add middleware auth, optimize abort_if

This commit is contained in:
aslan 2024-01-25 10:51:39 +03:00
parent 956681c0b3
commit df05cd21f4
1 changed files with 15 additions and 36 deletions

View File

@ -15,26 +15,22 @@ use Illuminate\Support\Str;
class UserController extends Controller class UserController extends Controller
{ {
public function __construct()
{
$this->middleware('auth');
}
public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{ {
if (!Auth::user('admin')) { abort_if(!Auth::user('admin'), 403);
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
$users = User::all(); $users = User::all();
return view('users.index', compact('users')); return view('users.index', compact('users'));
} }
public function store(UpdateUserRequest $request): RedirectResponse public function store(UpdateUserRequest $request): RedirectResponse
{ {
if (Auth::guest()) { abort_if(!Auth::user('admin'), 403);
abort(403, 'Вы не авторизованы!');
}
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
$validated = $request->validated(); $validated = $request->validated();
$user = new User(); $user = new User();
@ -48,34 +44,21 @@ class UserController extends Controller
public function create(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application public function create(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{ {
if (!Auth::user('admin')) { abort_if(!Auth::user('admin'), 403);
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
return view('users.create'); return view('users.create');
} }
public function edit(User $user): View|Application|Factory|\Illuminate\Contracts\Foundation\Application public function edit(User $user): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{ {
if (!Auth::user('admin')) { abort_if(!Auth::user('admin'), 403);
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
return view('users.edit', compact('user')); return view('users.edit', compact('user'));
} }
public function update(UpdateUserRequest $request, User $user): RedirectResponse public function update(UpdateUserRequest $request, User $user): RedirectResponse
{ {
if (!Auth::user('admin')) { abort_if(!Auth::user('admin'), 403);
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
$validated = $request->validated(); $validated = $request->validated();
@ -90,12 +73,8 @@ class UserController extends Controller
public function destroy(User $user): RedirectResponse public function destroy(User $user): RedirectResponse
{ {
if (!Auth::user('admin')) { abort_if(!Auth::user('admin'), 403);
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
$user->delete(); $user->delete();
return redirect()->route('users.index'); return redirect()->route('users.index');