Compare commits

...

3 Commits

Author SHA1 Message Date
aslan df05cd21f4 add middleware auth, optimize abort_if
Tests & Lint & Deploy to Railway / build (20.x, 8.2) (push) Successful in 2m2s Details
Tests & Lint & Deploy to Railway / deploy (8.1) (push) Failing after 1m11s Details
2024-01-25 10:51:39 +03:00
aslan 956681c0b3 add middleware auth, optimize abort_if 2024-01-25 10:51:29 +03:00
aslan 52d2073dee delete menu item 2024-01-25 10:50:37 +03:00
3 changed files with 23 additions and 40 deletions

View File

@ -12,6 +12,10 @@ use Illuminate\Support\Facades\Auth;
class ReceptionScreenController extends Controller
{
public function __construct()
{
$this->middleware('auth');
}
public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{
$receptionScreens = ReceptionScreen::all()->sortBy('position');
@ -20,9 +24,8 @@ class ReceptionScreenController extends Controller
public function create(): View
{
if (Auth::guest()) {
abort(403);
}
abort_if(Auth::guest(), 403);
$receptionScreens = ReceptionScreen::all()->sortBy('position');
return view('admin-reception-screen.create', compact('receptionScreens'));
}
@ -39,6 +42,8 @@ class ReceptionScreenController extends Controller
}
public function edit($id)
{
abort_if(Auth::guest(), 403);
$receptionScreen = new ReceptionScreen();
$currentReceptionScreen = $receptionScreen->find($id);
$receptionScreens = $receptionScreen->all()->sortBy('position');

View File

@ -15,26 +15,22 @@ use Illuminate\Support\Str;
class UserController extends Controller
{
public function __construct()
{
$this->middleware('auth');
}
public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
abort_if(!Auth::user('admin'), 403);
$users = User::all();
return view('users.index', compact('users'));
}
public function store(UpdateUserRequest $request): RedirectResponse
{
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
abort_if(!Auth::user('admin'), 403);
$validated = $request->validated();
$user = new User();
@ -48,34 +44,21 @@ class UserController extends Controller
public function create(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
abort_if(!Auth::user('admin'), 403);
return view('users.create');
}
public function edit(User $user): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
{
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
abort_if(!Auth::user('admin'), 403);
return view('users.edit', compact('user'));
}
public function update(UpdateUserRequest $request, User $user): RedirectResponse
{
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
abort_if(!Auth::user('admin'), 403);
$validated = $request->validated();
@ -90,12 +73,8 @@ class UserController extends Controller
public function destroy(User $user): RedirectResponse
{
if (!Auth::user('admin')) {
abort(403, 'У вас нет прав доступа');
}
if (Auth::guest()) {
abort(403, 'Вы не авторизованы!');
}
abort_if(!Auth::user('admin'), 403);
$user->delete();
return redirect()->route('users.index');

View File

@ -50,7 +50,6 @@
<aside class="list-group col-2">
<ul>
<li class="list-group-item"><a href="{{ route('admin-reception-screen.index') }}">Экран Приема</a></li>
<li class="list-group-item"><a href="">Дни открытых дверей</a></li>
@if(!is_null(Auth::getUser()) && Auth::getUser()->name === 'admin')
<li class="list-group-item"></li>
<li class="list-group-item"><a href="{{ route('users.index') }}">Список администраторов</a></li>