allowed login models and update of login controller
This commit is contained in:
@@ -14,7 +14,7 @@ class AdminController extends Controller
|
||||
{
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:Admin');
|
||||
$this->middleware('permission:role.admin');
|
||||
}
|
||||
|
||||
public function displayDashboard() {
|
||||
|
||||
@@ -21,7 +21,7 @@ class DashboardController extends Controller
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:Guest');
|
||||
$this->middleware('permission:role.guest');
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -14,7 +14,7 @@ class EsiScopeController extends Controller
|
||||
{
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:User');
|
||||
$this->middleware('permission:role.user');
|
||||
}
|
||||
|
||||
public function displayScopes() {
|
||||
|
||||
@@ -8,7 +8,7 @@ class FinancesController extends Controller
|
||||
{
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:Admin');
|
||||
$this->middleware('permission:role.admin');
|
||||
}
|
||||
|
||||
public function displayFinances() {
|
||||
|
||||
@@ -24,7 +24,7 @@ class FleetsController extends Controller
|
||||
*/
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:User');
|
||||
$this->middleware('permission:role.user');
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -18,7 +18,7 @@ class MoonsAdminController extends Controller
|
||||
{
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:Admin');
|
||||
$this->middleware('permission:role.admin');
|
||||
}
|
||||
|
||||
public function showJournalEntries() {
|
||||
|
||||
@@ -14,7 +14,7 @@ class MoonsController extends Controller
|
||||
{
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:User');
|
||||
$this->middleware('permission:role.user');
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -15,7 +15,7 @@ class WikiController extends Controller
|
||||
{
|
||||
public function __construct() {
|
||||
$this->middleware('auth');
|
||||
$this->middleware('role:User');
|
||||
$this->middleware('permission:role.user');
|
||||
}
|
||||
|
||||
public function displayRegister() {
|
||||
|
||||
@@ -19,7 +19,7 @@ class RequirePermission
|
||||
public function handle($request, Closure $next, $permission)
|
||||
{
|
||||
$confirmed = false;
|
||||
/*
|
||||
|
||||
if(strpos($permission, 'role.')) {
|
||||
$confirmed = $this->CheckRole($permission);
|
||||
} else {
|
||||
@@ -29,12 +29,6 @@ class RequirePermission
|
||||
if($confirmed === false) {
|
||||
abort(403, "You don't have permission to access this area.");
|
||||
}
|
||||
*/
|
||||
|
||||
$check = UserPermission::where(['character_id' => auth()->user()->character_id, 'permission' => $permission])->get(['permission']);
|
||||
if(!isset($check[0]->permission)) {
|
||||
abort(403, "You don't have permission to access this area.");
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
@@ -1,47 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use DB;
|
||||
|
||||
use App\Models\User\UserPermission;
|
||||
|
||||
class RequireRole
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next, $role)
|
||||
{
|
||||
$confirmed = false;
|
||||
$ranking = [
|
||||
'role.none' => 0,
|
||||
'role.guest' => 1,
|
||||
'role.user' => 2,
|
||||
'role.director' => 3,
|
||||
'role.admin' => 4,
|
||||
];
|
||||
//Using eloquent let's get the roles for the character
|
||||
$check = UserPermission::where(['character_id' => auth()->user()->character_id, 'permission' => $role])->get(['permission']);
|
||||
|
||||
if(!isset($check[0]->role)) {
|
||||
abort(403, "You don't have permissions to access this area!");
|
||||
}
|
||||
|
||||
if($ranking[$check[0]->role] === $ranking[$role]) {
|
||||
$confirmed = true;
|
||||
}
|
||||
if($ranking[$check[0]->role] >= $ranking[$role]) {
|
||||
$confirmed = true;
|
||||
}
|
||||
|
||||
abort_unless(auth()->check() && $confirmed, 403, "You don't have permissions to access this area!");
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user