diff --git a/app/Http/Controllers/Admin/RoleController.php b/app/Http/Controllers/Admin/RoleController.php new file mode 100644 index 00000000..22a8c113 --- /dev/null +++ b/app/Http/Controllers/Admin/RoleController.php @@ -0,0 +1,190 @@ +ajax()) { + return $this->dataTableQuery(); + } + + $html = $this->dataTable(); + return view('admin.roles.index', compact('html')); + } + + /** + * Show the form for creating a new resource. + * + * @return Application|Factory|View + */ + public function create() + { + + $permissions = Permission::all(); + + return view('admin.roles.edit', compact('permissions')); + } + + /** + * Store a newly created resource in storage. + * + * @return RedirectResponse + */ + public function store(Request $request): RedirectResponse + { + $role = Role::create([ + 'name' => $request->name, + 'color' => $request->color + ]); + + if ($request->permissions) { + $role->givePermissionTo($request->permissions); + } + + return redirect() + ->route('admin.roles.index') + ->with('success', __('Role saved')); + } + + /** + * Display the specified resource. + */ + public function show() + { + abort(404); + } + + /** + * Show the form for editing the specified resource. + * + * @param Role $role + * @return Application|Factory|View + */ + public function edit(Role $role) + { + + $permissions = Permission::all(); + + return view('admin.roles.edit', compact('role', 'permissions')); + } + + /** + * Update the specified resource in storage. + * + * @param Role $role + * @return RedirectResponse + */ + public function update(Request $request, Role $role) + { + if ($request->permissions) { + if($role->id != 1){ //disable admin permissions change + $role->syncPermissions($request->permissions); + } + } + + if($role->id == 3 || $role->id == 1 || $role->id == 4){ //dont let the user change the names of these roles + $role->update([ + 'color' => $request->color + ]); + }else{ + $role->update([ + 'name' => $request->name, + 'color' => $request->color + ]); + } + + if($role->id == 1){ + return redirect()->route('admin.roles.index')->with('success', __('Role updated. Name and Permissions of this Role cannot be changed')); + }elseif($role->id == 4 || $role->id == 3){ + return redirect()->route('admin.roles.index')->with('success', __('Role updated. Name of this Role cannot be changed')); + }else{ + return redirect() + ->route('admin.roles.index') + ->with('success', __('Role saved')); + } + } + + /** + * Remove the specified resource from storage. + * + * @return RedirectResponse + */ + public function destroy(Role $role) + { + + if($role->id == 3 || $role->id == 1 || $role->id == 2){ //cannot delete the hard coded roles + return back()->with("error","You cannot delete that role"); + } + + $users = User::role($role)->get(); + + foreach($users as $user){ + $user->syncRoles(['Member']); + } + + $role->delete(); + + return redirect() + ->route('admin.roles.index') + ->with('success', __('Role removed')); + } + + /** + * @return mixed + * @throws Exception + */ + public function dataTable() + { + $query = Role::query()->withCount(['users', 'permissions']); + + + return datatables($query) + ->addColumn('actions', function (Role $role) { + return ' + +
+ ' . csrf_field() . ' + ' . method_field("DELETE") . ' + +
