beenull/ctrlpanel
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

All permissions except Settings

Browse source
This commit is contained in:
1day2die 2023-05-05 01:11:55 +02:00
parent 804a800d4f
commit 4c780deb02
26 changed files with 342 additions and 113 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/Http/Controllers/Admin/ActivityLogController.php
View file

@ -14,6 +14,7 @@ use Spatie\Activitylog\Models\Activity;
class ActivityLogController extends Controller
{
const VIEW_PERMISSION = "admin.logs.read";
/**
* Display a listing of the resource.
*
@ -21,6 +22,9 @@ class ActivityLogController extends Controller
*/
public function index(Request $request)
{
$this->checkPermission(self::VIEW_PERMISSION);
$cronLogs = Storage::disk('logs')->exists('cron.log') ? Storage::disk('logs')->get('cron.log') : null;
if ($request->input('search')) {

9
app/Http/Controllers/Admin/ApplicationApiController.php
View file

@ -16,6 +16,8 @@ use Illuminate\Http\Response;
class ApplicationApiController extends Controller
{
const READ_PERMISSION = "admin.api.read";
const WRITE_PERMISSION = "admin.api.write";
/**
* Display a listing of the resource.
*
@ -23,6 +25,8 @@ class ApplicationApiController extends Controller
*/
public function index(LocaleSettings $locale_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.api.index', [
'locale_datatables' => $locale_settings->datatables
]);
@ -35,6 +39,8 @@ class ApplicationApiController extends Controller
*/
public function create()
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.api.create');
}
@ -76,6 +82,7 @@ class ApplicationApiController extends Controller
*/
public function edit(ApplicationApi $applicationApi)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.api.edit', [
'applicationApi' => $applicationApi,
]);
@ -107,6 +114,8 @@ class ApplicationApiController extends Controller
*/
public function destroy(ApplicationApi $applicationApi)
{
$this->checkPermission(self::WRITE_PERMISSION);
$applicationApi->delete();
return redirect()->back()->with('success', __('api key has been removed!'));

6
app/Http/Controllers/Admin/LegalController.php
View file

@ -10,6 +10,8 @@ use Qirolab\Theme\Theme;
class LegalController extends Controller
{
const READ_PERMISSION = "admin.legal.read";
const WRITE_PERMISSION = "admin.legal.write";
/**
* Display
*
@ -17,6 +19,8 @@ class LegalController extends Controller
*/
public function index()
{
$this->checkPermission(self::READ_PERMISSION);
$tos = File::get(Theme::path($path = 'views', "default") . '/information/tos-content.blade.php');
$privacy = File::get(Theme::path($path = 'views', "default") . '/information/privacy-content.blade.php');
$imprint = File::get(Theme::path($path = 'views', "default") . '/information/imprint-content.blade.php');
@ -29,6 +33,8 @@ class LegalController extends Controller
}
public function update(Request $request){
$this->checkPermission(self::READ_PERMISSION);
$tos = $request->tos;
$privacy = $request->privacy;
$imprint = $request->imprint;

8
app/Http/Controllers/Admin/OverViewController.php
View file

@ -19,6 +19,8 @@ use Carbon\Carbon;
class OverViewController extends Controller
{
const READ_PERMISSION = "admin.overview.read";
const SYNC_PERMISSION = "admin.overview.sync";
public const TTL = 86400;
private $pterodactyl;
@ -27,9 +29,11 @@ class OverViewController extends Controller
{
$this->pterodactyl = new PterodactylClient($ptero_settings);
}
public function index(GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
//Get counters
$counters = collect();
//Set basic variables in the collection
@ -225,6 +229,8 @@ class OverViewController extends Controller
*/
public function syncPterodactyl()
{
$this->checkPermission(self::SYNC_PERMISSION);
Node::syncNodes();
Egg::syncEggs();

10
app/Http/Controllers/Admin/PartnerController.php
View file

@ -11,8 +11,12 @@ use Illuminate\Http\Request;
class PartnerController extends Controller
{
const READ_PERMISSION = "admin.partners.read";
const WRITE_PERMISSION = "admin.partners.write";
public function index(LocaleSettings $locale_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.partners.index', [
'locale_datatables' => $locale_settings->datatables
]);
@ -25,6 +29,8 @@ class PartnerController extends Controller
*/
public function create()
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.partners.create', [
'partners' => PartnerDiscount::get(),
'users' => User::orderBy('name')->get(),
@ -62,6 +68,8 @@ class PartnerController extends Controller
*/
public function edit(PartnerDiscount $partner)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.partners.edit', [
'partners' => PartnerDiscount::get(),
'partner' => $partner,
@ -98,6 +106,8 @@ class PartnerController extends Controller
*/
public function destroy(PartnerDiscount $partner)
{
$this->checkPermission(self::WRITE_PERMISSION);
$partner->delete();
return redirect()->back()->with('success', __('partner has been removed!'));

4
app/Http/Controllers/Admin/PaymentController.php
View file

@ -24,11 +24,15 @@ use App\Settings\LocaleSettings;
class PaymentController extends Controller
{
const BUY_PERMISSION = 'user.shop.buy';
const VIEW_PERMISSION = "admin.payments.read";
/**
* @return Application|Factory|View
*/
public function index(LocaleSettings $locale_settings)
{
$this->checkPermission(self::VIEW_PERMISSION);
return view('admin.payments.index')->with([
'payments' => Payment::paginate(15),
'locale_datatables' => $locale_settings->datatables

17
app/Http/Controllers/Admin/ProductController.php
View file

@ -19,6 +19,10 @@ use Illuminate\Http\Request;
class ProductController extends Controller
{
const READ_PERMISSION = "admin.products.read";
const WRITE_PERMISSION = "admin.products.write";
const EDIT_PERMISSION = "admin.products.edit";
const DELETE_PERMISSION = "admin.products.delete";
/**
* Display a listing of the resource.
*
@ -26,6 +30,8 @@ class ProductController extends Controller
*/
public function index(LocaleSettings $locale_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.products.index', [
'locale_datatables' => $locale_settings->datatables
]);
@ -38,6 +44,7 @@ class ProductController extends Controller
*/
public function create(GeneralSettings $general_settings)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.products.create', [
'locations' => Location::with('nodes')->get(),
'nests' => Nest::with('eggs')->get(),
@ -47,6 +54,8 @@ class ProductController extends Controller
public function clone(Product $product)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.products.create', [
'product' => $product,
'locations' => Location::with('nodes')->get(),
@ -98,6 +107,8 @@ class ProductController extends Controller
*/
public function show(Product $product, UserSettings $user_settings, GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.products.show', [
'product' => $product,
'minimum_credits' => $user_settings->min_credits_to_make_server,
@ -113,6 +124,8 @@ class ProductController extends Controller
*/
public function edit(Product $product, GeneralSettings $general_settings)
{
$this->checkPermission(self::EDIT_PERMISSION);
return view('admin.products.edit', [
'product' => $product,
'locations' => Location::with('nodes')->get(),
@ -167,6 +180,8 @@ class ProductController extends Controller
*/
public function disable(Product $product)
{
$this->checkPermission(self::WRITE_PERMISSION);
$product->update(['disabled' => ! $product->disabled]);
return redirect()->route('admin.products.index')->with('success', 'Product has been updated!');
@ -180,6 +195,8 @@ class ProductController extends Controller
*/
public function destroy(Product $product)
{
$this->checkPermission(self::DELETE_PERMISSION);
$servers = $product->servers()->count();
if ($servers > 0) {
return redirect()->back()->with('error', "Product cannot be removed while it's linked to {$servers} servers");

