From eb3afbfaaba9660b1de264e2b68d801e72a13191 Mon Sep 17 00:00:00 2001 From: 1day2die Date: Wed, 3 May 2023 09:53:41 +0200 Subject: [PATCH] full user permissions --- app/Http/Controllers/Admin/PaymentController.php | 3 +++ app/Http/Controllers/Admin/RoleController.php | 3 +++ app/Http/Controllers/ServerController.php | 8 ++++++++ app/Http/Controllers/TicketsController.php | 4 ++++ config/permission.php | 2 +- themes/default/views/admin/roles/index.blade.php | 4 +++- .../default/views/admin/settings/index.blade.php | 4 ++++ themes/default/views/layouts/main.blade.php | 2 ++ themes/default/views/profile/index.blade.php | 6 +++--- themes/default/views/servers/index.blade.php | 16 ++++++++-------- themes/default/views/servers/settings.blade.php | 2 +- themes/default/views/store/index.blade.php | 2 +- themes/default/views/ticket/index.blade.php | 4 ++-- 13 files changed, 43 insertions(+), 17 deletions(-) diff --git a/app/Http/Controllers/Admin/PaymentController.php b/app/Http/Controllers/Admin/PaymentController.php index 25d2c9ce..02d91bde 100644 --- a/app/Http/Controllers/Admin/PaymentController.php +++ b/app/Http/Controllers/Admin/PaymentController.php @@ -23,6 +23,7 @@ use App\Settings\LocaleSettings; class PaymentController extends Controller { + const BUY_PERMISSION = 'user.shop.buy'; /** * @return Application|Factory|View */ @@ -41,6 +42,8 @@ class PaymentController extends Controller */ public function checkOut(ShopProduct $shopProduct, GeneralSettings $general_settings) { + $this->checkPermission(self::BUY_PERMISSION); + $discount = PartnerDiscount::getDiscount(); $price = $shopProduct->price - ($shopProduct->price * $discount / 100); diff --git a/app/Http/Controllers/Admin/RoleController.php b/app/Http/Controllers/Admin/RoleController.php index d5d474af..ed4194be 100644 --- a/app/Http/Controllers/Admin/RoleController.php +++ b/app/Http/Controllers/Admin/RoleController.php @@ -164,6 +164,9 @@ class RoleController extends Controller return datatables($query) + ->editColumn('id', function (Role $role) { + return $role->id; + }) ->addColumn('actions', function (Role $role) { return ' checkPermission(self::CREATE_PERMISSION); + $validate_configuration = $this->validateConfigurationRules($user_settings, $server_settings); if (!is_null($validate_configuration)) { @@ -316,6 +322,8 @@ class ServerController extends Controller public function upgrade(Server $server, Request $request) { + $this->checkPermission(self::UPGRADE_PERMISSION); + if ($server->user_id != Auth::user()->id) { return redirect()->route('servers.index'); } diff --git a/app/Http/Controllers/TicketsController.php b/app/Http/Controllers/TicketsController.php index 754241ed..d5912e43 100644 --- a/app/Http/Controllers/TicketsController.php +++ b/app/Http/Controllers/TicketsController.php @@ -21,6 +21,8 @@ use Illuminate\Support\Str; class TicketsController extends Controller { + const READ_PERMISSION = 'user.ticket.read'; + const WRITE_PERMISSION = 'user.ticket.write'; public function index(LocaleSettings $locale_settings) { return view('ticket.index', [ @@ -74,6 +76,7 @@ class TicketsController extends Controller public function show($ticket_id, PterodactylSettings $ptero_settings) { + $this->checkPermission(self::READ_PERMISSION); try { $ticket = Ticket::where('ticket_id', $ticket_id)->firstOrFail(); } catch (Exception $e) { @@ -118,6 +121,7 @@ class TicketsController extends Controller public function create() { + $this->checkPermission(self::WRITE_PERMISSION); //check in blacklist $check = TicketBlacklist::where('user_id', Auth::user()->id)->first(); if ($check && $check->status == 'True') { diff --git a/config/permission.php b/config/permission.php index 5b6e184c..5aeaab7c 100644 --- a/config/permission.php +++ b/config/permission.php @@ -133,7 +133,7 @@ return [ * By default wildcard permission lookups are disabled. */ - 'enable_wildcard_permission' => false, + 'enable_wildcard_permission' => true, 'cache' => [ diff --git a/themes/default/views/admin/roles/index.blade.php b/themes/default/views/admin/roles/index.blade.php