+ '; + }) + + ->editColumn('name', function (Role $role) { + return "color\">$role->name"; + }) + ->editColumn('usercount', function ($query) { + return $query->users_count; + }) + ->editColumn('permissionscount', function ($query){ + return $query->permissions_count; + }) + ->rawColumns(['actions', 'name']) + ->make(true); + } +} diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php index 4dfcb219..a7e494a9 100644 --- a/app/Http/Controllers/Admin/UserController.php +++ b/app/Http/Controllers/Admin/UserController.php @@ -166,7 +166,7 @@ class UserController extends Controller */ public function destroy(User $user) { - if ($user->role === 'admin' && User::query()->where('role', 'admin')->count() === 1) { + if ($user->hasRole("Admin") && User::query()->where('role', 'admin')->count() === 1) { return redirect()->back()->with('error', __('You can not delete the last admin!')); } diff --git a/app/Http/Controllers/Controller.php b/app/Http/Controllers/Controller.php index a0a2a8a3..49d02049 100644 --- a/app/Http/Controllers/Controller.php +++ b/app/Http/Controllers/Controller.php @@ -2,12 +2,44 @@ namespace App\Http\Controllers; +use App\Models\User; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Foundation\Bus\DispatchesJobs; use Illuminate\Foundation\Validation\ValidatesRequests; use Illuminate\Routing\Controller as BaseController; +use Illuminate\Support\Facades\Auth; class Controller extends BaseController { use AuthorizesRequests, DispatchesJobs, ValidatesRequests; + /** + * Check if user has permissions + * Abort 403 if the user doesn't have the required permission + * + * @param string $permission + * @return void + */ + public function checkPermission(string $permission) + { + /** @var User $user */ + $user = Auth::user(); + + if (!$user->can($permission)) { + abort(403, __('User does not have the right permissions.')); + } + } + + /** + * Check if user has permissions + * + * @param string $permission + * @return bool + */ + public function can(string $permission): bool + { + /** @var User $user */ + $user = Auth::user(); + + return $user->can($permission); + } } diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index b3156f96..5c4293ae 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -57,7 +57,7 @@ class ProfileController extends Controller public function selfDestroyUser() { $user = Auth::user(); - if ($user->role == "admin") return back()->with("error", "You cannot delete yourself as an admin!"); + if ($user->hasRole("Admin")) return back()->with("error", "You cannot delete yourself as an admin!"); $user->delete(); diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 3e372e09..a6fb149b 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -27,6 +27,7 @@ class Kernel extends HttpKernel \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, + ]; /** @@ -76,5 +77,9 @@ class Kernel extends HttpKernel 'moderator' => isMod::class, 'api.token' => ApiAuthToken::class, 'checkSuspended' => CheckSuspended::class, + 'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, + 'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class, + 'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class, ]; + } diff --git a/app/Http/Middleware/isAdmin.php b/app/Http/Middleware/isAdmin.php index 3dbb4957..1bf4f55a 100644 --- a/app/Http/Middleware/isAdmin.php +++ b/app/Http/Middleware/isAdmin.php @@ -18,7 +18,7 @@ class isAdmin */ public function handle(Request $request, Closure $next) { - if (Auth::user() && Auth::user()->role == 'admin') { + if (Auth::user() && Auth::user()->hasRole("Admin")) { return $next($request); } diff --git a/app/Http/Middleware/isMod.php b/app/Http/Middleware/isMod.php index c9120719..8c5453a2 100644 --- a/app/Http/Middleware/isMod.php +++ b/app/Http/Middleware/isMod.php @@ -18,7 +18,7 @@ class isMod */ public function handle(Request $request, Closure $next) { - if (Auth::user() && Auth::user()->role == 'moderator' || Auth::user() && Auth::user()->role == 'admin') { + if (Auth::user() && Auth::user()->role == 'moderator' || Auth::user() && Auth::user()->hasRole("Admin")) { return $next($request); } diff --git a/app/Models/User.php b/app/Models/User.php index 9584bd3d..d25a7100 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -18,13 +18,14 @@ use