12
app/Http/Controllers/Admin/RoleController.php
View file

@ -16,6 +16,10 @@ use Spatie\Permission\Models\Role;
class RoleController extends Controller
{
const READ_PERMISSION = "admin.roles.read";
const CREATE_PERMISSION = "admin.roles.create";
const EDIT_PERMISSION = "admin.roles.edit";
const DELETE_PERMISSION = "admin.roles.delete";
/**
* Display a listing of the resource.
*
@ -26,6 +30,7 @@ class RoleController extends Controller
public function index(Request $request)
{
$this->checkPermission(self::READ_PERMISSION);
//datatables
if ($request->ajax()) {
@ -43,6 +48,7 @@ class RoleController extends Controller
*/
public function create()
{
$this->checkPermission(self::CREATE_PERMISSION);
$permissions = Permission::all();
@ -56,6 +62,8 @@ class RoleController extends Controller
*/
public function store(Request $request): RedirectResponse
{
$this->checkPermission(self::CREATE_PERMISSION);
$role = Role::create([
'name' => $request->name,
'color' => $request->color
@ -86,6 +94,7 @@ class RoleController extends Controller
*/
public function edit(Role $role)
{
$this->checkPermission(self::EDIT_PERMISSION);
$permissions = Permission::all();
@ -100,6 +109,8 @@ class RoleController extends Controller
*/
public function update(Request $request, Role $role)
{
$this->checkPermission(self::EDIT_PERMISSION);
if ($request->permissions) {
if($role->id != 1){ //disable admin permissions change
$role->syncPermissions($request->permissions);
@ -135,6 +146,7 @@ class RoleController extends Controller
*/
public function destroy(Role $role)
{
$this->checkPermission(self::DELETE_PERMISSION);
if($role->id == 1 || $role->id == 3 || $role->id == 4){ //cannot delete the hard coded roles
return back()->with("error","You cannot delete that role");

21
app/Http/Controllers/Admin/ServerController.php
View file

@ -20,6 +20,13 @@ use Illuminate\Support\Facades\Log;
class ServerController extends Controller
{
const READ_PERMISSION = "admin.servers.read";
const WRITE_PERMISSION = "admin.servers.write";
const SUSPEND_PERMISSION = "admin.servers.suspend";
const CHANGEOWNER_PERMISSION = "admin.servers.write.owner";
const CHANGE_IDENTIFIER_PERMISSION ="admin.servers.write.identifier";
const DELETE_PERMISSION = "admin.servers.delete";
private $pterodactyl;
public function __construct(PterodactylSettings $ptero_settings)
@ -34,6 +41,8 @@ class ServerController extends Controller
*/
public function index(LocaleSettings $locale_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.servers.index', [
'locale_datatables' => $locale_settings->datatables
]);
@ -47,6 +56,8 @@ class ServerController extends Controller
*/
public function edit(Server $server)
{
$this->checkPermission(self::WRITE_PERMISSION);
// get all users from the database
$users = User::all();
@ -70,7 +81,7 @@ class ServerController extends Controller
]);
if ($request->get('user_id') != $server->user_id) {
if ($request->get('user_id') != $server->user_id && $this->can(self::CHANGEOWNER_PERMISSION)) {
// find the user
$user = User::findOrFail($request->get('user_id'));
@ -89,7 +100,10 @@ class ServerController extends Controller
}
// update the identifier
$server->identifier = $request->get('identifier');
if($this->can(self::CHANGE_IDENTIFIER_PERMISSION)) {
$server->identifier = $request->get('identifier');
}
$server->save();
return redirect()->route('admin.servers.index')->with('success', 'Server updated!');
@ -103,6 +117,7 @@ class ServerController extends Controller
*/
public function destroy(Server $server)
{
$this->checkPermission(self::DELETE_PERMISSION);
try {
$server->delete();
@ -118,6 +133,8 @@ class ServerController extends Controller
*/
public function toggleSuspended(Server $server)
{
$this->checkPermission(self::SUSPEND_PERMISSION);
try {
$server->isSuspended() ? $server->unSuspend() : $server->suspend();
} catch (Exception $exception) {

15
app/Http/Controllers/Admin/ShopProductController.php
View file

@ -2,6 +2,7 @@
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Models\ShopProduct;
use App\Settings\GeneralSettings;
use App\Settings\LocaleSettings;
@ -11,12 +12,15 @@ use Illuminate\Contracts\View\View;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Routing\Controller;
use Illuminate\Validation\Rule;
class ShopProductController extends Controller
{
const READ_PERMISSION = 'admin.store.read';
const WRITE_PERMISSION = 'admin.store.write';
const DISABLE_PERMISSION = 'admin.store.disable';
/**
* Display a listing of the resource.
*
@ -24,6 +28,8 @@ class ShopProductController extends Controller
*/
public function index(LocaleSettings $locale_settings, GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
$isStoreEnabled = $general_settings->store_enabled;
@ -40,6 +46,8 @@ class ShopProductController extends Controller
*/
public function create(GeneralSettings $general_settings)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.store.create', [
'currencyCodes' => config('currency_codes'),
'credits_display_name' => $general_settings->credits_display_name
@ -78,6 +86,8 @@ class ShopProductController extends Controller
*/
public function edit(ShopProduct $shopProduct, GeneralSettings $general_settings)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.store.edit', [
'currencyCodes' => config('currency_codes'),
'shopProduct' => $shopProduct,
@ -117,6 +127,8 @@ class ShopProductController extends Controller
*/
public function disable(ShopProduct $shopProduct)
{
$this->checkPermission(self::DISABLE_PERMISSION);
$shopProduct->update(['disabled' => !$shopProduct->disabled]);
return redirect()->route('admin.store.index')->with('success', __('Product has been updated!'));
@ -130,6 +142,7 @@ class ShopProductController extends Controller
*/
public function destroy(ShopProduct $shopProduct)
{
$this->checkPermission(self::WRITE_PERMISSION);
$shopProduct->delete();
return redirect()->back()->with('success', __('Store item has been removed!'));

21
app/Http/Controllers/Moderation/TicketCategoryController.php → app/Http/Controllers/Admin/TicketCategoryController.php
View file

