Skip to content

Commit

Permalink
feat: access control
Browse files Browse the repository at this point in the history
  • Loading branch information
@blt950
blt950 committed Oct 5, 2023
1 parent 52c81b1 commit e48be89
Show file tree
Hide file tree
Showing 4 changed files with 92 additions and 26 deletions.
29 changes: 24 additions & 5 deletions app/Http/Controllers/TaskController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

use App\Helpers\TaskStatus;
use App\Models\Task;
use App\Models\User;
use App\Rules\ValidTaskType;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\File;
Expand All @@ -17,6 +18,9 @@ class TaskController extends Controller
*/
public function index($activeFilter = null)
{

$this->authorize('update', Task::class);

$user = auth()->user();

if ($activeFilter == 'sent') {
Expand All @@ -36,6 +40,8 @@ public function index($activeFilter = null)
public function store(Request $request)
{

$this->authorize('create', Task::class);

$data = $request->validate([
'type' => ['required', new ValidTaskType],
'message' => 'sometimes|min:3|max:256',
Expand All @@ -47,13 +53,22 @@ public function store(Request $request)
$data['sender_user_id'] = auth()->user()->id;
$data['created_at'] = now();

// Create the model
$task = Task::create($data);
// Check if recipient is mentor or above
$recipient = User::findOrFail($data['recipient_user_id']);

// Run the create method on the task type to trigger type specific actions on creation
$task->type()->create($task);
// Policy check if recpient can recieve a task
if ($recipient->can('receive', Task::class)) {
// Create the model
$task = Task::create($data);

// Run the create method on the task type to trigger type specific actions on creation
$task->type()->create($task);

return redirect()->back()->with('success', 'Task created successfully.');
}

return redirect()->back()->withErrors('Recipient is not allowed to receive tasks.');

return redirect()->back()->with('success', 'Task created successfully.');
}

/**
Expand All @@ -64,6 +79,8 @@ public function store(Request $request)
public function complete(Request $request, int $task)
{

$this->authorize('update', Task::class);

$task = Task::findOrFail($task);

$task->status = TaskStatus::COMPLETED->value;
Expand All @@ -84,6 +101,8 @@ public function complete(Request $request, int $task)
public function decline(Request $request, int $task)
{

$this->authorize('update', Task::class);

$task = Task::findOrFail($task);

$task->status = TaskStatus::DECLINED->value;
Expand Down
41 changes: 41 additions & 0 deletions app/Policies/TaskPolicy.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
<?php

namespace App\Policies;

use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class TaskPolicy
{
use HandlesAuthorization;

/**
* Determine whether the user can create bookings.
*
* @return bool
*/
public function create(User $user)
{
return $user->isMentorOrAbove();
}

/**
* Determine whether the user can update the task.
*
* @return bool
*/
public function update(User $user)
{
return $user->isMentorOrAbove();
}

/**
* Determine if user is able to receive a task
*
* @return bool
*/
public function receive(User $user)
{
return $user->isMentorOrAbove();
}
}
20 changes: 11 additions & 9 deletions resources/views/layouts/sidebar.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,17 @@
<span>Dashboard</span></a>
</li>

<li class="nav-item {{ Route::is('tasks') ? 'active' : '' }}">
<a class="nav-link" href="{{ route('tasks') }}">
<i class="fas fa-fw fa-list"></i>
<span>Tasks</span>
@if(\Auth::user()->tasks->count())
<span class="badge text-bg-danger">{{ \Auth::user()->tasks->count() }}</span>
@endif
</a>
</li>
@can('update', [\App\Models\Task::class])
<li class="nav-item {{ Route::is('tasks') ? 'active' : '' }}">
<a class="nav-link" href="{{ route('tasks') }}">
<i class="fas fa-fw fa-list"></i>
<span>Tasks</span>
@if(\Auth::user()->tasks->count())
<span class="badge text-bg-danger">{{ \Auth::user()->tasks->count() }}</span>
@endif
</a>
</li>
@endcan

@can('view', \App\Models\Booking::class)
<li class="nav-item {{ Route::is('booking*') ? 'active' : '' }}">
Expand Down
28 changes: 16 additions & 12 deletions resources/views/training/show.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,19 +47,23 @@
@endif
@endforeach
</h6>
<button class="btn btn-light btn-icon dropdown-toggle" type="button" id="dropdownMenuButton" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-hand"></i> Request
</button>
<div class="dropdown">
<div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
@foreach($requestTypes as $requestType)
<button class="dropdown-item" data-bs-toggle="modal" data-bs-target="#{{ Str::camel($requestType->getName()) }}">
<i class="fas {{ $requestType->getIcon() }}"></i>&nbsp;
{{ $requestType->getName() }}
</button>
@endforeach

@can('create', [\App\Models\Task::class])
<button class="btn btn-light btn-icon dropdown-toggle" type="button" id="dropdownMenuButton" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-hand"></i> Request
</button>
<div class="dropdown">
<div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
@foreach($requestTypes as $requestType)
<button class="dropdown-item" data-bs-toggle="modal" data-bs-target="#{{ Str::camel($requestType->getName()) }}">
<i class="fas {{ $requestType->getIcon() }}"></i>&nbsp;
{{ $requestType->getName() }}
</button>
@endforeach
</div>
</div>
</div>
@endcan

</div>
<div class="card-body">
<dl class="copyable">
Expand Down

0 comments on commit e48be89

Please sign in to comment.