Illuminate\Notifications\Notifiable; use Spatie\Activitylog\LogOptions; use Spatie\Activitylog\Traits\CausesActivity; use Spatie\Activitylog\Traits\LogsActivity; +use Spatie\Permission\Traits\HasRoles; /** * Class User */ class User extends Authenticatable implements MustVerifyEmail { - use HasFactory, Notifiable, LogsActivity, CausesActivity; + use HasFactory, Notifiable, LogsActivity, CausesActivity, HasRoles; private PterodactylClient $pterodactyl; diff --git a/composer.json b/composer.json index 7a4a1e64..b316eec1 100644 --- a/composer.json +++ b/composer.json @@ -26,6 +26,7 @@ "qirolab/laravel-themer": "^2.0.2", "socialiteproviders/discord": "^4.1.2", "spatie/laravel-activitylog": "^4.7.3", + "spatie/laravel-permission": "^5.10", "spatie/laravel-query-builder": "^5.1.2", "spatie/laravel-settings": "^2.7", "spatie/laravel-validation-rules": "^3.2.2", diff --git a/composer.lock b/composer.lock index 96825a92..3f224c0c 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "0d007fe2e018692a9ff3d50fcbebabc5", + "content-hash": "8a9b4a3cda2a919fa33f41527b679dce", "packages": [ { "name": "aws/aws-crt-php", @@ -5160,6 +5160,88 @@ ], "time": "2023-04-27T08:09:01+00:00" }, + { + "name": "spatie/laravel-permission", + "version": "5.10.1", + "source": { + "type": "git", + "url": "https://github.com/spatie/laravel-permission.git", + "reference": "d08b3ffc5870cce4a47a39f22174947b33c191ae" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/spatie/laravel-permission/zipball/d08b3ffc5870cce4a47a39f22174947b33c191ae", + "reference": "d08b3ffc5870cce4a47a39f22174947b33c191ae", + "shasum": "" + }, + "require": { + "illuminate/auth": "^7.0|^8.0|^9.0|^10.0", + "illuminate/container": "^7.0|^8.0|^9.0|^10.0", + "illuminate/contracts": "^7.0|^8.0|^9.0|^10.0", + "illuminate/database": "^7.0|^8.0|^9.0|^10.0", + "php": "^7.3|^8.0" + }, + "require-dev": { + "orchestra/testbench": "^5.0|^6.0|^7.0|^8.0", + "phpunit/phpunit": "^9.4", + "predis/predis": "^1.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "5.x-dev", + "dev-master": "5.x-dev" + }, + "laravel": { + "providers": [ + "Spatie\\Permission\\PermissionServiceProvider" + ] + } + }, + "autoload": { + "files": [ + "src/helpers.php" + ], + "psr-4": { + "Spatie\\Permission\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Freek Van der Herten", + "email": "freek@spatie.be", + "homepage": "https://spatie.be", + "role": "Developer" + } + ], + "description": "Permission handling for Laravel 6.0 and up", + "homepage": "https://github.com/spatie/laravel-permission", + "keywords": [ + "acl", + "laravel", + "permission", + "permissions", + "rbac", + "roles", + "security", + "spatie" + ], + "support": { + "issues": "https://github.com/spatie/laravel-permission/issues", + "source": "https://github.com/spatie/laravel-permission/tree/5.10.1" + }, + "funding": [ + { + "url": "https://github.com/spatie", + "type": "github" + } + ], + "time": "2023-04-12T17:08:32+00:00" + }, { "name": "spatie/laravel-query-builder", "version": "5.2.0", diff --git a/config/permission.php b/config/permission.php new file mode 100644 index 00000000..5b6e184c --- /dev/null +++ b/config/permission.php @@ -0,0 +1,161 @@ + [ + + /* + * When using the "HasPermissions" trait from this package, we need to know which + * Eloquent model should be used to retrieve your permissions. Of course, it + * is often just the "Permission" model but you may use whatever you like. + * + * The model you want to use as a Permission model needs to implement the + * `Spatie\Permission\Contracts\Permission` contract. + */ + + 'permission' => Spatie\Permission\Models\Permission::class, + + /* + * When using the "HasRoles" trait from this package, we need to know which + * Eloquent model should be used to retrieve