From 7f59cdd04b3d8a1b5c3e5fae90f1da8d9aeed62c Mon Sep 17 00:00:00 2001
From: Kurniandha Sukma Yunastrian <13516106@std.stei.itb.ac.id>
Date: Fri, 8 May 2020 01:02:19 +0700
Subject: [PATCH] fix role permission show grade

---
 app/Http/Controllers/CourseController.php | 4 ++++
 resources/views/course.blade.php          | 6 ++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/CourseController.php b/app/Http/Controllers/CourseController.php
index 64c4694..d2ae817 100644
--- a/app/Http/Controllers/CourseController.php
+++ b/app/Http/Controllers/CourseController.php
@@ -145,6 +145,10 @@ class CourseController extends Controller
      * @return grade
      */
     public function grade($id_course) {
+        if (Auth::user()->role == 0) {
+            return redirect()->route('course', ['id_course' => $id_course, 'msg' => 6]);
+        }
+
         $enrolled_id = DB::table('user_course')->where('id_course', $id_course)->pluck('id_user');
 
         $topics = DB::table('topics')->where('id_course', $id_course)->get();
diff --git a/resources/views/course.blade.php b/resources/views/course.blade.php
index 4c11870..6567eac 100644
--- a/resources/views/course.blade.php
+++ b/resources/views/course.blade.php
@@ -255,8 +255,10 @@
                     @foreach($students as $student)
                         {{ $student }} <br/>
                     @endforeach
-                    <br/>
-                    <a href="<?php echo $topic->id_course; ?>/grade" class="btn btn-primary" role="button">Lihat Nilai</a>
+                    @if(Auth::user()->role == 1)
+                        <br/>
+                        <a href="<?php echo $topic->id_course; ?>/grade" class="btn btn-primary" role="button">Lihat Nilai</a>
+                    @endif
                 </div>
             </div>
         </div>
-- 
GitLab