aheathershaw
/
blue-twilight
1
0
Fork 0
Code Issues 32 Pull Requests Releases 15 Wiki Activity

#3: It's now possible to restrict access to the admin panel, managing albums and settings functions by user group

This commit is contained in:
Andy Heathershaw 2017-04-15 09:41:15 +01:00
parent 045935c554
commit 2ef01cc23c
19 changed files with 265 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/Group.php
View File

@ -15,6 +15,18 @@ class Group extends Model
'name'
];
public function adminPermissions()
{
return $this->belongsToMany(Permission::class, 'admin_group_permissions');
}
public function hasAdminPermission(Group $group, Permission $permission)
{
return $this->adminPermissions()->where([
'permission_id' => $permission->id
])->count() > 0;
}
public function users()
{
return $this->belongsToMany(User::class, 'user_groups');

22
app/Http/Controllers/Admin/AlbumController.php
View File

@ -34,7 +34,7 @@ class AlbumController extends Controller
public function analyse($id, $queue_token)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = $this->loadAlbum($id);
$photos = $album->photos()
@ -57,7 +57,7 @@ class AlbumController extends Controller
*/
public function create(Request $request)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$albumSources = [];
foreach (Storage::where('is_active', true)->orderBy('name')->get() as $storage)
@ -81,7 +81,7 @@ class AlbumController extends Controller
public function delete($id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = $this->loadAlbum($id);
@ -96,7 +96,7 @@ class AlbumController extends Controller
*/
public function destroy(Request $request, $id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = $this->loadAlbum($id);
@ -124,7 +124,7 @@ class AlbumController extends Controller
*/
public function edit($id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = $this->loadAlbum($id);
@ -138,7 +138,7 @@ class AlbumController extends Controller
*/
public function index(Request $request)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$albums = DbHelper::getAlbumsForCurrentUser();
@ -150,7 +150,7 @@ class AlbumController extends Controller
public function setGroupPermissions(Request $request, $id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
/** @var Album $album */
$album = $this->loadAlbum($id);
@ -206,7 +206,7 @@ class AlbumController extends Controller
public function setUserPermissions(Request $request, $id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
/** @var Album $album */
$album = $this->loadAlbum($id);
@ -287,7 +287,7 @@ class AlbumController extends Controller
*/
public function show(Request $request, $id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = $this->loadAlbum($id);
$photos = $album->photos()
@ -371,7 +371,7 @@ class AlbumController extends Controller
*/
public function store(Requests\StoreAlbumRequest $request)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = new Album();
$album->fill($request->only(['name', 'description', 'storage_id']));
@ -395,7 +395,7 @@ class AlbumController extends Controller
*/
public function update(Requests\StoreAlbumRequest $request, $id)
{
$this->authorizeAccessToAdminPanel();
$this->authorizeAccessToAdminPanel('admin:manage-albums');
$album = $this->loadAlbum($id);
$album->fill($request->only(['name', 'description']));

6
app/Http/Controllers/Admin/DefaultController.php
View File

@ -55,6 +55,8 @@ class DefaultController extends Controller
public function saveSettings(SaveSettingsRequest $request)
{
$this->authorizeAccessToAdminPanel('admin:configure');
$passwordKeys = [
'smtp_password'
];
@ -137,7 +139,7 @@ class DefaultController extends Controller
public function settings(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel('admin:configure');
// Load the current configuration
$config = array_merge(UserConfig::defaults(), UserConfig::getAll());
@ -162,6 +164,8 @@ class DefaultController extends Controller
public function testMailSettings(SaveSettingsRequest $request)
{
$this->authorizeAccessToAdminPanel('admin:configure');
try
{
$validKeys = [