your roles. Of course, it + * is often just the "Role" model but you may use whatever you like. + * + * The model you want to use as a Role model needs to implement the + * `Spatie\Permission\Contracts\Role` contract. + */ + + 'role' => Spatie\Permission\Models\Role::class, + + ], + + 'table_names' => [ + + /* + * When using the "HasRoles" trait from this package, we need to know which + * table should be used to retrieve your roles. We have chosen a basic + * default value but you may easily change it to any table you like. + */ + + 'roles' => 'roles', + + /* + * When using the "HasPermissions" trait from this package, we need to know which + * table should be used to retrieve your permissions. We have chosen a basic + * default value but you may easily change it to any table you like. + */ + + 'permissions' => 'permissions', + + /* + * When using the "HasPermissions" trait from this package, we need to know which + * table should be used to retrieve your models permissions. We have chosen a + * basic default value but you may easily change it to any table you like. + */ + + 'model_has_permissions' => 'model_has_permissions', + + /* + * When using the "HasRoles" trait from this package, we need to know which + * table should be used to retrieve your models roles. We have chosen a + * basic default value but you may easily change it to any table you like. + */ + + 'model_has_roles' => 'model_has_roles', + + /* + * When using the "HasRoles" trait from this package, we need to know which + * table should be used to retrieve your roles permissions. We have chosen a + * basic default value but you may easily change it to any table you like. + */ + + 'role_has_permissions' => 'role_has_permissions', + ], + + 'column_names' => [ + /* + * Change this if you want to name the related pivots other than defaults + */ + 'role_pivot_key' => null, //default 'role_id', + 'permission_pivot_key' => null, //default 'permission_id', + + /* + * Change this if you want to name the related model primary key other than + * `model_id`. + * + * For example, this would be nice if your primary keys are all UUIDs. In + * that case, name this `model_uuid`. + */ + + 'model_morph_key' => 'model_id', + + /* + * Change this if you want to use the teams feature and your related model's + * foreign key is other than `team_id`. + */ + + 'team_foreign_key' => 'team_id', + ], + + /* + * When set to true, the method for checking permissions will be registered on the gate. + * Set this to false, if you want to implement custom logic for checking permissions. + */ + + 'register_permission_check_method' => true, + + /* + * When set to true the package implements teams using the 'team_foreign_key'. If you want + * the migrations to register the 'team_foreign_key', you must set this to true + * before doing the migration. If you already did the migration then you must make a new + * migration to also add 'team_foreign_key' to 'roles', 'model_has_roles', and + * 'model_has_permissions'(view the latest version of package's migration file) + */ + + 'teams' => false, + + /* + * When set to true, the required permission names are added to the exception + * message. This could be considered an information leak in some contexts, so + * the default setting is false here for optimum safety. + */ + + 'display_permission_in_exception' => false, + + /* + * When set to true, the required role names are added to the exception + * message. This could be considered an information leak in some contexts, so + * the default setting is false here for optimum safety. + */ + + 'display_role_in_exception' => false, + + /* + * By default wildcard permission lookups are disabled. + */ + + 'enable_wildcard_permission' => false, + + 'cache' => [ + + /* + * By