From 9aae2f1a3f468de5f93b4155a14436af0434f1c8 Mon Sep 17 00:00:00 2001 From: Benjamin Takats Date: Thu, 1 Dec 2022 17:52:08 +0100 Subject: [PATCH] policies updated for super-admin --- app/Models/User.php | 2 ++ app/Policies/CategoryPolicy.php | 12 ++++++------ app/Policies/CountryPolicy.php | 12 ++++++------ app/Policies/RolePolicy.php | 14 +++++++------- app/Policies/TeamPolicy.php | 7 +++---- app/Policies/UserPolicy.php | 14 +++++++------- app/Providers/NovaServiceProvider.php | 8 ++++++++ config/permission.php | 2 +- database/seeders/DatabaseSeeder.php | 1 + 9 files changed, 41 insertions(+), 31 deletions(-) diff --git a/app/Models/User.php b/app/Models/User.php index c31ab2df..a541ac90 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -10,6 +10,7 @@ use Laravel\Fortify\TwoFactorAuthenticatable; use Laravel\Jetstream\HasProfilePhoto; use Laravel\Jetstream\HasTeams; use Laravel\Sanctum\HasApiTokens; +use Spatie\Permission\Traits\HasRoles; class User extends Authenticatable implements MustVerifyEmail { @@ -19,6 +20,7 @@ class User extends Authenticatable implements MustVerifyEmail use HasTeams; use Notifiable; use TwoFactorAuthenticatable; + use HasRoles; /** * The attributes that are mass assignable. diff --git a/app/Policies/CategoryPolicy.php b/app/Policies/CategoryPolicy.php index acd978b8..113aa0e5 100644 --- a/app/Policies/CategoryPolicy.php +++ b/app/Policies/CategoryPolicy.php @@ -30,7 +30,7 @@ class CategoryPolicy */ public function view(User $user, Category $category) { - // + return true; } /** @@ -41,7 +41,7 @@ class CategoryPolicy */ public function create(User $user) { - // + return $user->hasRole('super-admin'); } /** @@ -53,7 +53,7 @@ class CategoryPolicy */ public function update(User $user, Category $category) { - // + return $user->hasRole('super-admin'); } /** @@ -65,7 +65,7 @@ class CategoryPolicy */ public function delete(User $user, Category $category) { - // + return $user->hasRole('super-admin'); } /** @@ -77,7 +77,7 @@ class CategoryPolicy */ public function restore(User $user, Category $category) { - // + return $user->hasRole('super-admin'); } /** @@ -89,6 +89,6 @@ class CategoryPolicy */ public function forceDelete(User $user, Category $category) { - // + return $user->hasRole('super-admin'); } } diff --git a/app/Policies/CountryPolicy.php b/app/Policies/CountryPolicy.php index fb20576f..9a4a0e0f 100644 --- a/app/Policies/CountryPolicy.php +++ b/app/Policies/CountryPolicy.php @@ -30,7 +30,7 @@ class CountryPolicy */ public function view(User $user, Country $country) { - // + return true; } /** @@ -41,7 +41,7 @@ class CountryPolicy */ public function create(User $user) { - // + return $user->hasRole('super-admin'); } /** @@ -53,7 +53,7 @@ class CountryPolicy */ public function update(User $user, Country $country) { - // + return $user->hasRole('super-admin'); } /** @@ -65,7 +65,7 @@ class CountryPolicy */ public function delete(User $user, Country $country) { - // + return $user->hasRole('super-admin'); } /** @@ -77,7 +77,7 @@ class CountryPolicy */ public function restore(User $user, Country $country) { - // + return $user->hasRole('super-admin'); } /** @@ -89,6 +89,6 @@ class CountryPolicy */ public function forceDelete(User $user, Country $country) { - // + return $user->hasRole('super-admin'); } } diff --git a/app/Policies/RolePolicy.php b/app/Policies/RolePolicy.php index 47f7ee9d..26fad856 100644 --- a/app/Policies/RolePolicy.php +++ b/app/Policies/RolePolicy.php @@ -18,7 +18,7 @@ class RolePolicy */ public function viewAny(User $user) { - return true; + return $user->hasRole('super-admin'); } /** @@ -30,7 +30,7 @@ class RolePolicy */ public function view(User $user, Role $role) { - // + return $user->hasRole('super-admin'); } /** @@ -41,7 +41,7 @@ class RolePolicy */ public function