@ -1,6 +1,6 @@
<?php
namespace App\Http\Controllers\Moderation;
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Models\Ticket;
@ -9,15 +9,20 @@ use Illuminate\Http\Request;
class TicketCategoryController extends Controller
{
const READ_PERMISSION = "admin.tickets.read";
const WRITE_PERMISSION = "admin.tickets.write";
/**
*
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
$this->checkPermission(self::READ_PERMISSION);
$categories = TicketCategory::all();
return view('moderator.ticket.category')->with("categories",$categories);
return view('admin.ticket.category')->with("categories",$categories);
}
/**
@ -28,6 +33,8 @@ class TicketCategoryController extends Controller
*/
public function store(Request $request)
{
$this->checkPermission(self::WRITE_PERMISSION);
$request->validate([
'name' => 'required|string|max:191',
]);
@ -35,7 +42,7 @@ class TicketCategoryController extends Controller
TicketCategory::create($request->all());
return redirect(route("moderator.ticket.category.index"))->with("success",__("Category created"));
return redirect(route("admin.ticket.category.index"))->with("success",__("Category created"));
}
/**
@ -46,6 +53,8 @@ class TicketCategoryController extends Controller
*/
public function update(Request $request)
{
$this->checkPermission(self::WRITE_PERMISSION);
$request->validate([
'category' => 'required|int',
'name' => 'required|string|max:191',
@ -68,6 +77,8 @@ class TicketCategoryController extends Controller
*/
public function destroy($id)
{
$this->checkPermission(self::WRITE_PERMISSION);
$category = TicketCategory::where("id",$id)->firstOrFail();
if($category->id == 5 ){ //cannot delete "other" category
@ -84,7 +95,7 @@ class TicketCategoryController extends Controller
$category->delete();
return redirect()
->route('moderator.ticket.category.index')
->route('admin.ticket.category.index')
->with('success', __('Category removed'));
}
@ -101,7 +112,7 @@ class TicketCategoryController extends Controller
})
->addColumn('actions', function (TicketCategory $category) {
return '
<form class="d-inline" onsubmit="return submitResult();" method="post" action="'.route('moderator.ticket.category.destroy', $category->id).'">
<form class="d-inline" onsubmit="return submitResult();" method="post" action="'.route('admin.ticket.category.destroy', $category->id).'">
'.csrf_field().'
'.method_field('DELETE').'
<button data-content="'.__('Delete').'" data-toggle="popover" data-trigger="hover" data-placement="top" class="btn btn-sm btn-danger mr-1"><i class="fas fa-trash"></i></button>

42
app/Http/Controllers/Moderation/TicketsController.php → app/Http/Controllers/Admin/TicketsController.php
View file

@ -1,8 +1,9 @@
<?php
namespace App\Http\Controllers\Moderation;
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Http\Controllers\Moderation\Exception;
use App\Models\Server;
use App\Models\Ticket;
use App\Models\TicketBlacklist;
@ -17,9 +18,16 @@ use Illuminate\Support\Facades\Auth;
class TicketsController extends Controller
{
const READ_PERMISSION = "admin.tickets.read";
const WRITE_PERMISSION = "admin.tickets.write";
const BLACKLIST_READ_PERMISSION ='admin.ticket_blacklist.read';
const BLACKLIST_WRITE_PERMISSION ='admin.ticket_blacklist.write';
public function index(LocaleSettings $locale_settings)
{
return view('moderator.ticket.index', [
$this->checkPermission(self::READ_PERMISSION);
return view('admin.ticket.index', [
'tickets' => Ticket::orderBy('id', 'desc')->paginate(10),
'ticketcategories' => TicketCategory::all(),
'locale_datatables' => $locale_settings->datatables
@ -28,6 +36,7 @@ class TicketsController extends Controller
public function show($ticket_id, PterodactylSettings $ptero_settings)
{
$this->checkPermission(self::READ_PERMISSION);
try {
$ticket = Ticket::where('ticket_id', $ticket_id)->firstOrFail();
} catch (Exception $e)
@ -39,11 +48,12 @@ class TicketsController extends Controller
$server = Server::where('id', $ticket->server)->first();
$pterodactyl_url = $ptero_settings->panel_url;
return view('moderator.ticket.show', compact('ticket', 'ticketcategory', 'ticketcomments', 'server', 'pterodactyl_url'));
return view('admin.ticket.show', compact('ticket', 'ticketcategory', 'ticketcomments', 'server', 'pterodactyl_url'));
}
public function changeStatus($ticket_id)
{
$this->checkPermission(self::WRITE_PERMISSION);
try {
$ticket = Ticket::where('ticket_id', $ticket_id)->firstOrFail();
} catch(Exception $e)
@ -65,6 +75,7 @@ class TicketsController extends Controller
public function delete($ticket_id)
{
$this->checkPermission(self::WRITE_PERMISSION);
try {
$ticket = Ticket::where('ticket_id', $ticket_id)->firstOrFail();
} catch (Exception $e)
@ -80,6 +91,9 @@ class TicketsController extends Controller
public function reply(Request $request)
{
$this->checkPermission(self::WRITE_PERMISSION);
$this->validate($request, ['ticketcomment' => 'required']);
try {
$ticket = Ticket::where('id', $request->input('ticket_id'))->firstOrFail();
@ -114,7 +128,7 @@ class TicketsController extends Controller
return $tickets->ticketcategory->name;
})
->editColumn('title', function (Ticket $tickets) {
return '<a class="text-info" href="'.route('moderator.ticket.show', ['ticket_id' => $tickets->ticket_id]).'">'.'#'.$tickets->ticket_id.' - '.htmlspecialchars($tickets->title).'</a>';
return '<a class="text-info" href="'.route('admin.ticket.show', ['ticket_id' => $tickets->ticket_id]).'">'.'#'.$tickets->ticket_id.' - '.htmlspecialchars($tickets->title).'</a>';
})
->editColumn('user_id', function (Ticket $tickets) {
return '<a href="'.route('admin.users.show', $tickets->user->id).'">'.$tickets->user->name.'</a>';
@ -125,13 +139,13 @@ class TicketsController extends Controller
$statusButtonText = ($tickets->status == "Closed") ? __('Reopen') : __('Close');
return '
<a data-content="'.__('View').'" data-toggle="popover" data-trigger="hover" data-placement="top" href="'.route('moderator.ticket.show', ['ticket_id' => $tickets->ticket_id]).'" class="btn btn-sm text-white btn-info mr-1"><i class="fas fa-eye"></i></a>
<form class="d-inline" method="post" action="'.route('moderator.ticket.changeStatus', ['ticket_id' => $tickets->ticket_id]).'">
<a data-content="'.__('View').'" data-toggle="popover" data-trigger="hover" data-placement="top" href="'.route('admin.ticket.show', ['ticket_id' => $tickets->ticket_id]).'" class="btn btn-sm text-white btn-info mr-1"><i class="fas fa-eye"></i></a>
<form class="d-inline" method="post" action="'.route('admin.ticket.changeStatus', ['ticket_id' => $tickets->ticket_id]).'">
'.csrf_field().'
'.method_field('POST').'
<button data-content="'.__($statusButtonText).'" data-toggle="popover" data-trigger="hover" data-placement="top" class="btn btn-sm text-white '.$statusButtonColor.' mr-1"><i class="fas '.$statusButtonIcon.'"></i></button>
</form>
<form class="d-inline" method="post" action="'.route('moderator.ticket.delete', ['ticket_id' => $tickets->ticket_id]).'">
<form class="d-inline" method="post" action="'.route('admin.ticket.delete', ['ticket_id' => $tickets->ticket_id]).'">
'.csrf_field().'
'.method_field('POST').'
<button data-content="'.__('Delete').'" data-toggle="popover" data-trigger="hover" data-placement="top" class="btn btn-sm text-white btn-danger mr-1"><i class="fas fa-trash"></i></button>
@ -170,13 +184,17 @@ class TicketsController extends Controller
public function blacklist(LocaleSettings $locale_settings)
{
return view('moderator.ticket.blacklist', [
$this->checkPermission(self::BLACKLIST_READ_PERMISSION);
return view('admin.ticket.blacklist', [
'locale_datatables' => $locale_settings->datatables
]);
}
public function blacklistAdd(Request $request)
{
$this->checkPermission(self::BLACKLIST_WRITE_PERMISSION);
try {
$user = User::where('id', $request->user_id)->firstOrFail();
$check = TicketBlacklist::where('user_id', $user->id)->first();
@ -202,6 +220,8 @@ class TicketsController extends Controller
public function blacklistDelete($id)
{
$this->checkPermission(self::BLACKLIST_WRITE_PERMISSION);
$blacklist = TicketBlacklist::where('id', $id)->first();
$blacklist->delete();
@ -210,6 +230,8 @@ class TicketsController extends Controller
public function blacklistChange($id)
{
$this->checkPermission(self::BLACKLIST_WRITE_PERMISSION);
try {
$blacklist = TicketBlacklist::where('id', $id)->first();
}
@ -254,12 +276,12 @@ class TicketsController extends Controller
})
->addColumn('actions', function (TicketBlacklist $blacklist) {
return '
<form class="d-inline" method="post" action="'.route('moderator.ticket.blacklist.change', ['id' => $blacklist->id]).'">
<form class="d-inline" method="post" action="'.route('admin.ticket.blacklist.change', ['id' => $blacklist->id]).'">
'.csrf_field().'
'.method_field('POST').'
<button data-content="'.__('Change Status').'" data-toggle="popover" data-trigger="hover" data-placement="top" class="btn btn-sm text-white btn-warning mr-1"><i class="fas fa-sync-alt"></i></button>
</form>
<form class="d-inline" method="post" action="'.route('moderator.ticket.blacklist.delete', ['id' => $blacklist->id]).'">
<form class="d-inline" method="post" action="'.route('admin.ticket.blacklist.delete', ['id' => $blacklist->id]).'">
'.csrf_field().'
'.method_field('POST').'
<button data-content="'.__('Delete').'" data-toggle="popover" data-trigger="hover" data-placement="top" class="btn btn-sm text-white btn-danger mr-1"><i class="fas fa-trash"></i></button>