36
app/Http/Controllers/Admin/GroupController.php
View File

@ -7,6 +7,7 @@ use App\Facade\UserConfig;
use App\Group;
use App\Http\Controllers\Controller;
use App\Http\Requests\StoreGroupRequest;
use App\Permission;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\View;
@ -26,14 +27,14 @@ class GroupController extends Controller
*/
public function create()
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
return Theme::render('admin.create_group');
}
public function delete($id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$group = Group::where('id', intval($id))->first();
if (is_null($group))
@ -52,7 +53,7 @@ class GroupController extends Controller
*/
public function destroy(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Group $group */
$group = Group::where('id', intval($id))->first();
@ -87,7 +88,7 @@ class GroupController extends Controller
*/
public function edit(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$group = Group::where('id', intval($id))->first();
if (is_null($group))
@ -100,7 +101,10 @@ class GroupController extends Controller
$request->session()->flash('_old_input', $group->toArray());
}
return Theme::render('admin.edit_group', ['group' => $group]);
return Theme::render('admin.edit_group', [
'all_permissions' => Permission::where('section', 'admin')->get(),
'group' => $group
]);
}
/**
@ -110,7 +114,7 @@ class GroupController extends Controller
*/
public function index(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$groups = Group::orderBy('name')
->paginate(UserConfig::get('items_per_page'));
@ -131,7 +135,7 @@ class GroupController extends Controller
*/
public function store(StoreGroupRequest $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$group = new Group();
$group->fill($request->only(['name']));
@ -149,8 +153,9 @@ class GroupController extends Controller
*/
public function update(StoreGroupRequest $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Group $group */
$group = Group::where('id', intval($id))->first();
if (is_null($group))
{
@ -158,6 +163,21 @@ class GroupController extends Controller
}
$group->fill($request->only(['name']));
// Update the admin permissions
$group->adminPermissions()->detach();
$permissions = $request->get('permissions');
if (is_array($permissions) && array_key_exists($id, $permissions))
{
foreach ($permissions[$id] as $permissionID)
{
$group->adminPermissions()->attach($permissionID, [
'created_at' => new \DateTime(),
'updated_at' => new \DateTime()
]);
}
}
$group->save();
return redirect(route('groups.index'));

18
app/Http/Controllers/Admin/PhotoController.php
View File

@ -34,7 +34,7 @@ class PhotoController extends Controller
public function analyse($photoId, $queue_token)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Photo $photo */
$photo = Photo::where('id', intval($photoId))->first();
@ -93,7 +93,7 @@ class PhotoController extends Controller
*/
public function destroy(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Photo $photo */
$photo = Photo::where('id', intval($id))->first();
@ -111,7 +111,7 @@ class PhotoController extends Controller
public function flip($photoId, $horizontal, $vertical)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
settype($horizontal, 'boolean');
settype($vertical, 'boolean');
@ -129,7 +129,7 @@ class PhotoController extends Controller
public function move(Request $request, $photoId)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$photo = Photo::where('id', intval($photoId))->first();
if (is_null($photo))
@ -160,7 +160,7 @@ class PhotoController extends Controller
public function regenerateThumbnails($photoId)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Photo $photo */
$photo = Photo::where('id', intval($photoId))->first();
@ -190,7 +190,7 @@ class PhotoController extends Controller
public function rotate($photoId, $angle)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$photo = Photo::where('id', intval($photoId))->first();
if (is_null($photo))
@ -217,7 +217,7 @@ class PhotoController extends Controller
*/
public function store(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$photoFiles = $request->files->get('photo');
@ -276,7 +276,7 @@ class PhotoController extends Controller
public function storeBulk(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
// Load the linked album
$album = $this->loadAlbum($request->get('album_id'));
@ -404,7 +404,7 @@ class PhotoController extends Controller
public function updateBulk(UpdatePhotosBulkRequest $request, $albumId)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Album $album */
$album = Album::where('id', intval($albumId))->first();

14
app/Http/Controllers/Admin/StorageController.php
View File

@ -34,7 +34,7 @@ class StorageController extends Controller
*/
public function index(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$storageLocations = Storage::orderBy('name')
->paginate(UserConfig::get('items_per_page'));
@ -53,7 +53,7 @@ class StorageController extends Controller
*/
public function create(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$filesystemDefaultLocation = sprintf('%s/storage/app/albums', dirname(dirname(dirname(dirname(__DIR__)))));
@ -72,7 +72,7 @@ class StorageController extends Controller
*/
public function store(Requests\StoreStorageRequest $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$storage = new Storage();
$storage->fill($request->only([
@ -136,7 +136,7 @@ class StorageController extends Controller
*/
public function delete(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$storage = Storage::where('id', intval($id))->first();
if (is_null($storage))
@ -169,7 +169,7 @@ class StorageController extends Controller
*/
public function edit(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var Storage $storage */
$storage = Storage::where('id', intval($id))->first();
@ -203,7 +203,7 @@ class StorageController extends Controller
*/
public function update(Requests\StoreStorageRequest $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$storage = Storage::where('id', intval($id))->first();
if (is_null($storage))
@ -258,7 +258,7 @@ class StorageController extends Controller
*/
public function destroy(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$storage = Storage::where('id', intval($id))->first();
if (is_null($storage))

