diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index 160e8b5..0c304a3 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -4,16 +4,25 @@ namespace App\Http\Controllers; use App\Http\Requests\UpdateUserRequest; use App\Models\User; +use Illuminate\Auth\Events\PasswordReset; use Illuminate\Contracts\View\Factory; use Illuminate\Contracts\View\View; use Illuminate\Foundation\Application; use Illuminate\Http\RedirectResponse; use Illuminate\Support\Facades\Auth; +use Illuminate\Support\Facades\Hash; +use Illuminate\Support\Str; class UserController extends Controller { public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application { + if (!Auth::user('admin')) { + abort(403, 'У вас нет прав доступа'); + } + if (Auth::guest()) { + abort(403, 'Вы не авторизованы!'); + } $users = User::all(); return view('users.index', compact('users')); } @@ -23,7 +32,9 @@ class UserController extends Controller if (Auth::guest()) { abort(403, 'Вы не авторизованы!'); } - + if (!Auth::user('admin')) { + abort(403, 'У вас нет прав доступа'); + } $validated = $request->validated(); $user = new User(); @@ -37,6 +48,9 @@ class UserController extends Controller public function create(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application { + if (!Auth::user('admin')) { + abort(403, 'У вас нет прав доступа'); + } if (Auth::guest()) { abort(403, 'Вы не авторизованы!'); } @@ -45,6 +59,9 @@ class UserController extends Controller public function edit(User $user): View|Application|Factory|\Illuminate\Contracts\Foundation\Application { + if (!Auth::user('admin')) { + abort(403, 'У вас нет прав доступа'); + } if (Auth::guest()) { abort(403, 'Вы не авторизованы!'); } @@ -53,13 +70,19 @@ class UserController extends Controller public function update(UpdateUserRequest $request, User $user): RedirectResponse { + if (!Auth::user('admin')) { + abort(403, 'У вас нет прав доступа'); + } if (Auth::guest()) { abort(403, 'Вы не авторизованы!'); } $validated = $request->validated(); - $user->fill($validated); + $user->name = $validated['name']; + $user->password = Hash::make($validated['password']); + $user->email = $validated['email']; + $user->remember_token = Str::random(60); $user->save(); return redirect()->route('users.index'); @@ -67,6 +90,12 @@ class UserController extends Controller public function destroy(User $user): RedirectResponse { + if (!Auth::user('admin')) { + abort(403, 'У вас нет прав доступа'); + } + if (Auth::guest()) { + abort(403, 'Вы не авторизованы!'); + } $user->delete(); return redirect()->route('users.index'); diff --git a/app/Http/Requests/StoreUserRequest.php b/app/Http/Requests/StoreUserRequest.php index a17419b..ec4535d 100644 --- a/app/Http/Requests/StoreUserRequest.php +++ b/app/Http/Requests/StoreUserRequest.php @@ -25,7 +25,7 @@ class StoreUserRequest extends FormRequest { return [ 'name' => 'required|unique:users,name|max:255', - 'email' => 'email:rfc,dns', + 'email' => 'email', 'password' => 'required' ]; } diff --git a/app/Http/Requests/UpdateUserRequest.php b/app/Http/Requests/UpdateUserRequest.php index 38d84c2..c4fc40a 100644 --- a/app/Http/Requests/UpdateUserRequest.php +++ b/app/Http/Requests/UpdateUserRequest.php @@ -24,8 +24,8 @@ class UpdateUserRequest extends FormRequest public function rules() { return [ - 'name' => 'required|unique:users,name|max:255', - 'email' => 'email:rfc,dns', + 'name' => 'required|max:255', + 'email' => 'email', 'password' => 'required' ]; } diff --git a/app/Models/User.php b/app/Models/User.php index 7b27eb7..08523d3 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -31,7 +31,6 @@ class User extends Authenticatable * @var array */ protected $hidden = [ - 'password', 'remember_token', ]; diff --git a/resources/views/users/create.blade.php b/resources/views/users/create.blade.php index 3347bdc..64c3105 100644 --- a/resources/views/users/create.blade.php +++ b/resources/views/users/create.blade.php @@ -1,15 +1,17 @@ -@auth() -
-