7
app/Http/Controllers/Admin/UsefulLinkController.php
View file

@ -15,6 +15,8 @@ use Illuminate\Http\Response;
class UsefulLinkController extends Controller
{
const READ_PERMISSION = "admin.useful_links.read";
const WRITE_PERMISSION = "admin.useful_links.write";
/**
* Display a listing of the resource.
*
@ -22,6 +24,7 @@ class UsefulLinkController extends Controller
*/
public function index(LocaleSettings $locale_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.usefullinks.index', [
'locale_datatables' => $locale_settings->datatables
]);
@ -34,6 +37,7 @@ class UsefulLinkController extends Controller
*/
public function create()
{
$this->checkPermission(self::WRITE_PERMISSION);
$positions = UsefulLinkLocation::cases();
return view('admin.usefullinks.create')->with('positions', $positions);
}
@ -84,6 +88,8 @@ class UsefulLinkController extends Controller
*/
public function edit(UsefulLink $usefullink)
{
$this->checkPermission(self::WRITE_PERMISSION);
$positions = UsefulLinkLocation::cases();
return view('admin.usefullinks.edit', [
'link' => $usefullink,
@ -126,6 +132,7 @@ class UsefulLinkController extends Controller
*/
public function destroy(UsefulLink $usefullink)
{
$this->checkPermission(self::WRITE_PERMISSION);
$usefullink->delete();
return redirect()->back()->with('success', __('product has been removed!'));

