From 793d9e925090798b1cb27cf335c639613bfcb169 Mon Sep 17 00:00:00 2001 From: snipe Date: Sat, 11 Mar 2017 05:16:56 -0800 Subject: [PATCH] =?UTF-8?q?Fixed=20routes=20that=20didn=E2=80=99t=20have?= =?UTF-8?q?=20auth=20requirement?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- routes/web.php | 23 +++++++++++++---------- routes/web/accessories.php | 3 ++- routes/web/components.php | 3 ++- routes/web/consumables.php | 3 ++- routes/web/fields.php | 3 ++- routes/web/hardware.php | 3 ++- routes/web/licenses.php | 3 ++- routes/web/models.php | 1 + routes/web/users.php | 3 ++- 9 files changed, 28 insertions(+), 17 deletions(-) diff --git a/routes/web.php b/routes/web.php index d5e054b340..7b9e03d7bf 100644 --- a/routes/web.php +++ b/routes/web.php @@ -1,33 +1,33 @@ 'auth'], function () { /* * Companies */ Route::resource('companies', 'CompaniesController', [ -'parameters' => ['company' => 'company_id'] + 'parameters' => ['company' => 'company_id'] ]); /* * Categories */ Route::resource('categories', 'CategoriesController', [ - 'parameters' => ['category' => 'category_id'] + 'parameters' => ['category' => 'category_id'] ]); /* * Locations */ Route::resource('locations', 'LocationsController', [ - 'parameters' => ['location' => 'location_id'] + 'parameters' => ['location' => 'location_id'] ]); /* * Manufacturers */ Route::resource('manufacturers', 'ManufacturersController', [ - 'parameters' => ['manufacturer' => 'manufacturers_id'] + 'parameters' => ['manufacturer' => 'manufacturers_id'] ]); /* @@ -59,6 +59,9 @@ Route::resource('components', 'ComponentsController', [ 'parameters' => ['component' => 'component_id'] ]); +}); + + /* |-------------------------------------------------------------------------- @@ -92,7 +95,7 @@ Route::group(['middleware' => 'auth'], function () { | */ -Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () { +Route::group([ 'prefix' => 'admin','middleware' => ['auth']], function () { Route::get('requests', // foreach( CheckoutRequest::with('user')->get() as $requestedItem) { @@ -155,7 +158,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () }); # Group Management -Route::group([ 'prefix' => 'groups', 'middleware' => ['web','auth','authorize:superadmin'] ], function () { +Route::group([ 'prefix' => 'groups', 'middleware' => ['auth'] ], function () { Route::get('/', [ 'as' => 'groups.index', 'uses' => 'GroupsController@getIndex' ]); Route::get('create', [ 'as' => 'groups.create', 'uses' => 'GroupsController@getCreate']); @@ -175,7 +178,7 @@ Route::group([ 'prefix' => 'groups', 'middleware' => ['web','auth','authorize:su | | */ -Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function () { +Route::group([ 'prefix' => 'account', 'middleware' => ['auth']], function () { # Profile Route::get('profile', [ 'as' => 'profile', 'uses' => 'ProfileController@getIndex' ]); @@ -216,7 +219,7 @@ Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function }); -Route::group(['middleware' => ['web','auth','authorize:reports.view']], function () { +Route::group(['middleware' => ['auth']], function () { Route::get( 'reports/depreciation', @@ -369,7 +372,7 @@ Route::get( '/', [ 'as' => 'home', - 'middleware' => ['web', 'auth'], + 'middleware' => ['auth'], 'uses' => 'DashboardController@getIndex' ] ); diff --git a/routes/web/accessories.php b/routes/web/accessories.php index dbfd922f3b..d9ab3b35cf 100644 --- a/routes/web/accessories.php +++ b/routes/web/accessories.php @@ -3,7 +3,7 @@ /* * Accessories */ -Route::group([ 'prefix' => 'accessories', ], function () { +Route::group([ 'prefix' => 'accessories', 'middleware' => ['auth']], function () { Route::get( '{accessoryID}/checkout', @@ -26,5 +26,6 @@ Route::group([ 'prefix' => 'accessories', ], function () { }); Route::resource('accessories', 'AccessoriesController', [ + 'middleware' => ['auth'], 'parameters' => ['accessory' => 'accessory_id'] ]); diff --git a/routes/web/components.php b/routes/web/components.php index e3f17f6fab..7be4b1e9d5 