full user permissions
This commit is contained in:
1day2die
parent
e8c8d1c68d
commit
eb3afbfaab
|
|
@ -23,6 +23,7 @@ use App\Settings\LocaleSettings;
|
|||
|
||||
class PaymentController extends Controller
|
||||
{
|
||||
const BUY_PERMISSION = 'user.shop.buy';
|
||||
/**
|
||||
* @return Application|Factory|View
|
||||
*/
|
||||
|
|
@ -41,6 +42,8 @@ class PaymentController extends Controller
|
|||
*/
|
||||
public function checkOut(ShopProduct $shopProduct, GeneralSettings $general_settings)
|
||||
{
|
||||
$this->checkPermission(self::BUY_PERMISSION);
|
||||
|
||||
$discount = PartnerDiscount::getDiscount();
|
||||
$price = $shopProduct->price - ($shopProduct->price * $discount / 100);
|
||||
|
||||
|
|
|
|||
|
|
@ -164,6 +164,9 @@ class RoleController extends Controller
|
|||
|
||||
|
||||
return datatables($query)
|
||||
->editColumn('id', function (Role $role) {
|
||||
return $role->id;
|
||||
})
|
||||
->addColumn('actions', function (Role $role) {
|
||||
return '
|
||||
<a title="Edit" href="'.route("admin.roles.edit", $role).'" class="btn btn-sm btn-info"><i
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ use App\Settings\PterodactylSettings;
|
|||
use App\Classes\PterodactylClient;
|
||||
use App\Settings\GeneralSettings;
|
||||
use Exception;
|
||||
use GuzzleHttp\Promise\Create;
|
||||
use Illuminate\Database\Eloquent\Builder;
|
||||
use Illuminate\Http\Client\Response;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
|
|
@ -24,6 +25,9 @@ use Illuminate\Support\Facades\Request as FacadesRequest;
|
|||
|
||||
class ServerController extends Controller
|
||||
{
|
||||
const CREATE_PERMISSION = 'user.server.create';
|
||||
const UPGRADE_PERMISSION = 'user.server.upgrade';
|
||||
|
||||
private $pterodactyl;
|
||||
|
||||
public function __construct(PterodactylSettings $ptero_settings)
|
||||
|
|
@ -81,6 +85,8 @@ class ServerController extends Controller
|
|||
/** Show the form for creating a new resource. */
|
||||
public function create(UserSettings $user_settings, ServerSettings $server_settings, GeneralSettings $general_settings)
|
||||
{
|
||||
$this->checkPermission(self::CREATE_PERMISSION);
|
||||
|
||||
$validate_configuration = $this->validateConfigurationRules($user_settings, $server_settings);
|
||||
|
||||
if (!is_null($validate_configuration)) {
|
||||
|
|
@ -316,6 +322,8 @@ class ServerController extends Controller
|
|||
|
||||
public function upgrade(Server $server, Request $request)
|
||||
{
|
||||
$this->checkPermission(self::UPGRADE_PERMISSION);
|
||||
|
||||
if ($server->user_id != Auth::user()->id) {
|
||||
return redirect()->route('servers.index');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,6 +21,8 @@ use Illuminate\Support\Str;
|
|||
|
||||
class TicketsController extends Controller
|
||||
{
|
||||
const READ_PERMISSION = 'user.ticket.read';
|
||||
const WRITE_PERMISSION = 'user.ticket.write';
|
||||
public function index(LocaleSettings $locale_settings)
|
||||
{
|
||||
return view('ticket.index', [
|
||||
|
|
@ -74,6 +76,7 @@ class TicketsController extends Controller
|
|||
|
||||
public function show($ticket_id, PterodactylSettings $ptero_settings)
|
||||
{
|
||||
$this->checkPermission(self::READ_PERMISSION);
|
||||
try {
|
||||
$ticket = Ticket::where('ticket_id', $ticket_id)->firstOrFail();
|
||||
} catch (Exception $e) {
|
||||
|
|
@ -118,6 +121,7 @@ class TicketsController extends Controller
|
|||
|
||||
public function create()
|
||||
{
|
||||
$this->checkPermission(self::WRITE_PERMISSION);
|
||||
//check in blacklist
|
||||
$check = TicketBlacklist::where('user_id', Auth::user()->id)->first();
|
||||
if ($check && $check->status == 'True') {
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ return [
|
|||
* By default wildcard permission lookups are disabled.
