler::class,
];
}
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
index c09d7cd894bdd6e3b1f9c1071b06d1ee215c0f73..7ddc5c3a687dfcf07b8a6fbf922c589f948a3ca5 100644
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@@ -17,7 +17,6 @@ class Authenticate
*/
public function handle($request, Closure $next, $guard = null)
{
- // dd($request);
if (Auth::guard($guard)->guest()) {
if ($request->ajax() || $request->wantsJson()) {
return response('Unauthorized.', 403);
diff --git a/app/Http/Middleware/AuthorizedManager.php b/app/Http/Middleware/AuthorizedManager.php
new file mode 100644
index 0000000000000000000000000000000000000000..e4f943e0b28f38e099b7ff539507b8715ec36de3
--- /dev/null
+++ b/app/Http/Middleware/AuthorizedManager.php
@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+use App\Tps;
+
+class AuthorizedManager
+{
+ /**
+ * Handle an incoming request.
+ *
+ * @param \Illuminate\Http\Request $request
+ * @param \Closure $next
+ * @return mixed
+ */
+ public function handle($request, Closure $next)
+ {
+ $user = Auth::user();
+ $role = $user->role();
+ $param = $request->route()->parameters();
+ $tps_id = !$param ? null : $param['tps'];
+ $tps = Tps::find($tps_id);
+ $mgr_id = !$tps ? null : $tps->id_manager;
+
+ if (!$tps_id)
+ {
+ if ($role == 'admin')
+ {
+ return $next($request);
+ }
+ else
+ {
+ return redirect('/')->with('error', 'Not authorized');
+ }
+ }
+ else if ($mgr_id && $user->id == $mgr_id)
+ {
+ return $next($request);
+ }
+
+ return redirect('/')->with('error', 'Not authorized');
+ }
+}
diff --git a/app/Http/Middleware/AuthorizedScheduler.php b/app/Http/Middleware/AuthorizedScheduler.php
new file mode 100644
index 0000000000000000000000000000000000000000..42d4a6ec4015a8815651ed5178d375f1b66e1597
--- /dev/null
+++ b/app/Http/Middleware/AuthorizedScheduler.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+
+class AuthorizedScheduler
+{
+ /**
+ * Handle an incoming request.
+ *
+ * @param \Illuminate\Http\Request $request
+ * @param \Closure $next
+ * @return mixed
+ */
+ public function handle($request, Closure $next)
+ {
+ $user = Auth::user();
+ $role = $user->role();
+ $param = $request->route()->parameters();
+ $tps_id = $request->input('id_tps');
+ $tps = !$tps_id ? null : Tps::find($tps_id);
+ $mgr_id = !$tps ? null : $tps->id_manager;
+
+ if (!$tps_id)
+ {
+ if ($role == 'admin')
+ {
+ return $next($request);
+ }
+ else
+ {
+ return redirect('/')->with('error', 'Not authorized');
+ }
+ }
+ else if ($mgr_id && $user->id == $mgr_id)
+ {
+ return $next($request);
+ }
+
+ return redirect('/')->with('error', 'Not authorized');
+ }
+}
diff --git a/app/Http/Middleware/AuthorizedUser.php b/app/Http/Middleware/AuthorizedUser.php
new file mode 100644
index 0000000000000000000000000000000000000000..b19481a98df3f0266ce87f722feb3db4669d0fe3
--- /dev/null
+++ b/app/Http/Middleware/AuthorizedUser.php
@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+
+class AuthorizedUser
+{
+ /**
+ * Handle an incoming request.
+ *
+ * @param \Illuminate\Http\Request $request
+ * @param \Closure $next
+ * @return mixed
+ */
+ public function handle($request, Closure $next)
+ {
+ $user = Auth::user();
+ $role = $user->role();
+ $id = !$request->route()->parameters() ? null :
+ $request->route()->parameters()['user'];
+
+ if (!$id)
+ {
+ if ($role == 'admin')
+ {
+ return $next($request);
+ }
+ else
+ {
+ return redirect('/')->with('error', 'Not authorized');
+ }
+ }
+ else if ($user->id == $id)
+ {
+ return $next($request);
+ }
+
+ return redirect('/')->with('error', 'Not authorized');
+ }
+}
diff --git a/app/Http/Middleware/PermissionsRequiredMiddleware.php b/app/Http/Middleware/PermissionsRequiredMiddleware.php
deleted file mode 100644
index fd328f0d2000b25594bb251696c7fcecd76b6099..0000000000000000000000000000000000000000
--- a/app/Http/Middleware/PermissionsRequiredMiddleware.php
+++ /dev/null
@@ -1,65 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-
-class PermissionsRequiredMiddleware
-{
- /**
- * Handle an incoming request.