58
app/Http/Controllers/Admin/UserController.php
View file

@ -30,6 +30,20 @@ use Spatie\Permission\Models\Role;
class UserController extends Controller
{
const READ_PERMISSION = "admin.users.read";
const WRITE_PERMISSION = "admin.users.write";
const SUSPEND_PERMISSION = "admin.users.suspend";
const CHANGE_EMAIL_PERMISSION = "admin.users.write.email";
const CHANGE_CREDITS_PERMISSION = "admin.users.write.credits";
const CHANGE_USERNAME_PERMISSION = "admin.users.write.username";
const CHANGE_PASSWORD_PERMISSION = "admin.users.write.password";
const CHANGE_ROLE_PERMISSION ="admin.users.write.role";
const CHANGE_REFERAL_PERMISSION ="admin.users.write.referal";
const CHANGE_PTERO_PERMISSION = "admin.users.write.pterodactyl";
const DELETE_PERMISSION = "admin.users.delete";
const NOTIFY_PERMISSION = "admin.users.notify";
const LOGIN_PERMISSION = "admin.users.login_as";
private $pterodactyl;
public function __construct(PterodactylSettings $ptero_settings)
@ -45,6 +59,8 @@ class UserController extends Controller
*/
public function index(LocaleSettings $locale_settings, GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.users.index', [
'locale_datatables' => $locale_settings->datatables,
'credits_display_name' => $general_settings->credits_display_name
@ -59,6 +75,8 @@ class UserController extends Controller
*/
public function show(User $user, LocaleSettings $locale_settings, GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
//QUERY ALL REFERRALS A USER HAS
//i am not proud of this at all.
$allReferals = [];
@ -109,6 +127,8 @@ class UserController extends Controller
*/
public function edit(User $user, GeneralSettings $general_settings)
{
$this->checkPermission(self::WRITE_PERMISSION);
$roles = Role::all();
return view('admin.users.edit')->with([
'user' => $user,
@ -134,12 +154,11 @@ class UserController extends Controller
'email' => 'required|string|email',
'credits' => 'required|numeric|min:0|max:99999999',
'server_limit' => 'required|numeric|min:0|max:1000000',
'role' => Rule::in(['admin', 'moderator', 'client', 'member']),
'referral_code' => "required|string|min:2|max:32|unique:users,referral_code,{$user->id}",
]);
//update roles
if ($request->roles) {
if ($request->roles && $this->can(self::CHANGE_ROLE_PERMISSION)) {
$user->syncRoles($request->roles);
}
@ -149,7 +168,7 @@ class UserController extends Controller
]);
}
if (!is_null($request->input('new_password'))) {
if (!is_null($request->input('new_password')) && $this->can(self::CHANGE_PASSWORD_PERMISSION)) {
$request->validate([
'new_password' => 'required|string|min:8',
'new_password_confirmation' => 'required|same:new_password',
@ -160,7 +179,24 @@ class UserController extends Controller
]);
}
$user->update($request->all());
if($this->can(self::CHANGE_USERNAME_PERMISSION)){
$user->name = $request->name;
}
if($this->can(self::CHANGE_CREDITS_PERMISSION)){
$user->credits = $request->credits;
}
if($this->can(self::CHANGE_PTERO_PERMISSION)){
$user->pterodactyl_id = $request->pterodactyl_id;
}
if($this->can(self::CHANGE_REFERAL_PERMISSION)){
$user->referral_code = $request->referral_code;
}
if($this->can(self::CHANGE_EMAIL_PERMISSION)){
$user->email = $request->email;
}
$user->save();
event(new UserUpdateCreditsEvent($user));
return redirect()->route('admin.users.index')->with('success', 'User updated!');
@ -174,7 +210,9 @@ class UserController extends Controller
*/
public function destroy(User $user)
{
if ($user->hasRole("Admin") && User::query()->where('role', 'admin')->count() === 1) {
$this->checkPermission(self::DELETE_PERMISSION);
if ($user->hasRole(1) && User::role(1)->count() === 1) {
return redirect()->back()->with('error', __('You can not delete the last admin!'));
}
@ -203,6 +241,8 @@ class UserController extends Controller
*/
public function loginAs(Request $request, User $user)
{
$this->checkPermission(self::LOGIN_PERMISSION);
$request->session()->put('previousUser', Auth::user()->id);
Auth::login($user);
@ -215,6 +255,8 @@ class UserController extends Controller
*/
public function logBackIn(Request $request)
{
$this->checkPermission(self::LOGIN_PERMISSION);
Auth::loginUsingId($request->session()->get('previousUser'), true);
$request->session()->remove('previousUser');
@ -229,6 +271,8 @@ class UserController extends Controller
*/
public function notifications()
{
$this->checkPermission(self::NOTIFY_PERMISSION);
return view('admin.users.notifications');
}
@ -243,6 +287,8 @@ class UserController extends Controller
*/
public function notify(Request $request)
{
$this->checkPermission(self::NOTIFY_PERMISSION);
$data = $request->validate([
'via' => 'required|min:1|array',
'via.*' => 'required|string|in:mail,database',
@ -283,6 +329,8 @@ class UserController extends Controller
*/
public function toggleSuspended(User $user)
{
$this->checkPermission(self::SUSPEND_PERMISSION);
try {
!$user->isSuspended() ? $user->suspend() : $user->unSuspend();
} catch (Exception $exception) {

9
app/Http/Controllers/Admin/VoucherController.php
View file

@ -19,6 +19,8 @@ use Illuminate\Validation\ValidationException;
class VoucherController extends Controller
{
const READ_PERMISSION = "admin.voucher.read";
const WRITE_PERMISSION = "admin.voucher.write";
/**
* Display a listing of the resource.
*
@ -26,6 +28,8 @@ class VoucherController extends Controller
*/
public function index(LocaleSettings $locale_settings, GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.vouchers.index', [
'locale_datatables' => $locale_settings->datatables,
'credits_display_name' => $general_settings->credits_display_name
@ -39,6 +43,7 @@ class VoucherController extends Controller
*/
public function create(GeneralSettings $general_settings)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.vouchers.create', [
'credits_display_name' => $general_settings->credits_display_name
]);
@ -84,6 +89,7 @@ class VoucherController extends Controller
*/
public function edit(Voucher $voucher, GeneralSettings $general_settings)
{
$this->checkPermission(self::WRITE_PERMISSION);
return view('admin.vouchers.edit', [
'voucher' => $voucher,
'credits_display_name' => $general_settings->credits_display_name
@ -120,6 +126,7 @@ class VoucherController extends Controller
*/
public function destroy(Voucher $voucher)
{
$this->checkPermission(self::WRITE_PERMISSION);
$voucher->delete();
return redirect()->back()->with('success', __('voucher has been removed!'));
@ -127,6 +134,8 @@ class VoucherController extends Controller
public function users(Voucher $voucher, LocaleSettings $locale_settings, GeneralSettings $general_settings)
{
$this->checkPermission(self::READ_PERMISSION);
return view('admin.vouchers.users', [
'voucher' => $voucher,
'locale_datatables' => $locale_settings->datatables,

21
config/permissions_web.php
View file

@ -6,13 +6,15 @@ return [
/*
* Permissions for admin
*/
'admin.sidebar.read',
'admin.roles.read',
'admin.roles.write',
'admin.roles.create',
'admin.roles.edit',
'admin.roles.delete',
'admin.ticket.read',
'admin.tickets.write',
'admin.ticket_blacklist.read',
'admin.ticket_blacklist.write',
@ -32,13 +34,17 @@ return [
'admin.users.write.role',
'admin.users.write.referal',
'admin.users.write.pterodactyl',
'admin.users.write.email',
'admin.users.notify',
'admin.users.login_as',
'admin.users.delete',
'admin.servers.read',
'admin.servers.write',
'admin.servers.suspend',
'admin.server.write.owner',
'admin.server.write.identifier',
'admin.server.delete',
'admin.servers.write.owner',
'admin.servers.write.identifier',
'admin.servers.delete',
'admin.products.read',
'admin.products.create',
@ -58,6 +64,11 @@ return [
'admin.legal.read',
'admin.legal.write',
'admin.payments.read',
'admin.partners.read',
'admin.partners.write',
'admin.logs.read',
/*

