diff --git a/app/Http/Controllers/AccessoriesController.php b/app/Http/Controllers/AccessoriesController.php index 4332785440..6c079345d9 100755 --- a/app/Http/Controllers/AccessoriesController.php +++ b/app/Http/Controllers/AccessoriesController.php @@ -19,6 +19,7 @@ use Str; use View; use Auth; use Request; +use Gate; /** This controller handles all actions related to Accessories for * the Snipe-IT Asset Management application. @@ -591,7 +592,21 @@ class AccessoriesController extends Controller $rows = array(); foreach ($accessories as $accessory) { - $actions = 'numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').''; + + $actions = ''; + if (Gate::allows('accessories.checkout')) { + $actions .= 'numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . ''; + } + if (Gate::allows('accessories.edit')) { + $actions .= ''; + } + if (Gate::allows('accessories.delete')) { + $actions .= ''; + } + $actions .= ''; $company = $accessory->company; $rows[] = array( @@ -654,10 +669,20 @@ class AccessoriesController extends Controller $rows = array(); foreach ($accessory_users as $user) { - $actions = 'Checkin'; + $actions = ''; + if (Gate::allows('accessories.checkin')) { + $actions .= 'Checkin'; + } + + if (Gate::allows('users.view')) { + $name = (string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())); + } else { + $name = e($user->fullName()); + } $rows[] = array( - 'name' =>(string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())), + 'name' => $name, 'actions' => $actions ); } diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php index dd8d8d8819..8b6215f667 100755 --- a/app/Http/Controllers/AssetsController.php +++ b/app/Http/Controllers/AssetsController.php @@ -40,6 +40,7 @@ use Symfony\Component\HttpFoundation\JsonResponse; use TCPDF; use View; use Carbon\Carbon; +use Gate; /** * This class controls all actions related to assets for @@ -1547,7 +1548,18 @@ class AssetsController extends Controller $inout = ''; $actions = ''; if ($asset->deleted_at=='') { - $actions = '
'; + if (Gate::allows('assets.create')) { + $actions = '
'; + } + if (Gate::allows('assets.edit')) { + $actions .= ' '; + } + if (Gate::allows('assets.delete')) { + $actions .= '
'; + } } elseif ($asset->model->deleted_at=='') { $actions = ''; } @@ -1555,9 +1567,15 @@ class AssetsController extends Controller if ($asset->assetstatus) { if (($asset->assetstatus->deployable != 0) && ($asset->deleted_at=='')) { if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) { - $inout = ''.trans('general.checkin').''; + if (Gate::allows('assets.checkin')) { + $inout = '' . trans('general.checkin') . ''; + } } else { - $inout = ''.trans('general.checkout').''; + if (Gate::allows('assets.checkout')) { + $inout = '' . trans('general.checkout') . ''; + } } } } diff --git a/app/Http/Controllers/ComponentsController.php b/app/Http/Controllers/ComponentsController.php index 977bf7d190..128b617091 100644 --- a/app/Http/Controllers/ComponentsController.php +++ b/app/Http/Controllers/ComponentsController.php @@ -20,6 +20,7 @@ use Str; use View; use Validator; use Illuminate\Http\Request; +use Gate; /** * This class controls all actions related to Components for @@ -454,7 +455,23 @@ class ComponentsController extends Controller $rows = array(); foreach ($components as $component) { - $actions = 'numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').''; + $actions = ''; + if (Gate::allows('components.checkout')) { + $actions .= 'numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . ''; + } + + if (Gate::allows('components.edit')) { + $actions .= ''; + } + + if (Gate::allows('components.delete')) { + $actions .= ''; + } + + $actions .=''; $company = $component->company; $rows[] = array( diff --git a/app/Http/Controllers/ConsumablesController.php b/app/Http/Controllers/ConsumablesController.php index ab9aa9c5ec..11f6a7812d 100644 --- a/app/Http/Controllers/ConsumablesController.php +++ b/app/Http/Controllers/ConsumablesController.php @@ -18,6 +18,7 @@ use Redirect; use Slack; use Str; use View; +use Gate; /** * This controller handles all actions related to Consumables for @@ -444,7 +445,23 @@ class ConsumablesController extends Controller $rows = array(); foreach ($consumables as $consumable) { - $actions = 'numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').''; + $actions = ''; + if (Gate::allows('consumables.checkout')) { + $actions .