16
app/Http/Controllers/Admin/UserController.php
View File

@ -24,7 +24,7 @@ class UserController extends Controller
public function delete(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$user = User::where('id', intval($id))->first();
if (is_null($user))
@ -48,7 +48,7 @@ class UserController extends Controller
*/
public function index(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$users = User::orderBy('name')
->paginate(UserConfig::get('items_per_page'));
@ -68,7 +68,7 @@ class UserController extends Controller
*/
public function create()
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
return Theme::render('admin.create_user');
}
@ -81,7 +81,7 @@ class UserController extends Controller
*/
public function store(Requests\StoreUserRequest $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$user = new User();
$user->fill($request->only(['name', 'email', 'password']));
@ -113,7 +113,7 @@ class UserController extends Controller
*/
public function edit(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$user = User::where('id', intval($id))->first();
if (is_null($user))
@ -145,7 +145,7 @@ class UserController extends Controller
*/
public function update(Requests\StoreUserRequest $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$user = User::where('id', intval($id))->first();
if (is_null($user))
@ -214,7 +214,7 @@ class UserController extends Controller
*/
public function destroy(Request $request, $id)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
/** @var User $user */
$user = User::where('id', intval($id))->first();
@ -255,7 +255,7 @@ class UserController extends Controller
*/
public function searchJson(Request $request)
{
$this->authorize('admin-access');
$this->authorizeAccessToAdminPanel();
$limit = intval($request->get('n'));
if ($limit == 0)

11
app/Http/Controllers/Controller.php
View File

@ -8,6 +8,7 @@ use Illuminate\Http\Request;
use Illuminate\Routing\Controller as BaseController;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
@ -16,13 +17,13 @@ class Controller extends BaseController
{
use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
protected function authorizeAccessToAdminPanel()
protected function authorizeAccessToAdminPanel($additionalPermission = null)
{
// A user can access the admin panel if they are either an administrator, or are allowed to create albums
// Further checks within the admin panel determine what a user can do within the panel
if (!Auth::user()->can('admin-access') && !Auth::user()->can('admin-create-albums'))
$this->authorizeForUser($this->getUser(), 'admin:access');
if (!is_null($additionalPermission))
{
App::abort(403);
$this->authorizeForUser($this->getUser(), $additionalPermission);
}
}

59
app/Providers/AuthServiceProvider.php
View File

@ -4,13 +4,22 @@ namespace App\Providers;
use App\Album;
use App\Facade\UserConfig;
use App\Group;
use App\Permission;
use App\Photo;
use App\Policies\AlbumPolicy;
use App\User;
use function GuzzleHttp\Psr7\mimetype_from_extension;
use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
/**
* @var Permission[]
*/
private $permissions;
/**
* The policy mappings for the application.
*
@ -29,14 +38,19 @@ class AuthServiceProvider extends ServiceProvider
{
$this->registerPolicies();
Gate::define('admin-access', function ($user)
Gate::define('admin:access', function ($user)
{
return $user->is_admin;
return $this->userHasAdminPermission($user, 'access');
});
Gate::define('admin-create-albums', function ($user)
Gate::define('admin:configure', function ($user)
{
return $user->can_create_albums;
return $this->userHasAdminPermission($user, 'configure');
});
Gate::define('admin:manage-albums', function ($user)
{
return $this->userHasAdminPermission($user, 'manage-albums');
});
Gate::define('photo.download_original', function ($user, Photo $photo)
{
if (!UserConfig::get('restrict_original_download'))
@ -47,4 +61,41 @@ class AuthServiceProvider extends ServiceProvider
return ($user->id == $photo->user_id);
});
}
private function userHasAdminPermission(User $user, $permissionDescription)
{
if ($user->is_admin)
{
return true;
}
/** @var Group $group */
foreach ($user->groups as $group)
{
if ($group->hasAdminPermission($group, $this->getAdminPermission($permissionDescription)))
{
return true;
}
}
return false;
}
private function getAdminPermission($description)
{
if (is_null($this->permissions))
{
$this->permissions = Permission::where('section', 'admin')->get();
}
foreach ($this->permissions as $permission)
{
if (strtolower($permission->description) == strtolower($description))
{
return $permission;
}
}
return null;
}
}

32
database/migrations/2017_03_21_211508_add_user_upload_flag.php
View File

@ -1,32 +0,0 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class AddUserUploadFlag extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->boolean('can_create_albums')->default(0);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('can_create_albums');
});
}
}