33
routes/web.php
View file

@ -17,13 +17,13 @@ use App\Http\Controllers\Admin\RoleController;
use App\Http\Controllers\Admin\ServerController as AdminServerController;
use App\Http\Controllers\Admin\SettingsController;
use App\Http\Controllers\Admin\ShopProductController;
use App\Http\Controllers\Admin\TicketCategoryController;
use App\Http\Controllers\Admin\TicketsController as AdminTicketsController;
use App\Http\Controllers\Admin\UsefulLinkController;
use App\Http\Controllers\Admin\UserController;
use App\Http\Controllers\Admin\VoucherController;
use App\Http\Controllers\Auth\SocialiteController;
use App\Http\Controllers\HomeController;
use App\Http\Controllers\Moderation\TicketCategoryController;
use App\Http\Controllers\Moderation\TicketsController as ModTicketsController;
use App\Http\Controllers\NotificationController;
use App\Http\Controllers\ProductController as FrontProductController;
use App\Http\Controllers\ProfileController;
@ -117,7 +117,7 @@ Route::middleware(['auth', 'checkSuspended'])->group(function () {
//admin
Route::prefix('admin')->name('admin.')->middleware('admin')->group(function () {
Route::prefix('admin')->name('admin.')->group(function () {
//Roles
Route::get('roles/datatable', [RoleController::class, 'datatable'])->name('roles.datatable');
Route::resource('roles', RoleController::class);
@ -199,29 +199,28 @@ Route::middleware(['auth', 'checkSuspended'])->group(function () {
Route::resource('api', ApplicationApiController::class)->parameters([
'api' => 'applicationApi',
]);
});
//mod
Route::prefix('moderator')->name('moderator.')->middleware('moderator')->group(function () {
//ticket moderation
Route::get('ticket', [ModTicketsController::class, 'index'])->name('ticket.index');
Route::get('ticket/datatable', [ModTicketsController::class, 'datatable'])->name('ticket.datatable');
Route::get('ticket/show/{ticket_id}', [ModTicketsController::class, 'show'])->name('ticket.show');
Route::post('ticket/reply', [ModTicketsController::class, 'reply'])->name('ticket.reply');
Route::post('ticket/status/{ticket_id}', [ModTicketsController::class, 'changeStatus'])->name('ticket.changeStatus');
Route::post('ticket/delete/{ticket_id}', [ModTicketsController::class, 'delete'])->name('ticket.delete');
Route::get('ticket', [AdminTicketsController::class, 'index'])->name('ticket.index');
Route::get('ticket/datatable', [AdminTicketsController::class, 'datatable'])->name('ticket.datatable');
Route::get('ticket/show/{ticket_id}', [AdminTicketsController::class, 'show'])->name('ticket.show');
Route::post('ticket/reply', [AdminTicketsController::class, 'reply'])->name('ticket.reply');
Route::post('ticket/status/{ticket_id}', [AdminTicketsController::class, 'changeStatus'])->name('ticket.changeStatus');
Route::post('ticket/delete/{ticket_id}', [AdminTicketsController::class, 'delete'])->name('ticket.delete');
//ticket moderation blacklist
Route::get('ticket/blacklist', [ModTicketsController::class, 'blacklist'])->name('ticket.blacklist');
Route::post('ticket/blacklist', [ModTicketsController::class, 'blacklistAdd'])->name('ticket.blacklist.add');
Route::post('ticket/blacklist/delete/{id}', [ModTicketsController::class, 'blacklistDelete'])->name('ticket.blacklist.delete');
Route::post('ticket/blacklist/change/{id}', [ModTicketsController::class, 'blacklistChange'])->name('ticket.blacklist.change');
Route::get('ticket/blacklist/datatable', [ModTicketsController::class, 'dataTableBlacklist'])->name('ticket.blacklist.datatable');
Route::get('ticket/blacklist', [AdminTicketsController::class, 'blacklist'])->name('ticket.blacklist');
Route::post('ticket/blacklist', [AdminTicketsController::class, 'blacklistAdd'])->name('ticket.blacklist.add');
Route::post('ticket/blacklist/delete/{id}', [AdminTicketsController::class, 'blacklistDelete'])->name('ticket.blacklist.delete');
Route::post('ticket/blacklist/change/{id}', [AdminTicketsController::class, 'blacklistChange'])->name('ticket.blacklist.change');
Route::get('ticket/blacklist/datatable', [AdminTicketsController::class, 'dataTableBlacklist'])->name('ticket.blacklist.datatable');
Route::get('ticket/category/datatable', [TicketCategoryController::class, 'datatable'])->name('ticket.category.datatable');
Route::resource("ticket/category", TicketCategoryController::class, ['as' => 'ticket']);
});
Route::get('/home', [HomeController::class, 'index'])->name('home');
});

8
themes/BlueInfinity/views/layouts/main.blade.php
View file

@ -257,15 +257,15 @@
<li class="nav-header">{{ __('Moderation') }}</li>
<li class="nav-item">
<a href="{{ route('moderator.ticket.index') }}"
class="nav-link @if (Request::routeIs('moderator.ticket.index')) active @endif">
<a href="{{ route('admin.ticket.index') }}"
class="nav-link @if (Request::routeIs('admin.ticket.index')) active @endif">
<i class="nav-icon fas fa-ticket-alt"></i>
<p>{{ __('Ticket List') }}</p>
</a>
</li>
<li class="nav-item">
<a href="{{ route('moderator.ticket.blacklist') }}"
class="nav-link @if (Request::routeIs('moderator.ticket.blacklist')) active @endif">
<a href="{{ route('admin.ticket.blacklist') }}"
class="nav-link @if (Request::routeIs('admin.ticket.blacklist')) active @endif">
<i class="nav-icon fas fa-user-times"></i>
<p>{{ __('Ticket Blacklist') }}</p>
</a>

2
themes/default/views/admin/overview/index.blade.php
View file

@ -183,7 +183,7 @@
@foreach($tickets as $ticket_id => $ticket)
<tr>
<td><a class="text-info" href="{{route('moderator.ticket.show', ['ticket_id' => $ticket_id])}}">#{{$ticket_id}} - {{$ticket->title}}</td>
<td><a class="text-info" href="{{route('admin.ticket.show', ['ticket_id' => $ticket_id])}}">#{{$ticket_id}} - {{$ticket->title}}</td>
<td><a href="{{route('admin.users.show', $ticket->user_id)}}">{{$ticket->user}}</a></td>
<td><span class="badge {{$ticket->statusBadgeColor}}">{{$ticket->status}}</span></td>
<td>{{$ticket->last_updated}}</td>