|
||||
*/
|
||||
|
||||
'enable_wildcard_permission' => false,
|
||||
'enable_wildcard_permission' => true,
|
||||
|
||||
'cache' => [
|
||||
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@
|
|||
<table id="datatable" class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>{{__("ID")}}</th>
|
||||
<th>{{__("Name")}}</th>
|
||||
<th>{{__("User count")}}</th>
|
||||
<th>{{__("Permissions count")}}</th>
|
||||
|
|
@ -40,10 +41,11 @@
|
|||
url: '//cdn.datatables.net/plug-ins/1.11.3/i18n/{{config("SETTINGS::LOCALE:DATATABLES")}}.json'
|
||||
},
|
||||
processing: true,
|
||||
serverSide: false, //increases loading times too much? change back to "true" if it does
|
||||
serverSide: true, //increases loading times too much? change back to "true" if it does
|
||||
stateSave: true,
|
||||
ajax: "{{route('admin.roles.datatable')}}",
|
||||
columns: [
|
||||
{data: 'id'},
|
||||
{data: 'name'},
|
||||
{data: 'usercount'},
|
||||
{data: 'permissionscount'},
|
||||
|
|
|
|||
|
|
@ -159,6 +159,9 @@
|
|||
</div>
|
||||
</div>
|
||||
@endforeach
|
||||
|
||||
<!-- TODO: Display this only on the General tab
|
||||
|
||||
<div class="row">
|
||||
<div class="col-4 d-flex align-items-center">
|
||||
<label for="recaptcha_preview">{{__("ReCAPTCHA Preview")}}</label>
|
||||
|
|
@ -179,6 +182,7 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
-->
|
||||
|
||||
|
||||
<div class="row">
|
||||
|
|
|
|||
|
|
@ -246,6 +246,7 @@
|
|||
@endif
|
||||
@php($ticket_enabled = app(App\Settings\TicketSettings::class)->enabled)
|
||||
@if ($ticket_enabled)
|
||||
@canany(["user.ticket.read", "user.ticket.write"])
|
||||
<li class="nav-item">
|
||||
<a href="{{ route('ticket.index') }}"
|
||||
class="nav-link @if (Request::routeIs('ticket.*')) active @endif">
|
||||
|
|
@ -253,6 +254,7 @@
|
|||
<p>{{ __('Support Ticket') }}</p>
|
||||
</a>
|
||||
</li>
|
||||
@endcanany
|
||||
@endif
|
||||
|
||||
@if ((Auth::user()->hasRole(1) || Auth::user()->role == 'moderator') && $ticket_enabled)
|
||||
|
|
|
|||
|
|
@ -101,7 +101,7 @@
|
|||
</div>
|
||||
|
||||
@if($referral_enabled)
|
||||
@if(($referral_allowed === "client" && $user->role != "member") || $referral_allowed === "everyone")
|
||||
@can("user.referral")
|
||||
<div class="mt-1">
|
||||
<span class="badge badge-success"><i
|
||||
class="fa fa-user-check mr-2"></i>
|
||||
|
|
@ -112,8 +112,8 @@
|
|||
@else
|
||||
<span class="badge badge-warning"><i
|
||||
class="fa fa-user-check mr-2"></i>
|
||||
{{_("Make a purchase to reveal your referral-URL")}}</span>
|
||||
@endif
|
||||
{{_("You can not see your Referral Code")}}</span>
|
||||
@endcan
|
||||
</div>
|
||||
@endif
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -27,17 +27,17 @@
|
|||
|
||||
<!-- CUSTOM CONTENT -->
|
||||
<div class="d-flex justify-content-md-start justify-content-center mb-3 ">
|
||||
<a @if (Auth::user()->Servers->count() >= Auth::user()->server_limit)
|
||||
disabled="disabled" title="Server limit reached!"
|
||||
@endif href="{{ route('servers.create') }}"
|
||||
class="btn
|
||||
@if (Auth::user()->Servers->count() >= Auth::user()->server_limit) disabled
|
||||
@endif btn-primary"><i
|
||||
class="fa fa-plus mr-2"></i>
|
||||
<a @if (Auth::user()->Servers->count() >= Auth::user()->server_limit) disabled="disabled" title="Server limit reached!" @endif
|
||||
@cannot("user.server.create") disabled="disabled" title="No Permission!" @endcannot
|
||||
href="{{ route('servers.create') }}" class="btn
|
||||
@if (Auth::user()->Servers->count() >= Auth::user()->server_limit) disabled @endif
|
||||
@cannot("user.server.create") disabled @endcannot
|
||||
btn-primary">
|
||||
<i class="fa fa-plus mr-2"></i>
|
||||
{{ __('Create Server') }}
|
||||
</a>
|
||||
@if (Auth::user()->Servers->count() > 0 && !empty($phpmyadmin_url))
|
||||
<a
|
||||
<a
|
||||
href="{{ $phpmyadmin_url }}" target="_blank"
|
||||
class="btn btn-secondary ml-2"><i title="manage"
|
||||
class="fas fa-database mr-2"></i><span>{{ __('Database') }}</span>
|
||||
|
|
|
|||
|
|
@ -222,7 +222,7 @@
|
|||
<div class="card-footer">
|
||||
<div class="col-md-12 text-center">
|
||||
<!-- Upgrade Button trigger modal -->
|
||||
@if($server_enable_upgrade)
|
||||
@if($server_enable_upgrade && Auth::user()->can("user.server.upgrade"))
|
||||
<button type="button" data-toggle="modal" data-target="#UpgradeModal{{ $server->id }}" target="__blank"
|
||||
class="btn btn-info btn-md">
|
||||
<i class="fas fa-upload mr-2"></i>
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@
|
|||
{{ $product->display }}
|
||||
</td>
|
||||
<td><a href="{{ route('checkout', $product->id) }}"
|
||||
class="btn btn-info">{{ __('Purchase') }}</a>
|
||||
class="btn btn-info @cannot('user.shop.buy') disabled @endcannot">{{ __('Purchase') }}</a>
|
||||
</td>
|
||||
</tr>
|
||||
@endforeach
|
||||
|
|
|
|||
|
|
@ -30,8 +30,8 @@
|
|||
<div class="card-header">
|
||||
<div class="d-flex justify-content-between">
|
||||
<h5 class="card-title"><i class="fas fa-ticket-alt mr-2"></i>{{__('My Ticket')}}</h5>
|
||||
<a href="{{route('ticket.new')}}" class="btn btn-sm btn-primary"><i
|
||||
class="fas fa-plus mr-1"></i>{{__('New Ticket')}}</a>
|
||||
<a href="{{route('ticket.new')}}" class="btn btn-sm btn-primary @cannot("user.ticket.write")) disabled @endcannot">
|
||||
<i class="fas fa-plus mr-1"></i>{{__('New Ticket')}}</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="card-body table-responsive">
|
||||
|
|
|
|||
Loading…
Reference in a new issue