index 71c88d92..0bc9d3a2 100644 --- a/themes/default/views/admin/roles/index.blade.php +++ b/themes/default/views/admin/roles/index.blade.php @@ -18,6 +18,7 @@ + @@ -40,10 +41,11 @@ url: '//cdn.datatables.net/plug-ins/1.11.3/i18n/{{config("SETTINGS::LOCALE:DATATABLES")}}.json' }, processing: true, - serverSide: false, //increases loading times too much? change back to "true" if it does + serverSide: true, //increases loading times too much? change back to "true" if it does stateSave: true, ajax: "{{route('admin.roles.datatable')}}", columns: [ + {data: 'id'}, {data: 'name'}, {data: 'usercount'}, {data: 'permissionscount'}, diff --git a/themes/default/views/admin/settings/index.blade.php b/themes/default/views/admin/settings/index.blade.php index 89249eac..134e0a95 100644 --- a/themes/default/views/admin/settings/index.blade.php +++ b/themes/default/views/admin/settings/index.blade.php @@ -159,6 +159,9 @@ @endforeach + +
diff --git a/themes/default/views/layouts/main.blade.php b/themes/default/views/layouts/main.blade.php index 6925c936..c72187bd 100644 --- a/themes/default/views/layouts/main.blade.php +++ b/themes/default/views/layouts/main.blade.php @@ -246,6 +246,7 @@ @endif @php($ticket_enabled = app(App\Settings\TicketSettings::class)->enabled) @if ($ticket_enabled) + @canany(["user.ticket.read", "user.ticket.write"])
  • @@ -253,6 +254,7 @@

    {{ __('Support Ticket') }}
    • + @endcanany @endif @if ((Auth::user()->hasRole(1) || Auth::user()->role == 'moderator') && $ticket_enabled) diff --git a/themes/default/views/profile/index.blade.php b/themes/default/views/profile/index.blade.php index 6fe0208b..45938437 100644 --- a/themes/default/views/profile/index.blade.php +++ b/themes/default/views/profile/index.blade.php @@ -101,7 +101,7 @@
    @if($referral_enabled) - @if(($referral_allowed === "client" && $user->role != "member") || $referral_allowed === "everyone") + @can("user.referral")
    @@ -112,8 +112,8 @@ @else - {{_("Make a purchase to reveal your referral-URL")}} - @endif + {{_("You can not see your Referral Code")}} + @endcan
    @endif diff --git a/themes/default/views/servers/index.blade.php b/themes/default/views/servers/index.blade.php index 4b9b7df1..df47ae53 100644 --- a/themes/default/views/servers/index.blade.php +++ b/themes/default/views/servers/index.blade.php @@ -27,17 +27,17 @@
    - Servers->count() >= Auth::user()->server_limit) - disabled="disabled" title="Server limit reached!" - @endif href="{{ route('servers.create') }}" - class="btn - @if (Auth::user()->Servers->count() >= Auth::user()->server_limit) disabled - @endif btn-primary"> + Servers->count() >= Auth::user()->server_limit) disabled="disabled" title="Server limit reached!" @endif + @cannot("user.server.create") disabled="disabled" title="No Permission!" @endcannot + href="{{ route('servers.create') }}" class="btn + @if (Auth::user()->Servers->count() >= Auth::user()->server_limit) disabled @endif + @cannot("user.server.create") disabled @endcannot + btn-primary"> + {{ __('Create Server') }} @if (Auth::user()->Servers->count() > 0 && !empty($phpmyadmin_url)) - {{ __('Database') }} diff --git a/themes/default/views/servers/settings.blade.php b/themes/default/views/servers/settings.blade.php index 2ec6bb27..4ef71744 100644 --- a/themes/default/views/servers/settings.blade.php +++ b/themes/default/views/servers/settings.blade.php @@ -222,7 +222,7 @@
    - @if($server_enable_upgrade) + @if($server_enable_upgrade && Auth::user()->can("user.server.upgrade"))
    @endforeach diff --git a/themes/default/views/ticket/index.blade.php b/themes/default/views/ticket/index.blade.php index d2e66c80..0c1d4098 100644 --- a/themes/default/views/ticket/index.blade.php +++ b/themes/default/views/ticket/index.blade.php @@ -30,8 +30,8 @@
    {{__('My Ticket')}}
    -     {{__('New Ticket')}} + + {{__('New Ticket')}}
    {{__("ID")}} {{__("Name")}} {{__("User count")}} {{__("Permissions count")}} {{ __('Purchase') }} + class="btn btn-info @cannot('user.shop.buy') disabled @endcannot">{{ __('Purchase') }}