default all permissions are cached for 24 hours to speed up performance. + * When permissions or roles are updated the cache is flushed automatically. + */ + + 'expiration_time' => \DateInterval::createFromDateString('24 hours'), + + /* + * The cache key used to store all permissions. + */ + + 'key' => 'spatie.permission.cache', + + /* + * You may optionally indicate a specific cache driver to use for permission and + * role caching using any of the `store` drivers listed in the cache.php config + * file. Using 'default' here means to use the `default` set in cache.php. + */ + + 'store' => 'default', + ], +]; diff --git a/config/permissions_web.php b/config/permissions_web.php new file mode 100644 index 00000000..accbd07a --- /dev/null +++ b/config/permissions_web.php @@ -0,0 +1,92 @@ +bigIncrements('id'); // permission id + $table->string('name'); // For MySQL 8.0 use string('name', 125); + $table->string('guard_name'); // For MySQL 8.0 use string('guard_name', 125); + $table->timestamps(); + + $table->unique(['name', 'guard_name']); + }); + + Schema::create($tableNames['roles'], function (Blueprint $table) use ($teams, $columnNames) { + $table->bigIncrements('id'); // role id + if ($teams || config('permission.testing')) { // permission.testing is a fix for sqlite testing + $table->unsignedBigInteger($columnNames['team_foreign_key'])->nullable(); + $table->index($columnNames['team_foreign_key'], 'roles_team_foreign_key_index'); + } + $table->string('name'); // For MySQL 8.0 use string('name', 125); + $table->string('color')->nullable()->default('#485460'); // For MySQL 8.0 use string('name', 125); + $table->string('guard_name'); // For MySQL 8.0 use string('guard_name', 125); + $table->timestamps(); + if ($teams || config('permission.testing')) { + $table->unique([$columnNames['team_foreign_key'], 'name', 'guard_name']); + } else { + $table->unique(['name', 'guard_name']); + } + }); + + Schema::create($tableNames['model_has_permissions'], function (Blueprint $table) use ($tableNames, $columnNames, $teams) { + $table->unsignedBigInteger(PermissionRegistrar::$pivotPermission); + + $table->string('model_type'); + $table->unsignedBigInteger($columnNames['model_morph_key']); + $table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_permissions_model_id_model_type_index'); + + $table->foreign(PermissionRegistrar::$pivotPermission) + ->references('id') // permission id + ->on($tableNames['permissions']) + ->onDelete('cascade'); + if ($teams) { + $table->unsignedBigInteger($columnNames['team_foreign_key']); + $table->index($columnNames['team_foreign_key'], 'model_has_permissions_team_foreign_key_index'); + + $table->primary([$columnNames['team_foreign_key'], PermissionRegistrar::$pivotPermission, $columnNames['model_morph_key'], 'model_type'], + 'model_has_permissions_permission_model_type_primary'); + } else { + $table->primary([PermissionRegistrar::$pivotPermission, $columnNames['model_morph_key'], 'model_type'], + 'model_has_permissions_permission_model_type_primary'); + } + + }); + + Schema::create($tableNames['model_has_roles'], function (Blueprint $table) use ($tableNames, $columnNames, $teams) { + $table->unsignedBigInteger(PermissionRegistrar::$pivotRole); + + $table->string('model_type'); + $table->unsignedBigInteger($columnNames['model_morph_key']); + $table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_roles_model_id_model_type_index'); + + $table->foreign(PermissionRegistrar::$pivotRole) + ->references('id') // role id + ->on($tableNames['roles']) + ->onDelete('cascade'); + if ($teams) { + $table->unsignedBigInteger($columnNames['team_foreign_key']); + $table->index($columnNames['team_foreign_key'], 