100644 --- a/routes/web/components.php +++ b/routes/web/components.php @@ -1,7 +1,7 @@ 'components' ], function () { +Route::group([ 'prefix' => 'components','middleware' => ['auth'] ], function () { Route::get( '{componentID}/checkout', @@ -17,5 +17,6 @@ Route::group([ 'prefix' => 'components' ], function () { }); Route::resource('components', 'ComponentsController', [ + 'middleware' => ['auth'], 'parameters' => ['component' => 'component_id'] ]); diff --git a/routes/web/consumables.php b/routes/web/consumables.php index da58ec099b..623d09a346 100644 --- a/routes/web/consumables.php +++ b/routes/web/consumables.php @@ -2,7 +2,7 @@ # Consumables - Route::group([ 'prefix' => 'consumables', 'middleware'=>'authorize:consumables.view' ], function () { + Route::group([ 'prefix' => 'consumables', 'middleware' => ['auth']], function () { Route::get( '{consumableID}/checkout', [ 'as' => 'checkout/consumable','uses' => 'ConsumablesController@getCheckout' ] @@ -14,5 +14,6 @@ }); Route::resource('consumables', 'ConsumablesController', [ + 'middleware' => ['auth'], 'parameters' => ['consumable' => 'consumable_id'] ]); diff --git a/routes/web/fields.php b/routes/web/fields.php index e878fe081c..18a403aae1 100644 --- a/routes/web/fields.php +++ b/routes/web/fields.php @@ -5,7 +5,7 @@ -Route::group([ 'prefix' => 'fields' ], function () { +Route::group([ 'prefix' => 'fields','middleware' => ['auth'] ], function () { Route::get('{field_id}/fieldset/{fieldset_id}/disassociate', ['uses' => 'CustomFieldsController@deleteFieldFromFieldset', @@ -23,5 +23,6 @@ Route::group([ 'prefix' => 'fields' ], function () { }); Route::resource('fields', 'CustomFieldsController', [ + 'middleware' => ['auth'], 'parameters' => ['field' => 'field_id', 'fieldset' => 'fieldset_id'] ]); diff --git a/routes/web/hardware.php b/routes/web/hardware.php index 6f44ebc05b..3b976e928b 100644 --- a/routes/web/hardware.php +++ b/routes/web/hardware.php @@ -9,7 +9,7 @@ */ Route::group( ['prefix' => 'hardware', - 'middleware' => ['web','auth']], + 'middleware' => ['auth']], function () { # Asset Maintenances @@ -127,5 +127,6 @@ Route::group( Route::resource('hardware', 'AssetsController', [ + 'middleware' => ['auth'], 'parameters' => ['asset' => 'asset_id'] ]); diff --git a/routes/web/licenses.php b/routes/web/licenses.php index 4a03dac8b1..d5d67f1533 100644 --- a/routes/web/licenses.php +++ b/routes/web/licenses.php @@ -2,7 +2,7 @@ # Licenses -Route::group([ 'prefix' => 'licenses' ], function () { +Route::group([ 'prefix' => 'licenses', 'middleware' => ['auth'] ], function () { Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'uses' => 'LicensesController@getClone' ]); Route::post('{licenseId}/clone', [ 'as' => 'clone/license', 'uses' => 'LicensesController@postCreate' ]); @@ -44,5 +44,6 @@ Route::group([ 'prefix' => 'licenses' ], function () { }); Route::resource('licenses', 'LicensesController', [ + 'middleware' => ['auth'], 'parameters' => ['license' => 'license_id'] ]); diff --git a/routes/web/models.php b/routes/web/models.php index e9374bda55..74b1203bfe 100644 --- a/routes/web/models.php +++ b/routes/web/models.php @@ -11,5 +11,6 @@ Route::group([ 'prefix' => 'models', 'middleware' => ['auth'] ], function () { }); Route::resource('models', 'AssetModelsController', [ + 'middleware' => ['auth'], 'parameters' => ['model' => 'model_id'] ]); diff --git a/routes/web/users.php b/routes/web/users.php index 09251d28cb..d863c4a22a 100644 --- a/routes/web/users.php +++ b/routes/web/users.php @@ -1,7 +1,7 @@ 'users', 'middleware' => ['web','auth']], function () { +Route::group([ 'prefix' => 'users', 'middleware' => ['auth']], function () { Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP' ]); Route::post('ldap', 'UsersController@postLDAP'); @@ -48,5 +48,6 @@ Route::group([ 'prefix' => 'users', 'middleware' => ['web','auth']], function () }); Route::resource('users', 'UsersController', [ + 'middleware' => ['auth'], 'parameters' => ['user' => 'user_id'] ]);