40
database/migrations/2017_04_15_083922_create_admin_group_permissions_table.php Normal file
View File

@ -0,0 +1,40 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateAdminGroupPermissionsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('admin_group_permissions', function ($table) {
$table->unsignedInteger('group_id');
$table->unsignedInteger('permission_id');
$table->foreign('group_id')
->references('id')->on('groups')
->onDelete('cascade');
$table->foreign('permission_id')
->references('id')->on('permissions')
->onDelete('no action');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('admin_group_permissions');
}
}

33
database/seeds/PermissionsSeeder.php
View File

@ -10,6 +10,39 @@ class PermissionsSeeder extends Seeder
* @return void
*/
public function run()
{
$this->seedAlbumPermissions();
$this->seedAdminPermissions();
}
private function seedAdminPermissions()
{
// admin:access = controls if the admin panel is accessible
DatabaseSeeder::createOrUpdate('permissions', [
'section' => 'admin',
'description' => 'access',
'is_default' => false,
'sort_order' => 0
]);
// admin:configure = controls if the system is configurable
DatabaseSeeder::createOrUpdate('permissions', [
'section' => 'admin',
'description' => 'configure',
'is_default' => false,
'sort_order' => 0
]);
// admin:manage-albums = controls if albums can be managed
DatabaseSeeder::createOrUpdate('permissions', [
'section' => 'admin',
'description' => 'manage-albums',
'is_default' => false,
'sort_order' => 0
]);
}
private function seedAlbumPermissions()
{
// album:list = controls if the album is visible in listings
DatabaseSeeder::createOrUpdate('permissions', [

1
resources/lang/en/admin.php
View File

@ -76,6 +76,7 @@ return [
'group_details_tab' => 'Details',
'group_no_users_message' => 'This group has no users assigned to it. Assign users to this group by using the Groups tab on the Edit User page.',
'group_number_users' => '{0} No users|{1} 1 user|[2,Inf] :count users',
'group_permissions_tab' => 'Permissions',
'group_users_message' => 'The users shown below are linked to this group. To remove a user, click the user\'s name and untick the ":group_name" group from the Groups tab.',
'group_users_tab' => 'Users',
'inactive_storage_legend' => 'Inactive storage location that cannot be used for new albums.',

5
resources/lang/en/permissions.php
View File

@ -1,5 +1,10 @@
<?php
return [
'admin' => [
'access' => 'Access the administration panel',
'configure' => 'Configure the application',
'manage-albums' => 'Manage photo albums'
],
'album' => [
'delete' => 'Delete this album',
'delete-other-photos' => 'Delete photos owned by other users',

33
resources/views/themes/base/admin/edit_group.blade.php
View File

@ -24,6 +24,7 @@
<ul class="nav nav-tabs" role="tablist">
@include(Theme::viewName('partials.tab'), ['active_tab' => 'details', 'tab_name' => 'details', 'tab_icon' => 'info-circle', 'tab_text' => trans('admin.group_details_tab')])
@include(Theme::viewName('partials.tab'), ['active_tab' => 'details', 'tab_name' => 'users', 'tab_icon' => 'users', 'tab_text' => trans('admin.group_users_tab')])
@include(Theme::viewName('partials.tab'), ['active_tab' => 'details', 'tab_name' => 'permissions', 'tab_icon' => 'lock', 'tab_text' => trans('admin.group_permissions_tab')])
</ul>
{{-- Tab panes --}}
@ -42,11 +43,6 @@
</div>
@endif
</div>
<div class="text-right">
<a href="{{ route('groups.index') }}" class="btn btn-link">@lang('forms.cancel_action')</a>
<button class="btn btn-success" type="submit"><i class="fa fa-fw fa-check"></i> @lang('forms.save_action')</button>
</div>
</div>
</div>
</div>
@ -65,8 +61,35 @@
<div><a class="btn btn-secondary" href="{{ route('users.index') }}">@lang('admin.users_title')</a></div>
@endif
</div>
{{-- Permissions --}}
<div role="tabpanel" class="tab-pane" id="permissions-tab">
@php
$callback = [$group, 'hasAdminPermission'];
$callback_object = $group;
$key_id = 'group_' . $group->id;
$object_id = $group->id
@endphp
@include(Theme::viewName('partials.permission_checkbox'), [
'permission' => Theme::getPermission($all_permissions, 'admin', 'access')
])
@include(Theme::viewName('partials.permission_checkbox'), [
'permission' => Theme::getPermission($all_permissions, 'admin', 'configure')
])
@include(Theme::viewName('partials.permission_checkbox'), [
'permission' => Theme::getPermission($all_permissions, 'admin', 'manage-albums')
])
</div>
</div>
</div>
<div class="text-right mt-3">
<a href="{{ route('groups.index') }}" class="btn btn-link">@lang('forms.cancel_action')</a>
<button class="btn btn-success" type="submit"><i class="fa fa-fw fa-check"></i> @lang('forms.save_action')</button>
</div>
</form>
</div>
</div>