'model_has_roles_team_foreign_key_index'); + + $table->primary([$columnNames['team_foreign_key'], PermissionRegistrar::$pivotRole, $columnNames['model_morph_key'], 'model_type'], + 'model_has_roles_role_model_type_primary'); + } else { + $table->primary([PermissionRegistrar::$pivotRole, $columnNames['model_morph_key'], 'model_type'], + 'model_has_roles_role_model_type_primary'); + } + }); + + Schema::create($tableNames['role_has_permissions'], function (Blueprint $table) use ($tableNames) { + $table->unsignedBigInteger(PermissionRegistrar::$pivotPermission); + $table->unsignedBigInteger(PermissionRegistrar::$pivotRole); + + $table->foreign(PermissionRegistrar::$pivotPermission) + ->references('id') // permission id + ->on($tableNames['permissions']) + ->onDelete('cascade'); + + $table->foreign(PermissionRegistrar::$pivotRole) + ->references('id') // role id + ->on($tableNames['roles']) + ->onDelete('cascade'); + + $table->primary([PermissionRegistrar::$pivotPermission, PermissionRegistrar::$pivotRole], 'role_has_permissions_permission_id_role_id_primary'); + }); + + app('cache') + ->store(config('permission.cache.store') != 'default' ? config('permission.cache.store') : null) + ->forget(config('permission.cache.key')); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + $tableNames = config('permission.table_names'); + + if (empty($tableNames)) { + throw new \Exception('Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.'); + } + + Schema::drop($tableNames['role_has_permissions']); + Schema::drop($tableNames['model_has_roles']); + Schema::drop($tableNames['model_has_permissions']); + Schema::drop($tableNames['roles']); + Schema::drop($tableNames['permissions']); + } +} diff --git a/database/migrations/2023_04_29_233120_drop_roles.php b/database/migrations/2023_04_29_233120_drop_roles.php new file mode 100644 index 00000000..3f365707 --- /dev/null +++ b/database/migrations/2023_04_29_233120_drop_roles.php @@ -0,0 +1,51 @@ + 'PermissionsSeeder', + ]); + + Schema::table('users', function ($table) { + $table->dropColumn('role'); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('users', function($table) { + $table->string('role')->default('member'); + }); + + $users = User::with('roles')->get(); + foreach($users as $user){ + if($user->hasRole(1)){ + $user->role = "admin"; + }elseif ($user->hasRole(3)){ + $user->role = "client"; + }else{ + $user->role = "member"; + } + $user->save(); + } + + } +}; diff --git a/database/seeders/PermissionsSeeder.php b/database/seeders/PermissionsSeeder.php new file mode 100644 index 00000000..7d6ebc06 --- /dev/null +++ b/database/seeders/PermissionsSeeder.php @@ -0,0 +1,74 @@ +createPermissions(); + $this->createRoles(); + + + $users = User::all(); + foreach($users as $user){ + $user->assignRole(4); + } + + $admins = User::where("role","admin")->get(); + foreach($admins as $admin) { + $admin->syncRoles(1); + } + + $admins = User::where("role","client")->get(); + foreach($admins as $admin) { + $admin->syncRoles(3); + } + + + + + } + + public function createPermissions() + { + foreach (config('permissions_web') as $name) { + Permission::findOrCreate($name); + } + } + + //TODO run only once + public function createRoles() + { + $userPermissions=[ + 'user.server.create', + 'user.server.upgrade', + 'user.shop.buy', + 'user.ticket.read', + 'user.ticket.write', + 'user.referral', + ]; + /** @var Role $adminRole */ + $adminRole = Role::updateOrCreate(["name"=>"Admin","color"=>"#fa0000"]); + $supportRole = Role::updateOrCreate(["name"=>"Support-Team","color"=>"#00b0b3"]); + $clientRole = Role::updateOrCreate(["name"=>"Client","color"=>"#008009"]); + $userRole = Role::updateOrCreate(["name"=>"User","color"=>"#0052a3"]); + + $adminRole->givePermissionTo(Permission::findByName('*')); + + $userRole->syncPermissions($userPermissions); + $clientRole->syncPermissions($userPermissions); + } +} diff --git a/public/install/forms.php b/public/install/forms.php index 762222c6..d6d72b92 100644 --- a/public/install/forms.php +++ b/public/install/forms.php @@ -292,9 +292,9 @@ if (isset($_POST['createUser'])) { } $random = generateRandomString(); - $query1 = 'INSERT INTO `' . getenv('DB_DATABASE') . "`.