diff --git a/app/Http/Controllers/AdminController.php b/app/Http/Controllers/AdminController.php index 911084c0..cff7f589 100644 --- a/app/Http/Controllers/AdminController.php +++ b/app/Http/Controllers/AdminController.php @@ -15,8 +15,6 @@ class AdminController extends Controller public function __construct() { $this->middleware('auth'); - - dd(Auth::user()->getAcces(2)); } /** diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 3439540c..76785d61 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -59,5 +59,7 @@ class Kernel extends HttpKernel 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, + 'staff' => \App\Http\Middleware\AccesStaff::class, + 'admin' => \App\Http\Middleware\AccesAdmin::class, ]; } diff --git a/app/Http/Middleware/AccesAdmin.php b/app/Http/Middleware/AccesAdmin.php new file mode 100644 index 00000000..71770222 --- /dev/null +++ b/app/Http/Middleware/AccesAdmin.php @@ -0,0 +1,24 @@ +getAcces(2) == false) { + abort(401); + } + + return $next($request); + } +} diff --git a/app/Http/Middleware/AccesStaff.php b/app/Http/Middleware/AccesStaff.php new file mode 100644 index 00000000..03c0dea6 --- /dev/null +++ b/app/Http/Middleware/AccesStaff.php @@ -0,0 +1,23 @@ +getAcces(1) == false) { + abord(401); + } + return $next($request); + } +} diff --git a/app/User.php b/app/User.php index 7a3ecab5..17296c45 100644 --- a/app/User.php +++ b/app/User.php @@ -74,7 +74,7 @@ class User extends Authenticatable $perm_value = 0; } - dd($perm_value); + return $perm_value; } public function getAcces($level) @@ -84,7 +84,7 @@ class User extends Authenticatable $rank_perm_value = $rank->acces_level; $job_perm_value = $job->acces_level; - $user_perm_value = $this->acces_level + $user_perm_value = $this->acces_level; if ($user_perm_value >= $level ) { $perm_value = true; @@ -95,7 +95,6 @@ class User extends Authenticatable } else { $perm_value = false; } - - return boolean $perm_value; + return $perm_value; } } diff --git a/database/migrations/2014_10_12_000000_create_users_table.php b/database/migrations/2014_10_12_000000_create_users_table.php index 187f2cdd..85278a53 100644 --- a/database/migrations/2014_10_12_000000_create_users_table.php +++ b/database/migrations/2014_10_12_000000_create_users_table.php @@ -27,21 +27,21 @@ class CreateUsersTable extends Migration $table->string('sexe'); $table->string('job')->default(6); $table->integer('acces_level')->default(0); - $table->boolean('schedule_see')->default(0); - $table->boolean('schedule_edit')->default(0); - $table->boolean('schedule_notify')->default(0); - $table->boolean('message_see')->default(0); - $table->boolean('message_edit')->default(0); - $table->boolean('message_notify')->default(0); - $table->boolean('paper_edit')->default(0); - $table->boolean('paper_publish')->default(0); - $table->boolean('paper_notify')->default(0); - $table->boolean('inventory_see')->default(0); - $table->boolean('inventory_edit')->default(0); - $table->boolean('inventory_notify')->default(0); - $table->boolean('user_see')->default(0); - $table->boolean('user_edit')->default(0); - $table->boolean('user_notify')->default(0); + $table->string('schedule_see')->default(0); + $table->string('schedule_edit')->default(0); + $table->string('schedule_notify')->default(0); + $table->string('message_see')->default(0); + $table->string('message_edit')->default(0); + $table->string('message_notify')->default(0); + $table->string('paper_edit')->default(0); + $table->string('paper_publish')->default(0); + $table->string('paper_notify')->default(0); + $table->string('inventory_see')->default(0); + $table->string('inventory_edit')->default(0); + $table->string('inventory_notify')->default(0); + $table->string('user_see')->default(0); + $table->string('user_edit')->default(0); + $table->string('user_notify')->default(0); $table->string('api_token', 60)->unique()->default(str_random(60)); $table->rememberToken(); $table->timestamps(); diff --git a/database/seeds/RanksTableSeeder.php b/database/seeds/RanksTableSeeder.php index bb190fab..e5ca8a9c 100644 --- a/database/seeds/RanksTableSeeder.php +++ b/database/seeds/RanksTableSeeder.php @@ -147,7 +147,7 @@ class RanksTableSeeder extends Seeder ], [ 'name' => "Adjudant 2e Classe", - 'acces_level' => '1', + 'acces_level' => '2', 'schedule_see' => true, 'schedule_edit' => false, 'schedule_notify' => false, @@ -166,7 +166,7 @@ class RanksTableSeeder extends Seeder ], [ 'name' => "Adjudant 1er Classe", - 'acces_level' => '1', + 'acces_level' => '2', 'schedule_see' => true, 'schedule_edit' => true, 'schedule_notify' => true, diff --git a/resources/views/admin/update.blade.php b/resources/views/admin/update.blade.php index 86506d98..b232b269 100644 --- a/resources/views/admin/update.blade.php +++ b/resources/views/admin/update.blade.php @@ -2,6 +2,51 @@ @section('content') + +
+ ALPHA 3.0.2STABLE ALPHA +
+
+

