#3: Implemented more fine-grained permissions into the admin portal
This commit is contained in:
parent
fd19c9db55
commit
4b405c93c2
@ -425,6 +425,11 @@ class AlbumController extends Controller
|
|||||||
App::abort(404);
|
App::abort(404);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
else if (!Auth::user()->can('edit', $album))
|
||||||
|
{
|
||||||
|
App::abort(403);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
return $album;
|
return $album;
|
||||||
}
|
}
|
||||||
|
@ -44,7 +44,6 @@ class GlobalConfiguration
|
|||||||
// When running migrations, CLI tasks or the installer, don't need to add things to the view
|
// When running migrations, CLI tasks or the installer, don't need to add things to the view
|
||||||
if (php_sapi_name() != 'cli')
|
if (php_sapi_name() != 'cli')
|
||||||
{
|
{
|
||||||
$this->addLicenseInfoToView();
|
|
||||||
$this->addThemeInfoToView();
|
$this->addThemeInfoToView();
|
||||||
$this->addAlbumsToView();
|
$this->addAlbumsToView();
|
||||||
}
|
}
|
||||||
@ -61,21 +60,6 @@ class GlobalConfiguration
|
|||||||
View::share('albums', $albums);
|
View::share('albums', $albums);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function addLicenseInfoToView()
|
|
||||||
{
|
|
||||||
$licenseName = null;
|
|
||||||
$licenseNo = null;
|
|
||||||
|
|
||||||
if (function_exists('sg_get_const'))
|
|
||||||
{
|
|
||||||
$licenseName = sg_get_const('lic_name');
|
|
||||||
$licenseNo = sg_get_const('lic_num');
|
|
||||||
}
|
|
||||||
|
|
||||||
View::share('license_name', strlen($licenseName) == 0 ? '**UNLICENSED**' : $licenseName);
|
|
||||||
View::share('license_no', strlen($licenseNo) == 0 ? '0' : $licenseNo);
|
|
||||||
}
|
|
||||||
|
|
||||||
private function addThemeInfoToView()
|
private function addThemeInfoToView()
|
||||||
{
|
{
|
||||||
$themeInfo = Theme::info();
|
$themeInfo = Theme::info();
|
||||||
|
@ -5,6 +5,7 @@ namespace App\Providers;
|
|||||||
use App\Album;
|
use App\Album;
|
||||||
use App\Facade\UserConfig;
|
use App\Facade\UserConfig;
|
||||||
use App\Photo;
|
use App\Photo;
|
||||||
|
use App\Policies\AlbumPolicy;
|
||||||
use Illuminate\Support\Facades\Gate;
|
use Illuminate\Support\Facades\Gate;
|
||||||
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
||||||
|
|
||||||
@ -16,7 +17,7 @@ class AuthServiceProvider extends ServiceProvider
|
|||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $policies = [
|
protected $policies = [
|
||||||
'App\Model' => 'App\Policies\ModelPolicy',
|
Album::class => AlbumPolicy::class
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -28,10 +29,6 @@ class AuthServiceProvider extends ServiceProvider
|
|||||||
{
|
{
|
||||||
$this->registerPolicies();
|
$this->registerPolicies();
|
||||||
|
|
||||||
Gate::define('album.view', function ($user, Album $album)
|
|
||||||
{
|
|
||||||
return (!$album->is_private || $album->user_id == $user->id);
|
|
||||||
});
|
|
||||||
Gate::define('admin-access', function ($user)
|
Gate::define('admin-access', function ($user)
|
||||||
{
|
{
|
||||||
return $user->is_admin;
|
return $user->is_admin;
|
||||||
|
@ -11,10 +11,10 @@ class PermissionsSeeder extends Seeder
|
|||||||
*/
|
*/
|
||||||
public function run()
|
public function run()
|
||||||
{
|
{
|
||||||
// album:list-gallery = controls if the album is visible in the gallery
|
// album:list = controls if the album is visible in listings
|
||||||
DatabaseSeeder::createOrUpdate('permissions', [
|
DatabaseSeeder::createOrUpdate('permissions', [
|
||||||
'section' => 'album',
|
'section' => 'album',
|
||||||
'description' => 'list-gallery',
|
'description' => 'list',
|
||||||
'is_default' => true,
|
'is_default' => true,
|
||||||
'sort_order' => 0
|
'sort_order' => 0
|
||||||
]);
|
]);
|
||||||
|
@ -1,7 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
return [
|
return [
|
||||||
'album' => [
|
'album' => [
|
||||||
'list-gallery' => 'See this album in the gallery index',
|
'edit' => 'Manage this album',
|
||||||
'view' => 'Access this gallery'
|
'list' => 'See this album in listings',
|
||||||
|
'view' => 'Access this album'
|
||||||
]
|
]
|
||||||
];
|
];
|
@ -36,13 +36,22 @@
|
|||||||
@foreach ($albums as $album)
|
@foreach ($albums as $album)
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<span style="font-size: 1.3em;"><a href="{{ route('albums.show', ['id' => $album->id]) }}">{{ $album->name }}</a>@if ($album->is_private) <i class="fa fa-fw fa-lock"></i>@endif</span><br/>
|
<span style="font-size: 1.3em;">
|
||||||
|
@can('edit', $album)
|
||||||
|
<a href="{{ route('albums.show', ['id' => $album->id]) }}">{{ $album->name }}</a>
|
||||||
|
@endcan
|
||||||
|
@cannot('edit', $album)
|
||||||
|
{{ $album->name }} <i class="fa fa-fw fa-lock"></i>
|
||||||
|
@endcannot
|
||||||
|
</span><br/>
|
||||||
<p>{{ $album->description }}</p>
|
<p>{{ $album->description }}</p>
|
||||||
<p style="margin-bottom: 0;"><b>{{ $album->photos_count }}</b> {{ trans_choice('admin.stats_widget.photos', $album->photos_count) }}</p>
|
<p style="margin-bottom: 0;"><b>{{ $album->photos_count }}</b> {{ trans_choice('admin.stats_widget.photos', $album->photos_count) }}</p>
|
||||||
</td>
|
</td>
|
||||||
<td class="text-right">
|
<td class="text-right">
|
||||||
<a href="{{ route('albums.edit', ['id' => $album->id]) }}" class="btn btn-default">@lang('forms.edit_action')</a>
|
@can('edit', $album)
|
||||||
<a href="{{ route('albums.delete', ['id' => $album->id]) }}" class="btn btn-danger">@lang('forms.delete_action')</a>
|
<a href="{{ route('albums.edit', ['id' => $album->id]) }}" class="btn btn-default">@lang('forms.edit_action')</a>
|
||||||
|
<a href="{{ route('albums.delete', ['id' => $album->id]) }}" class="btn btn-danger">@lang('forms.delete_action')</a>
|
||||||
|
@endcan
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
@endforeach
|
@endforeach
|
||||||
|
Loading…
Reference in New Issue
Block a user