`users` (`name`, `role`, `credits`, `server_limit`, `pterodactyl_id`, `email`, `password`, `created_at`, `referral_code`) VALUES ('$name', 'admin', '250', '1', '$pteroID', '$mail', '$pass', CURRENT_TIMESTAMP, '$random')"; - - if ($db->query($query1)) { + $query1 = 'INSERT INTO `' . getenv('DB_DATABASE') . "`.`users` (`name`, `credits`, `server_limit`, `pterodactyl_id`, `email`, `password`, `created_at`, `referral_code`) VALUES ('$name', 'admin', '250', '1', '$pteroID', '$mail', '$pass', CURRENT_TIMESTAMP, '$random')"; + $query2 = 'INSERT INTO `' . getenv('DB_DATABASE') . "`.`model_has_roles` (`role_id`, `model_type`, `model_id`) VALUES ('1', 'App\Models\User', '1')"; + if ($db->query($query1) && $db->query($query2)) { wh_log('Created user with Email ' . $mail . ' and pterodactyl ID ' . $pteroID, 'info'); header('LOCATION: index.php?step=7'); } else { diff --git a/routes/web.php b/routes/web.php index 438b4dd5..f13a33a9 100644 --- a/routes/web.php +++ b/routes/web.php @@ -13,6 +13,7 @@ use App\Http\Controllers\Admin\OverViewController; use App\Http\Controllers\Admin\PartnerController; use App\Http\Controllers\Admin\PaymentController; use App\Http\Controllers\Admin\ProductController; +use App\Http\Controllers\Admin\RoleController; use App\Http\Controllers\Admin\ServerController as AdminServerController; use App\Http\Controllers\Admin\SettingsController; use App\Http\Controllers\Admin\ShopProductController; @@ -117,7 +118,9 @@ Route::middleware(['auth', 'checkSuspended'])->group(function () { //admin Route::prefix('admin')->name('admin.')->middleware('admin')->group(function () { - + //Roles + Route::get('roles/datatable', [RoleController::class, 'datatable'])->name('roles.datatable'); + Route::resource('roles', RoleController::class); //overview Route::get('legal', [OverViewController::class, 'index'])->name('overview.index'); diff --git a/themes/BlueInfinity/views/layouts/main.blade.php b/themes/BlueInfinity/views/layouts/main.blade.php index f965da56..a5c13de1 100644 --- a/themes/BlueInfinity/views/layouts/main.blade.php +++ b/themes/BlueInfinity/views/layouts/main.blade.php @@ -253,7 +253,7 @@ @endif - @if ((Auth::user()->role == 'admin' || Auth::user()->role == 'moderator') && config('SETTINGS::TICKET:ENABLED')) + @if ((Auth::user()->hasRole("Admin") || Auth::user()->role == 'moderator') && config('SETTINGS::TICKET:ENABLED'))
  • {{ __('Moderation') }}
  • @@ -272,7 +272,7 @@
    • @endif - @if (Auth::user()->role == 'admin') + @if (Auth::user()->hasRole("Admin"))
  • {{ __('Administration') }}
  • diff --git a/themes/default/views/admin/roles/edit.blade.php b/themes/default/views/admin/roles/edit.blade.php new file mode 100644 index 00000000..2abbe808 --- /dev/null +++ b/themes/default/views/admin/roles/edit.blade.php @@ -0,0 +1,54 @@ +@extends('layouts.main') + +@section('content') +
    + +
    +

    {{ isset($role) ? __('Edit role') : __('Create role') }}

    + +
    + @csrf + @isset($role) + @method('PATCH') + @endisset + +
    +
    + + + + + +
    + +
    + + + @foreach($permissions as $permission) + + @endforeach + + +
    +
    + +
    + +
    +
    + +
    + +
    +@endsection diff --git a/themes/default/views/admin/roles/index.blade.php b/themes/default/views/admin/roles/index.blade.php new file mode 100644 index 00000000..71c88d92 --- /dev/null +++ b/themes/default/views/admin/roles/index.blade.php @@ -0,0 +1,58 @@ +@extends('layouts.main') + +@section('content') +