создать - пользователя

+@extends('layouts.admin-layout') +@section('content') - {{ Form::open(['url' => route('users.store'), 'method' => 'POST', 'class' => 'w-50']) }} -
+@auth() +
+

Создать администратора

+ + {{ Form::open(['url' => route('users.store'), 'method' => 'POST', 'class' => '']) }} +
{{ Form::label('name', 'Логин') }}
- {{ Form::text('name', '', ['class' => 'form-control rounded border-gray-300 w-1/3']) }} + {{ Form::text('name', '', ['class' => 'form-control']) }}
@if ($errors->any()) @@ -21,7 +23,7 @@ {{ Form::label('email', 'электронная почта') }}
- {{ Form::text('email', '', ['class' => 'form-control rounded border-gray-300 w-1/3']) }} + {{ Form::text('email', '', ['class' => 'form-control']) }}
@if ($errors->any()) @@ -33,7 +35,7 @@ {{ Form::label('password', 'Пароль') }}
- {{ Form::text('password', '', ['class' => 'form-control rounded border-gray-300 w-1/3']) }} + {{ Form::text('password', '', ['class' => 'form-control']) }}
@if ($errors->any()) @@ -42,9 +44,10 @@
- {{ Form::submit('создать', ['class' => 'bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded']) }} + {{ Form::submit('создать', ['class' => 'btn btn-primary']) }}
{{ Form::close() }}
@endauth +@endsection diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php index d61f84b..6bc75da 100644 --- a/resources/views/users/edit.blade.php +++ b/resources/views/users/edit.blade.php @@ -1,15 +1,18 @@ -@auth() -
-

Изменить - пользователя

+@extends('layouts.admin-layout') +@section('content') - {{ Form::open(['url' => route('users.update', $user), 'method' => 'PATCH', 'class' => 'w-50']) }} -
+@auth() +
+

Изменить Администратора

+
+
+ {{ Form::open(['url' => route('users.update', $user), 'method' => 'PATCH', 'class' => '']) }} +
{{ Form::label('name', 'Логин') }}
- {{ Form::text('name', $user->name, ['class' => 'form-control rounded border-gray-300 w-1/3']) }} + {{ Form::text('name', $user->name, ['class' => 'form-control']) }}
@if ($errors->any()) @@ -21,7 +24,7 @@ {{ Form::label('email', 'электронная почта') }}
- {{ Form::text('email', $user->email, ['class' => 'form-control rounded border-gray-300 w-1/3']) }} + {{ Form::text('email', $user->email, ['class' => 'form-control']) }}
@if ($errors->any()) @@ -33,7 +36,7 @@ {{ Form::label('password', 'Пароль') }}
- {{ Form::text('password', '', ['class' => 'form-control rounded border-gray-300 w-1/3']) }} + {{ Form::text('password', '', ['class' => 'form-control']) }}
@if ($errors->any()) @@ -42,9 +45,10 @@
- {{ Form::submit('изменить', ['class' => 'bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded']) }} + {{ Form::submit('изменить', ['class' => 'btn btn-primary']) }}
{{ Form::close() }}
@endauth +@endsection diff --git a/resources/views/users/index.blade.php b/resources/views/users/index.blade.php index 17400e7..0f68246 100644 --- a/resources/views/users/index.blade.php +++ b/resources/views/users/index.blade.php @@ -1,30 +1,29 @@ @extends('layouts.admin-layout') @section('content')
-

список пользователей

+

список Администраторов

+
+ Создать администратора

- создать пользователя -
-
- +
- - - - + + + + @foreach($users as $user) - + - -
idnameemailдействияidnameemailдействия
{{ $user->id }}{{ $user->id }} {{ $user->name }} {{ $user->email }}редактировать + редактировать + удалить