12
resources/views/themes/base/partials/admin_actions_widget.blade.php
View File

@ -1,6 +1,8 @@
<div class="card admin-sidebar-card">
<div class="card-header">@lang('admin.actions_widget.panel_header')</div>
<div class="card-block">
<a class="btn btn-link" href="{{ route('albums.create') }}"><i class="fa fa-fw fa-plus"></i> @lang('admin.actions_widget.create_album_link')</a>
@can('admin:manage-albums')
<div class="card admin-sidebar-card">
<div class="card-header">@lang('admin.actions_widget.panel_header')</div>
<div class="card-block">
<a class="btn btn-link" href="{{ route('albums.create') }}"><i class="fa fa-fw fa-plus"></i> @lang('admin.actions_widget.create_album_link')</a>
</div>
</div>
</div>
@endcan

13
resources/views/themes/base/partials/admin_manage_widget.blade.php
View File

@ -1,12 +1,15 @@
<div class="card admin-sidebar-card">
<div class="card-header">@lang('admin.manage_widget.panel_header')</div>
<div class="card-block">
<a class="btn btn-link" href="{{ route('albums.index') }}"><i class="fa fa-fw fa-picture-o"></i> @lang('navigation.breadcrumb.albums')</a>
@can('admin:manage-albums')
<a class="btn btn-link" href="{{ route('albums.index') }}"><i class="fa fa-fw fa-picture-o"></i> @lang('navigation.breadcrumb.albums')</a>
@endcan
@can('admin-access')
<a class="btn btn-link" href="{{ route('users.index') }}"><i class="fa fa-fw fa-user"></i> @lang('navigation.breadcrumb.users')</a>
<a class="btn btn-link" href="{{ route('groups.index') }}"><i class="fa fa-fw fa-users"></i> @lang('navigation.breadcrumb.groups')</a>
<a class="btn btn-link" href="{{ route('storage.index') }}"><i class="fa fa-fw fa-folder"></i> @lang('navigation.breadcrumb.storage')</a>
<a class="btn btn-link" href="{{ route('users.index') }}"><i class="fa fa-fw fa-user"></i> @lang('navigation.breadcrumb.users')</a>
<a class="btn btn-link" href="{{ route('groups.index') }}"><i class="fa fa-fw fa-users"></i> @lang('navigation.breadcrumb.groups')</a>
<a class="btn btn-link" href="{{ route('storage.index') }}"><i class="fa fa-fw fa-folder"></i> @lang('navigation.breadcrumb.storage')</a>
@can('admin:configure')
<a class="btn btn-link" href="{{ route('admin.settings') }}"><i class="fa fa-fw fa-cog"></i> @lang('navigation.breadcrumb.settings')</a>
@endcan
</div>

2
resources/views/themes/base/partials/admin_stats_widget.blade.php
View File

@ -3,7 +3,7 @@
<div class="card-block">
<b>{{ $album_count }}</b> {{ trans_choice('admin.stats_widget.albums', $album_count) }}<br/>
<b>{{ $photo_count }}</b> {{ trans_choice('admin.stats_widget.photos', $photo_count) }}
@can('admin-access')
@can('admin:access')
<br/>
<b>{{ $user_count }}</b> {{ trans_choice('admin.stats_widget.users', $user_count) }} / <b>{{ $group_count }}</b> {{ trans_choice('admin.stats_widget.groups', $group_count) }}
@endcan

2
resources/views/themes/base/partials/navbar.blade.php
View File

@ -19,7 +19,7 @@
</li>
@endif
@if (!Auth::guest() && (Auth::user()->can('admin-access') || Auth::user()->can('admin-create-albums')))
@if (!Auth::guest() && (Auth::user()->can('admin:access')))
<li class="nav-item">
<a class="nav-link" href="{{ route('admin') }}"><i class="fa fa-fw fa-cog"></i> @lang('navigation.navbar.admin')</a>
</li>