- *
- * @param \Illuminate\Http\Request $request
- * @param \Closure $next
- * @return mixed
- */
- public function handle($request, Closure $next)
- {
- return \Auth::user();
- // Check if a user is logged in.
- if (!$user = $request->user())
- {
- return redirect()->guest('login');
- }
-
- // Get the current route.
- $route = $request->route();
-
- // Get the current route actions.
- $actions = $route->getAction();
-
- // Check if we have any permissions to check the user has.
- if (!$permissions = isset($actions['permissions']) ? $actions['permissions'] : null)
- {
- // No permissions to check, allow access.
- return abort(403);
- }
-
- // Fetch all of the matching user permissions.
- $userPermissions = array_fetch($user->permissions()->whereIn('slug', (array) $permissions)->get()->toArray(), 'slug');
-
- // Turn the permissions we require into an array.
- $permissions = (array) $permissions;
-
- // Check if we require all permissions, or just one.
- if (isset($actions['permissions_require_all']))
- {
- // If user has EVERY permission required.
- if (count($permissions) == count($userPermissions))
- {
- // Access is granted.
- return $next($request);
- }
- } else {
- // If the user has the permission.
- if (count($userPermissions) >= 1)
- {
- // Access is granted and the rest of the permissions are ignored.
- return $next($request);
- }
- }
-
- // If we reach this far, the user does not have the required permissions.
- return abort(404);
- }
-}
diff --git a/app/Http/routes.php b/app/Http/routes.php
index d5ef42b9f9e5aaf8a3e4009e854111c146f1f277..558ea36c5fca6e7656671021480f70a57cd0fca5 100644
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -11,12 +11,12 @@
|
*/
-Route::group(['middleware' => ['web', ]], function () {
+Route::group(['middleware' => 'web'], function () {
Route::auth();
Route::get('/', 'HomeController@index'); // homnya kan cm 1
Route::get('/home', 'HomeController@index');
-});
-Route::resource('user', 'UserController');
-Route::resource('tps', 'TpsController');
-Route::resource('schedule', 'ScheduleController');
+ Route::resource('user', 'UserController');
+ Route::resource('tps', 'TpsController');
+ Route::resource('schedule', 'ScheduleController');
+});
diff --git a/app/User.php b/app/User.php
index 3fa6df92263a27f2d03bc9c5269f376d08251933..6f4666a775923a2c5fa1a5c7717f72efa7ef3e99 100644
--- a/app/User.php
+++ b/app/User.php
@@ -24,9 +24,10 @@ class User extends Authenticatable
'password', 'remember_token',
];
- public function roles()
+ public function role()
{
- return $this->belongsTo('App\Role');
+ // $this->belongsTo('App\Role');
+ return Role::find($this->role_id)->name;
}
public function schedule()
diff --git a/database/migrations/2016_04_01_092434_create_roles_table.php b/database/migrations/2016_04_01_092434_create_roles_table.php
index 0b22c92073ff9ad6868a133ea7452c82e31c4a09..dbad67f1be16e12b40234087c52548febd99b11b 100644
--- a/database/migrations/2016_04_01_092434_create_roles_table.php
+++ b/database/migrations/2016_04_01_092434_create_roles_table.php
@@ -3,6 +3,8 @@
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
+use App\Role;
+
class CreateRolesTable extends Migration
{
/**
diff --git a/database/migrations/2016_04_02_172129_create_schedule_table.php b/database/migrations/2016_04_02_172129_create_schedule_table.php
deleted file mode 100644
index d45e5c13abbff3e5254c0716d9b61338878b87ee..0000000000000000000000000000000000000000
--- a/database/migrations/2016_04_02_172129_create_schedule_table.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Database\Migrations\Migration;
-
-class CreateScheduleTable extends Migration
-{
- /**
- * Run the migrations.
- *
- * @return void
- */
- public function up()
- {
- Schema::create('schedule', function(Blueprint $table)
- {
- $table->increments('id');
- $table->integer('id_tps')->unsigned();
- $table->integer('id_user')->unsigned();
- $table->timestamp('time');
- $table->timestamps();
- });
- }
-
- /**
- * Reverse the migrations.
- *
- * @return void
- */
- public function down()
- {
- Schema::drop('schedule');
- }
-}