create(User $user) { - // + return $user->hasRole('super-admin'); } /** @@ -53,7 +53,7 @@ class RolePolicy */ public function update(User $user, Role $role) { - // + return $user->hasRole('super-admin'); } /** @@ -65,7 +65,7 @@ class RolePolicy */ public function delete(User $user, Role $role) { - // + return $user->hasRole('super-admin'); } /** @@ -77,7 +77,7 @@ class RolePolicy */ public function restore(User $user, Role $role) { - // + return $user->hasRole('super-admin'); } /** @@ -89,6 +89,6 @@ class RolePolicy */ public function forceDelete(User $user, Role $role) { - // + return $user->hasRole('super-admin'); } } diff --git a/app/Policies/TeamPolicy.php b/app/Policies/TeamPolicy.php index f8c91956..d498709d 100644 --- a/app/Policies/TeamPolicy.php +++ b/app/Policies/TeamPolicy.php @@ -19,7 +19,7 @@ class TeamPolicy */ public function viewAny(User $user) { - return true; + return $user->hasRole('super-admin'); } /** @@ -44,7 +44,7 @@ class TeamPolicy */ public function create(User $user) { - return false; + return $user->hasRole('super-admin'); } /** @@ -109,7 +109,6 @@ class TeamPolicy */ public function delete(User $user, Team $team) { - // return $user->ownsTeam($team); - return false; + return $user->hasRole('super-admin'); } } diff --git a/app/Policies/UserPolicy.php b/app/Policies/UserPolicy.php index 550b6e74..a1339b85 100644 --- a/app/Policies/UserPolicy.php +++ b/app/Policies/UserPolicy.php @@ -17,7 +17,7 @@ class UserPolicy */ public function viewAny(User $user) { - return true; + return $user->hasRole('super-admin'); } /** @@ -29,7 +29,7 @@ class UserPolicy */ public function view(User $user, User $model) { - // + return $user->hasRole('super-admin'); } /** @@ -40,7 +40,7 @@ class UserPolicy */ public function create(User $user) { - // + return $user->hasRole('super-admin'); } /** @@ -52,7 +52,7 @@ class UserPolicy */ public function update(User $user, User $model) { - // + return $user->hasRole('super-admin'); } /** @@ -64,7 +64,7 @@ class UserPolicy */ public function delete(User $user, User $model) { - // + return $user->hasRole('super-admin'); } /** @@ -76,7 +76,7 @@ class UserPolicy */ public function restore(User $user, User $model) { - // + return $user->hasRole('super-admin'); } /** @@ -88,6 +88,6 @@ class UserPolicy */ public function forceDelete(User $user, User $model) { - // + return $user->hasRole('super-admin'); } } diff --git a/app/Providers/NovaServiceProvider.php b/app/Providers/NovaServiceProvider.php index 38226de6..b4490b23 100644 --- a/app/Providers/NovaServiceProvider.php +++ b/app/Providers/NovaServiceProvider.php @@ -57,6 +57,14 @@ class NovaServiceProvider extends NovaApplicationServiceProvider ]) ->icon('key') ->collapsable(), + + MenuSection::make(__('nova-spatie-permissions::lang.sidebar_label'), [ + MenuItem::link(__('nova-spatie-permissions::lang.sidebar_label_roles'), 'resources/roles'), + MenuItem::link(__('nova-spatie-permissions::lang.sidebar_label_permissions'), + 'resources/permissions'), + ]) + ->icon('key') + ->collapsable(), ]; }); diff --git a/config/permission.php b/config/permission.php index 5b6e184c..5aeaab7c 100644 --- a/config/permission.php +++ b/config/permission.php @@ -133,7 +133,7 @@ return [ * By default wildcard permission lookups are disabled. */ - 'enable_wildcard_permission' => false, + 'enable_wildcard_permission' => true, 'cache' => [ diff --git a/database/seeders/DatabaseSeeder.php b/database/seeders/DatabaseSeeder.php index 907b65a9..92d40c52 100644 --- a/database/seeders/DatabaseSeeder.php +++ b/database/seeders/DatabaseSeeder.php @@ -38,6 +38,7 @@ class DatabaseSeeder extends Seeder 'remember_token' => Str::random(10), 'is_lecturer' => true, ]); + $user->assignRole('super-admin'); $team = Team::create([ 'name' => 'Admin Team', 'user_id' => $user->id,