beenull/ctrlpanel
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

full settings permissions (#809)

Browse source
This commit is contained in:
Dennis 2023-05-05 11:00:08 +02:00 committed by GitHub
parent fa24a6559b a573454810
commit 6687186fd4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 84 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/Http/Controllers/Admin/SettingsController.php
View file

@ -16,8 +16,7 @@ use Qirolab\Theme\Theme;
class SettingsController extends Controller class SettingsController extends Controller
{ {
const READ_PERMISSIONS = "admin.settings.read";
const WRITE_PERMISSIONS = "admin.settings.write";
/** /**
* Display a listing of the resource. * Display a listing of the resource.
* *
@ -26,7 +25,6 @@ class SettingsController extends Controller
public function index() public function index()
{ {
$this->checkPermission(self::READ_PERMISSIONS);
// get all other settings in app/Settings directory // get all other settings in app/Settings directory
// group items by file name like $categories // group items by file name like $categories
@ -96,9 +94,10 @@ class SettingsController extends Controller
*/ */
public function update(Request $request) public function update(Request $request)
{ {
$this->checkPermission(self::WRITE_PERMISSIONS);
$category = request()->get('category'); $category = request()->get('category');
$this->checkPermission("settings.".strtolower($category).".write");
$settings_class = request()->get('settings_class'); $settings_class = request()->get('settings_class');
if (method_exists($settings_class, 'getValidations')) { if (method_exists($settings_class, 'getValidations')) {

48
config/permissions_web.php
View file

@ -71,8 +71,52 @@ return [
'admin.logs.read', 'admin.logs.read',
'admin.settings.read', /*
'admin.settings.write', * Settings Permissions
*/
'settings.discord.read',
'settings.discord.write',
'settings.general.read',
'settings.general.write',
'settings.invoice.read',
'settings.invoice.write',
'settings.locale.read',
'settings.locale.write',
'settings.mail.read',
'settings.mail.write',
'settings.pterodactyl.read',
'settings.pterodactyl.write',
'settings.referral.read',
'settings.referral.write',
'settings.server.read',
'settings.server.write',
'settings.ticket.read',
'settings.ticket.write',
'settings.user.read',
'settings.user.write',
'settings.website.read',
'settings.website.write',
'settings.paypal.read',
'settings.paypal.write',
'settings.stripe.read',
'settings.stripe.write',
'settings.mollie.read',
'settings.mollie.write',
/* /*
* Permissions for users * Permissions for users
*/ */

5
themes/default/views/admin/settings/index.blade.php
View file

@ -45,6 +45,7 @@
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="tablist" <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="tablist"
data-accordion="false"> data-accordion="false">
@foreach ($settings as $category => $options) @foreach ($settings as $category => $options)
@canany(["settings.".strtolower($category).".read","settings.".strtolower($category).".write"])
<li class="nav-item border-bottom-0"> <li class="nav-item border-bottom-0">
<a href="#{{ $category }}" <a href="#{{ $category }}"
class="nav-link {{ $loop->first ? 'active' : '' }}" data-toggle="pill" class="nav-link {{ $loop->first ? 'active' : '' }}" data-toggle="pill"
@ -56,6 +57,7 @@
</p> </p>
</a> </a>
</li> </li>
@endcanany
@endforeach @endforeach
</ul> </ul>
</nav> </nav>
@ -65,6 +67,7 @@
<div class="col-10 p-0"> <div class="col-10 p-0">
<div class="tab-content ml-3" style="width: 100%;"> <div class="tab-content ml-3" style="width: 100%;">
@foreach ($settings as $category => $options) @foreach ($settings as $category => $options)
@canany(["settings.".strtolower($category).".read","settings.".strtolower($category).".write"])
<div container class="tab-pane fade container {{ $loop->first ? 'active show' : '' }}" <div container class="tab-pane fade container {{ $loop->first ? 'active show' : '' }}"
id="{{ $category }}" role="tabpanel"> id="{{ $category }}" role="tabpanel">
@ -158,6 +161,7 @@
</div> </div>
</div> </div>
@endforeach @endforeach
<!-- TODO: Display this only on the General tab <!-- TODO: Display this only on the General tab
@ -195,6 +199,7 @@
</div> </div>
</form> </form>
</div> </div>
@endcanany
@endforeach @endforeach
</div> </div>

31
themes/default/views/layouts/main.blade.php
View file

@ -258,7 +258,7 @@
@endif @endif
<!-- lol how do i make this shorter? --> <!-- lol how do i make this shorter? -->
@canany(['admin.settings.read','admin.settings.write','admin.overview.read','admin.overview.sync','admin.ticket.read','admin.tickets.write','admin.ticket_blacklist.read','admin.ticket_blacklist.write','admin.roles.read','admin.roles.write','admin.api.read','admin.api.write']) @canany(['settings.discord.read','settings.discord.write','settings.general.read','settings.general.write','settings.invoice.read','settings.invoice.write','settings.locale.read','settings.locale.write','settings.mail.read','settings.mail.write','settings.pterodactyl.read','settings.pterodactyl.write','settings.referral.read','settings.referral.write','settings.server.read','settings.server.write','settings.ticket.read','settings.ticket.write','settings.user.read','settings.user.write','settings.website.read','settings.website.write','settings.paypal.read','settings.paypal.write','settings.stripe.read','settings.stripe.write','settings.mollie.read','settings.mollie.write','admin.overview.read','admin.overview.sync','admin.ticket.read','admin.tickets.write','admin.ticket_blacklist.read','admin.ticket_blacklist.write','admin.roles.read','admin.roles.write','admin.api.read','admin.api.write'])
<li class="nav-header">{{ __('Administration') }}</li> <li class="nav-header">{{ __('Administration') }}</li>
@endcanany @endcanany
@ -302,7 +302,34 @@
</li> </li>
@endcanany @endcanany
@canany(['admin.settings.read','admin.settings.write']) @canany(['settings.discord.read',
'settings.discord.write',
'settings.general.read',
'settings.general.write',
'settings.invoice.read',
'settings.invoice.write',
'settings.locale.read',
'settings.locale.write',
'settings.mail.read',
'settings.mail.write',
'settings.pterodactyl.read',
'settings.pterodactyl.write',
'settings.referral.read',
'settings.referral.write',
'settings.server.read',
'settings.server.write',
'settings.ticket.read',
'settings.ticket.write',
'settings.user.read',
'settings.user.write',
'settings.website.read',
'settings.website.write',
'settings.paypal.read',
'settings.paypal.write',
'settings.stripe.read',
'settings.stripe.write',
'settings.mollie.read',
'settings.mollie.write',])
<li class="nav-item"> <li class="nav-item">
<a href="{{ route('admin.settings.index') }}" <a href="{{ route('admin.settings.index') }}"
class="nav-link @if (Request::routeIs('admin.settings.*')) active @endif"> class="nav-link @if (Request::routeIs('admin.settings.*')) active @endif">