116
themes/default/views/layouts/main.blade.php
View file

@ -257,28 +257,11 @@
@endcanany
@endif
@if ((Auth::user()->hasRole(1) || Auth::user()->role == 'moderator') && $ticket_enabled)
<li class="nav-header">{{ __('Moderation') }}</li>
<li class="nav-item">
<a href="{{ route('moderator.ticket.index') }}"
class="nav-link @if (Request::routeIs('moderator.ticket.index')) active @endif">
<i class="nav-icon fas fa-ticket-alt"></i>
<p>{{ __('Ticket List') }}</p>
</a>
</li>
<li class="nav-item">
<a href="{{ route('moderator.ticket.blacklist') }}"
class="nav-link @if (Request::routeIs('moderator.ticket.blacklist')) active @endif">
<i class="nav-icon fas fa-user-times"></i>
<p>{{ __('Ticket Blacklist') }}</p>
</a>
</li>
@endif
@if (Auth::user()->hasRole(1))
<li class="nav-header">{{ __('Administration') }}</li>
@canany(['admin.overview.read','admin.overview.sync'])
<li class="nav-item">
<a href="{{ route('admin.overview.index') }}"
class="nav-link @if (Request::routeIs('admin.overview.*')) active @endif">
@ -286,7 +269,29 @@
<p>{{ __('Overview') }}</p>
</a>
</li>
@endcanany
@canany(['admin.ticket.read','admin.tickets.write'])
<li class="nav-item">
<a href="{{ route('admin.ticket.index') }}"
class="nav-link @if (Request::routeIs('admin.ticket.index')) active @endif">
<i class="nav-icon fas fa-ticket-alt"></i>
<p>{{ __('Ticket List') }}</p>
</a>
</li>
@endcanany
@canany(['admin.ticket_blacklist.read','admin.ticket_blacklist.write'])
<li class="nav-item">
<a href="{{ route('admin.ticket.blacklist') }}"
class="nav-link @if (Request::routeIs('admin.ticket.blacklist')) active @endif">
<i class="nav-icon fas fa-user-times"></i>
<p>{{ __('Ticket Blacklist') }}</p>
</a>
</li>
@endcanany
@canany(['admin.roles.read','admin.roles.write'])
<li class="nav-item">
<a href="{{ route('admin.roles.index') }}"
class="nav-link @if (Request::routeIs('admin.roles.*')) active @endif">
@ -294,6 +299,7 @@
<p>{{ __('Role Management') }}</p>
</a>
</li>
@endcanany
<li class="nav-item">
<a href="{{ route('admin.settings.index') }}"
@ -303,6 +309,7 @@
</a>
</li>
@canany(['admin.api.read','admin.api.write'])
<li class="nav-item">
<a href="{{ route('admin.api.index') }}"
class="nav-link @if (Request::routeIs('admin.api.*')) active @endif">
@ -310,9 +317,18 @@
<p>{{ __('Application API') }}</p>
</a>
</li>
@endcanany
<li class="nav-header">{{ __('Management') }}</li>
@canany(['admin.users.read',
'admin.users.write',
'admin.users.suspend',
'admin.users.write.credits',
'admin.users.write.username',
'admin.users.write.password',
'admin.users.write.role',
'admin.users.write.referal',
'admin.users.write.pterodactyl'])
<li class="nav-item">
<a href="{{ route('admin.users.index') }}"
class="nav-link @if (Request::routeIs('admin.users.*')) active @endif">
@ -320,7 +336,13 @@
<p>{{ __('Users') }}</p>
</a>
</li>
@endcanany
@canany(['admin.servers.read',
'admin.servers.write',
'admin.servers.suspend',
'admin.servers.write.owner',
'admin.servers.write.identifier',
'admin.servers.delete'])
<li class="nav-item">
<a href="{{ route('admin.servers.index') }}"
class="nav-link @if (Request::routeIs('admin.servers.*')) active @endif">
@ -328,7 +350,11 @@
<p>{{ __('Servers') }}</p>
</a>
</li>
@endcanany
@canany(['admin.products.read',
'admin.products.create',
'admin.products.edit',
'admin.products.delete',])
<li class="nav-item">
<a href="{{ route('admin.products.index') }}"
class="nav-link @if (Request::routeIs('admin.products.*')) active @endif">
@ -336,7 +362,8 @@
<p>{{ __('Products') }}</p>
</a>
</li>
@endcanany
@canany(['admin.store.read','admin.store.write','admin.store.disable'])
<li class="nav-item">
<a href="{{ route('admin.store.index') }}"
class="nav-link @if (Request::routeIs('admin.store.*')) active @endif">
@ -344,7 +371,8 @@
<p>{{ __('Store') }}</p>
</a>
</li>
@endcanany
@canany(["admin.voucher.read","admin.voucher.read"])
<li class="nav-item">
<a href="{{ route('admin.vouchers.index') }}"
class="nav-link @if (Request::routeIs('admin.vouchers.*')) active @endif">
@ -352,7 +380,8 @@
<p>{{ __('Vouchers') }}</p>
</a>
</li>
@endcanany
@canany(["admin.partners.read","admin.partners.read"])
<li class="nav-item">
<a href="{{ route('admin.partners.index') }}"
class="nav-link @if (Request::routeIs('admin.partners.*')) active @endif">
@ -360,28 +389,13 @@
<p>{{ __('Partners') }}</p>
</a>
</li>
@endcanany
{{-- <li class="nav-header">Pterodactyl</li> --}}
{{-- <li class="nav-item"> --}}
{{-- <a href="{{route('admin.nodes.index')}}" --}}
{{-- class="nav-link @if (Request::routeIs('admin.nodes.*')) active @endif"> --}}
{{-- <i class="nav-icon fas fa-sitemap"></i> --}}
{{-- <p>Nodes</p> --}}
{{-- </a> --}}
{{-- </li> --}}
{{-- <li class="nav-item"> --}}
{{-- <a href="{{route('admin.nests.index')}}" --}}
{{-- class="nav-link @if (Request::routeIs('admin.nests.*')) active @endif"> --}}
{{-- <i class="nav-icon fas fa-th-large"></i> --}}
{{-- <p>Nests</p> --}}
{{-- </a> --}}
{{-- </li> --}}
<li class="nav-header">{{ __('Other') }}</li>
@canany(["admin.useful_links.read","admin.legal.read"])
<li class="nav-header">{{ __('Other') }}</li>
@endcanany
@canany(["admin.useful_links.read","admin.useful_links.write"])
<li class="nav-item">
<a href="{{ route('admin.usefullinks.index') }}"
class="nav-link @if (Request::routeIs('admin.usefullinks.*')) active @endif">
@ -389,7 +403,9 @@
<p>{{ __('Useful Links') }}</p>
</a>
</li>
@endcanany
@canany(["admin.legal.read","admin.legal.write"])
<li class="nav-item">
<a href="{{ route('admin.legal.index') }}"
class="nav-link @if (Request::routeIs('admin.legal.*')) active @endif">
@ -397,9 +413,14 @@
<p>{{ __('Legal Sites') }}</p>
</a>
</li>
@endcanany
<li class="nav-header">{{ __('Logs') }}</li>
@canany(["admin.payments.read","admin.logs.read"])
<li class="nav-header">{{ __('Logs') }}</li>
@endcanany
@can("admin.payments.read")
<li class="nav-item">
<a href="{{ route('admin.payments.index') }}"
class="nav-link @if (Request::routeIs('admin.payments.*')) active @endif">
@ -410,7 +431,9 @@
</p>
</a>
</li>
@endcan
@can("admin.logs.read")
<li class="nav-item">
<a href="{{ route('admin.activitylogs.index') }}"
class="nav-link @if (Request::routeIs('admin.activitylogs.*')) active @endif">
@ -418,7 +441,8 @@
<p>{{ __('Activity Logs') }}</p>
</a>
</li>
@endif
@endcan
</ul>
</nav>

2
themes/default/views/mail/ticket/admin/create.blade.php
View file

@ -17,7 +17,7 @@ ___
You can respond to this ticket by simply replying to this email or through the admin area at the url below.
<br>
{{ route('moderator.ticket.show', ['ticket_id' => $ticket->ticket_id]) }}
{{ route('admin.ticket.show', ['ticket_id' => $ticket->ticket_id]) }}
<br>
{{__('Thanks')}},<br>

