forked from aslan/applicant-site
prodV1 #2
|
@ -4,6 +4,9 @@ APP_KEY=
|
|||
APP_DEBUG=true
|
||||
APP_URL=http://localhost
|
||||
|
||||
ADMIN_NAME=admin
|
||||
ADMIN_EMAIL=test@example.com
|
||||
|
||||
LOG_CHANNEL=stack
|
||||
LOG_DEPRECATIONS_CHANNEL=null
|
||||
LOG_LEVEL=debug
|
||||
|
|
|
@ -15,6 +15,11 @@ use Illuminate\Support\Str;
|
|||
|
||||
class UserController extends Controller
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->authorizeResource(User::class, 'user');
|
||||
}
|
||||
|
||||
public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
|
||||
{
|
||||
abort_if(Auth::user()->name !== 'admin', 403);
|
||||
|
|
|
@ -0,0 +1,65 @@
|
|||
<?php
|
||||
|
||||
namespace App\Policies;
|
||||
|
||||
use App\Models\User;
|
||||
use Illuminate\Auth\Access\Response;
|
||||
|
||||
class UserPolicy
|
||||
{
|
||||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*/
|
||||
public function viewAny(User $user): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can view the model.
|
||||
*/
|
||||
public function view(User $user, User $model): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can create models.
|
||||
*/
|
||||
public function create(User $user): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*/
|
||||
public function update(User $user, User $model): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*/
|
||||
public function delete(User $user, User $model): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can restore the model.
|
||||
*/
|
||||
public function restore(User $user, User $model): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can permanently delete the model.
|
||||
*/
|
||||
public function forceDelete(User $user, User $model): bool
|
||||
{
|
||||
return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
|
||||
}
|
||||
}
|
|
@ -3,6 +3,8 @@
|
|||
namespace App\Providers;
|
||||
|
||||
// use Illuminate\Support\Facades\Gate;
|
||||
use App\Models\User;
|
||||
use App\Policies\UserPolicy;
|
||||
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
||||
|
||||
class AuthServiceProvider extends ServiceProvider
|
||||
|
@ -13,7 +15,7 @@ class AuthServiceProvider extends ServiceProvider
|
|||
* @var array<class-string, class-string>
|
||||
*/
|
||||
protected $policies = [
|
||||
//
|
||||
User::class => UserPolicy::class,
|
||||
];
|
||||
|
||||
/**
|
||||
|
|
|
@ -185,4 +185,6 @@ return [
|
|||
// 'Example' => App\Facades\Example::class,
|
||||
])->toArray(),
|
||||
|
||||
'admin_name' => env('ADMIN_NAME'),
|
||||
'admin_email' => env('ADMIN_EMAIL')
|
||||
];
|
||||
|
|
|
@ -13,8 +13,8 @@ class DatabaseSeeder extends Seeder
|
|||
public function run(): void
|
||||
{
|
||||
User::factory()->create([
|
||||
'name' => 'admin',
|
||||
'email' => 'test@example.com',
|
||||
'name' => config('app.admin_name'),
|
||||
'email' => config('app.admin_email'),
|
||||
'password' => 123456
|
||||
]);
|
||||
|
||||
|
|
Loading…
Reference in New Issue