+ Nouveauté +

+

+
+

+ Back End & API +

+

+
+

+ Correction de bug +

+

+ 2018-05-09 13:20 +
+
ALPHA 3.0.1eUNSTABLE ALPHA diff --git a/resources/views/errors/401.blade.php b/resources/views/errors/401.blade.php new file mode 100644 index 00000000..c6aa79dc --- /dev/null +++ b/resources/views/errors/401.blade.php @@ -0,0 +1,90 @@ + + + + + + Error + + + + + + + + +
+
+
+

401

+
+
+ + +
+
+ Oups ... Vous n'avez pas l'autorisation de venir ici {{ $exception->getMessage() }}
+
+
+ + + \ No newline at end of file diff --git a/routes/api.php b/routes/api.php index 98397bdd..14c0fcdb 100644 --- a/routes/api.php +++ b/routes/api.php @@ -17,11 +17,6 @@ Route::middleware('auth:api')->group(function () { return $request->user(); }); - Route::get('/user/perm/{id}', function($id) { - $user = \App\User::find($id); - return $user->getPerm("schedule_edit"); - }); - /* Calendar Route */ Route::post('/calendar/generate', 'CalendarController@generate'); Route::post('/calendar/loadDay', 'CalendarController@load'); @@ -34,3 +29,8 @@ Route::middleware('auth:api')->group(function () { Route::post('/user/delete', 'UserController@destroy'); }); + +Route::get('/user/perm/{id}', function($id) { + $user = \App\User::find($id); + return $user->getPerm("schedule_edit"); +}); diff --git a/routes/web.php b/routes/web.php index 747e7a04..68145c28 100644 --- a/routes/web.php +++ b/routes/web.php @@ -19,30 +19,32 @@ Route::get('/', function () { return view('public'); }); -/* Espace Administration Route */ -Route::get('/admin', 'AdminController@index')->name('admin'); -Route::get('/admin/update', 'AdminController@update'); +Route::middleware(['auth','admin'])->group(function () { -Route::get('/admin/calendar', 'CalendarController@index'); + /* Espace Administration Route */ + Route::get('/admin', 'AdminController@index')->name('admin'); + Route::get('/admin/update', 'AdminController@update'); -Route::get('/admin/calendar/add/{date}', ['uses' =>'CalendarController@add']); -Route::get('/admin/calendar/edit/{id}', ['uses' =>'CalendarController@edit']); + Route::get('/admin/calendar', 'CalendarController@index'); -Route::post('/admin/calendar/add', 'CalendarController@store'); -Route::patch('/admin/calendar/edit/{id}', ['uses' =>'CalendarController@patch']); + Route::get('/admin/calendar/add/{date}', ['uses' =>'CalendarController@add']); + Route::get('/admin/calendar/edit/{id}', ['uses' =>'CalendarController@edit']); -Route::get('/admin/stats/log' , 'LogController@index'); + Route::post('/admin/calendar/add', 'CalendarController@store'); + Route::patch('/admin/calendar/edit/{id}', ['uses' =>'CalendarController@patch']); -Route::get('/admin/message' , 'MessageController@index'); -Route::get('/admin/message/add' , 'MessageController@create'); -Route::post('/admin/message/add' , 'MessageController@store'); -Route::get('/admin/message/{id}', ['uses' =>'MessageController@show']); + Route::get('/admin/stats/log' , 'LogController@index'); -Route::get('/admin/user' , 'UserController@index'); + Route::get('/admin/message' , 'MessageController@index'); + Route::get('/admin/message/add' , 'MessageController@create'); + Route::post('/admin/message/add' , 'MessageController@store'); + Route::get('/admin/message/{id}', ['uses' =>'MessageController@show']); -Route::get('/admin/config/job' , 'JobController@index'); + Route::get('/admin/user' , 'UserController@index'); + Route::get('/admin/config/job' , 'JobController@index'); +}); /* Other Route */ Route::get('/test', function () {