2
themes/default/views/mail/ticket/admin/reply.blade.php
View file

@ -17,7 +17,7 @@ ___
You can respond to this ticket by simply replying to this email or through the admin area at the url below.
<br>
{{ route('moderator.ticket.show', ['ticket_id' => $ticket->ticket_id]) }}
{{ route('admin.ticket.show', ['ticket_id' => $ticket->ticket_id]) }}
<br>
{{__('Thanks')}},<br>

6
themes/default/views/moderator/ticket/blacklist.blade.php
View file

@ -12,7 +12,7 @@
<ol class="breadcrumb float-sm-right">
<li class="breadcrumb-item"><a href="{{ route('home') }}">{{ __('Dashboard') }}</a></li>
<li class="breadcrumb-item"><a class="text-muted"
href="{{ route('moderator.ticket.blacklist') }}">{{ __('Ticket Blacklist') }}</a>
href="{{ route('admin.ticket.blacklist') }}">{{ __('Ticket Blacklist') }}</a>
</li>
</ol>
</div>
@ -60,7 +60,7 @@
class="fas fa-info-circle"></i></h5>
</div>
<div class="card-body">
<form action="{{route('moderator.ticket.blacklist.add')}}" method="POST" class="ticket-form">
<form action="{{route('admin.ticket.blacklist.add')}}" method="POST" class="ticket-form">
@csrf
<div class="custom-control mb-3 p-0">
<label for="user_id">{{ __('User') }}:
@ -95,7 +95,7 @@
processing: true,
serverSide: true,
stateSave: true,
ajax: "{{route('moderator.ticket.blacklist.datatable')}}",
ajax: "{{route('admin.ticket.blacklist.datatable')}}",
columns: [
{data: 'user' , name : 'user.name'},
{data: 'status'},

8
themes/default/views/moderator/ticket/category.blade.php
View file

@ -12,7 +12,7 @@
<ol class="breadcrumb float-sm-right">
<li class="breadcrumb-item"><a href="{{ route('home') }}">{{ __('Dashboard') }}</a></li>
<li class="breadcrumb-item"><a class="text-muted"
href="{{ route("moderator.ticket.category.index") }}">{{ __('Ticket Categories') }}</a>
href="{{ route("admin.ticket.category.index") }}">{{ __('Ticket Categories') }}</a>
</li>
</ol>
</div>
@ -56,7 +56,7 @@
<h5 class="card-title">{{__('Add Category')}}
</div>
<div class="card-body">
<form action="{{route("moderator.ticket.category.store")}}" method="POST" class="ticket-form">
<form action="{{route("admin.ticket.category.store")}}" method="POST" class="ticket-form">
@csrf
<div class="form-group ">
<label for="name" class="control-label">{{__("Name")}}</label>
@ -73,7 +73,7 @@
<h5 class="card-title">{{__('Edit Category')}}
</div>
<div class="card-body">
<form action="{{route("moderator.ticket.category.update","1")}}" method="POST" class="ticket-form">
<form action="{{route("admin.ticket.category.update","1")}}" method="POST" class="ticket-form">
@csrf
@method('PATCH')
<select id="category" style="width:100%" class="custom-select" name="category"
@ -109,7 +109,7 @@
processing: true,
serverSide: true,
stateSave: true,
ajax: "{{route('moderator.ticket.category.datatable')}}",
ajax: "{{route('admin.ticket.category.datatable')}}",
columns: [
{data: 'id'},
{data: 'name'},

6
themes/default/views/moderator/ticket/index.blade.php
View file

@ -12,7 +12,7 @@
<ol class="breadcrumb float-sm-right">
<li class="breadcrumb-item"><a href="{{route('home')}}">{{__('Dashboard')}}</a></li>
<li class="breadcrumb-item"><a class="text-muted"
href="{{route('moderator.ticket.index')}}">{{__('Ticket List')}}</a></li>
href="{{route('admin.ticket.index')}}">{{__('Ticket List')}}</a></li>
</ol>
</div>
</div>
@ -30,7 +30,7 @@
<div class="d-flex justify-content-between">
<h5 class="card-title"><i class="fas fa-ticket-alt mr-2"></i>{{__('Ticket List')}}</h5>
</div>
<a href="{{route("moderator.ticket.category.index")}}"><button class="btn btn-primary float-right">+ {{__("Add Category")}}</button></a>
<a href="{{route("admin.ticket.category.index")}}"><button class="btn btn-primary float-right">+ {{__("Add Category")}}</button></a>
</div>
@ -72,7 +72,7 @@
processing: true,
serverSide: true,
stateSave: true,
ajax: "{{route('moderator.ticket.datatable')}}",
ajax: "{{route('admin.ticket.datatable')}}",
order: [[ 4, "desc" ]],
columns: [
{data: 'category'},

8
themes/default/views/moderator/ticket/show.blade.php
View file

@ -12,7 +12,7 @@
<ol class="breadcrumb float-sm-right">
<li class="breadcrumb-item"><a href="{{ route('home') }}">{{ __('Dashboard') }}</a></li>
<li class="breadcrumb-item"><a class="text-muted"
href="{{ route('moderator.ticket.index') }}">{{ __('Ticket') }}</a>
href="{{ route('admin.ticket.index') }}">{{ __('Ticket') }}</a>
</li>
</ol>
</div>
@ -74,7 +74,7 @@
<p><b>{{__("Created on")}}:</b> {{ $ticket->created_at->diffForHumans() }}</p>
@if($ticket->status=='Closed')
<form class="d-inline" method="post"
action="{{route('moderator.ticket.changeStatus', ['ticket_id' => $ticket->ticket_id ])}}">
action="{{route('admin.ticket.changeStatus', ['ticket_id' => $ticket->ticket_id ])}}">
{{csrf_field()}}
{{method_field("POST") }}
<button data-content="{{__("Reopen")}}" data-toggle="popover"
@ -84,7 +84,7 @@
</form>
@else
<form class="d-inline" method="post"
action="{{route('moderator.ticket.changeStatus', ['ticket_id' => $ticket->ticket_id ])}}">
action="{{route('admin.ticket.changeStatus', ['ticket_id' => $ticket->ticket_id ])}}">
{{csrf_field()}}
{{method_field("POST") }}
<button data-content="{{__("Close")}}" data-toggle="popover"
@ -140,7 +140,7 @@
</div>
@endforeach
<div class="comment-form">
<form action="{{ route('moderator.ticket.reply')}}" method="POST" class="form">
<form action="{{ route('admin.ticket.reply')}}" method="POST" class="form">
{!! csrf_field() !!}
<input type="hidden" name="ticket_id" value="{{ $ticket->id }}">
<div class="form-group{{ $errors->has('ticketcomment') ? ' has-error' : '' }}">