    + + @can('admin.roles.write') +
    + {{__('Create role')}} +
    + @endcan + +
    +

    {{ __('Roles') }}

    + +
    + + + + + + + + + + + + +
    {{__("Name")}}{{__("User count")}}{{__("Permissions count")}}{{__("Actions")}}
    + +
    +
    +
    +@endsection + + diff --git a/themes/default/views/admin/users/edit.blade.php b/themes/default/views/admin/users/edit.blade.php index 94c15785..b4c840bf 100644 --- a/themes/default/views/admin/users/edit.blade.php +++ b/themes/default/views/admin/users/edit.blade.php @@ -97,24 +97,14 @@
    -
    diff --git a/themes/default/views/admin/users/show.blade.php b/themes/default/views/admin/users/show.blade.php index e02baef3..5d2da412 100644 --- a/themes/default/views/admin/users/show.blade.php +++ b/themes/default/views/admin/users/show.blade.php @@ -76,7 +76,7 @@
    role == 'moderator') badge-info @elseif ($user->role == 'client') diff --git a/themes/default/views/home.blade.php b/themes/default/views/home.blade.php index 8f106c94..119c50ff 100644 --- a/themes/default/views/home.blade.php +++ b/themes/default/views/home.blade.php @@ -18,7 +18,7 @@ - @if (!file_exists(base_path() . '/install.lock') && Auth::User()->role == 'admin') + @if (!file_exists(base_path() . '/install.lock') && Auth::User()->hasRole("Admin"))

    {{ __('The installer is not locked!') }}

    {{ __('please create a file called "install.lock" in your dashboard Root directory. Otherwise no settings will be loaded!') }} diff --git a/themes/default/views/layouts/main.blade.php b/themes/default/views/layouts/main.blade.php index 6e1f6f01..607a692c 100644 --- a/themes/default/views/layouts/main.blade.php +++ b/themes/default/views/layouts/main.blade.php @@ -255,7 +255,7 @@

    • @endif - @if ((Auth::user()->role == 'admin' || Auth::user()->role == 'moderator') && $ticket_enabled) + @if ((Auth::user()->hasRole("Admin") || Auth::user()->role == 'moderator') && $ticket_enabled)
  • {{ __('Moderation') }}
  • @@ -274,7 +274,7 @@
    • @endif - @if (Auth::user()->role == 'admin') + @if (Auth::user()->hasRole("Admin"))
  • {{ __('Administration') }}
  • @@ -285,6 +285,13 @@
    • +
  • + + +

    {{ __('Role Management') }}

    +     +
  • Client @elseif ($ticket->user->role === "moderator") Moderator - @elseif ($ticket->user->role === "admin") + @elseif ($ticket->user->hasRole("Admin")) Admin @endif @@ -141,7 +141,7 @@ Client @elseif ($ticketcomment->user->role === "moderator") Moderator - @elseif ($ticketcomment->user->role === "admin") + @elseif ($ticketcomment->user->hasRole("Admin")) Admin @endif diff --git a/themes/default/views/servers/create.blade.php b/themes/default/views/servers/create.blade.php index 5f5a0314..f8e9a5d4 100644 --- a/themes/default/views/servers/create.blade.php +++ b/themes/default/views/servers/create.blade.php @@ -45,7 +45,7 @@
    {{ __('Error!') }}

    - @if (Auth::user()->role == 'admin') + @if (Auth::user()->hasRole("Admin")) {{ __('Make sure to link your products to nodes and eggs.') }}
    {{ __('There has to be at least 1 valid product for server creation') }}     {{ __('Sync now') }} diff --git a/themes/default/views/ticket/show.blade.php b/themes/default/views/ticket/show.blade.php index cac0070d..663b25f3 100644 --- a/themes/default/views/ticket/show.blade.php +++ b/themes/default/views/ticket/show.blade.php @@ -118,7 +118,7 @@ Client @elseif ($ticket->user->role === "moderator") Moderator - @elseif ($ticket->user->role === "admin") + @elseif ($ticket->user->hasRole("Admin")) Admin @endif @@ -142,7 +142,7 @@ Client @elseif ($ticketcomment->user->role === "moderator") Moderator - @elseif ($ticketcomment->user->role === "admin") + @elseif ($ticketcomment->user->hasRole("Admin")) Admin @endif