= 'numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . ''; + } + + if (Gate::allows('consumables.edit')) { + $actions .= ''; + } + if (Gate::allows('consumables.delete')) { + $actions .= ''; + } + + $actions .=''; + $company = $consumable->company; $rows[] = array( diff --git a/app/Http/Controllers/LicensesController.php b/app/Http/Controllers/LicensesController.php index 63d11427b4..bfd46a190d 100755 --- a/app/Http/Controllers/LicensesController.php +++ b/app/Http/Controllers/LicensesController.php @@ -23,6 +23,7 @@ use Config; use Session; use App\Helpers\Helper; use Auth; +use Gate; /** * This controller handles all actions related to Licenses for @@ -983,7 +984,26 @@ class LicensesController extends Controller $rows = array(); foreach ($licenses as $license) { - $actions = ''.trans('general.checkout').' '; + $actions = ''; + + if (Gate::allows('licenses.checkout')) { + $actions .= '' . trans('general.checkout') . ' '; + } + + if (Gate::allows('licenses.create')) { + $actions .= ''; + } + if (Gate::allows('licenses.edit')) { + $actions .= ''; + } + if (Gate::allows('licenses.delete')) { + $actions .= ''; + } + $actions .=''; $rows[] = array( 'id' => $license->id, diff --git a/app/Http/Controllers/UsersController.php b/app/Http/Controllers/UsersController.php index 6a1ab6fc7c..7866df1951 100755 --- a/app/Http/Controllers/UsersController.php +++ b/app/Http/Controllers/UsersController.php @@ -923,32 +923,39 @@ class UsersController extends Controller $group_names .= '' . $group->name . ' '; } - if (Gate::allows('users:edit')) { - if (!is_null($user->deleted_at)) { - $actions .= ' '; + if (!is_null($user->deleted_at)) { + if (Gate::allows('users.delete')) { + $actions .= ' '; + } } else { - if ($user->accountStatus() == 'suspended') { - $actions .= ' '; + if (Gate::allows('users.delete')) { + if ($user->accountStatus() == 'suspended') { + $actions .= ' '; + } } + if (Gate::allows('users.edit')) { + $actions .= ' '; - $actions .= ' '; - - $actions .= ''; - - if ((Auth::user()->id !== $user->id) && (!config('app.lock_passwords'))) { - $actions .= ' '; + $actions .= ''; + } + if (Gate::allows('users.delete')) { + if ((Auth::user()->id !== $user->id) && (!config('app.lock_passwords'))) { + $actions .= ' '; + } else { + $actions .= ' '; + } } else { - $actions .= ' '; + $actions.='foo'; } } - } + $actions .= ''; $rows[] = array( diff --git a/app/Http/routes.php b/app/Http/routes.php index 331a110fb6..457d4eff99 100755 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -184,79 +184,125 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () { Route::group( [ 'prefix' => 'hardware', 'middleware' => ['web', - 'auth', - 'authorize:assets.view']], + 'auth']], function () { Route::get('create/{model?}', [ 'as' => 'create/hardware', + 'middleware' => 'authorize:assets.create', 'uses' => 'AssetsController@getCreate' ]); Route::post('create', [ 'as' => 'savenew/hardware', + 'middleware' => 'authorize:assets.create', 'uses' => 'AssetsController@postCreate' ]); Route::get('{assetId}/edit', [ 'as' => 'update/hardware', + 'middleware' => 'authorize:assets.edit', 'uses' => 'AssetsController@getEdit' ]); Route::get('/bytag', [ 'as' => 'findbytag/hardware', + 'middleware' => 'authorize:assets.view', 'uses' => 'AssetsController@getAssetByTag' ]); - Route::get('{assetId}/clone', [ 'as' => 'clone/hardware', 'uses' => 'AssetsController@getClone' ]); + Route::get('{assetId}/clone', [ + 'as' => 'clone/hardware', + 'middleware' => 'authorize:assets.create', + 'uses' => 'AssetsController@getClone' + ]); + Route::post('{assetId}/clone', 'AssetsController@postCreate'); - Route::get('{assetId}/delete', [ 'as' => 'delete/hardware', 'uses' => 'AssetsController@getDelete' ]); - Route::get( - '{assetId}/checkout', - [ 'as' => 'checkout/hardware', 'uses' => 'AssetsController@getCheckout' ] - ); - Route::post('{assetId}/checkout', 'AssetsController@postCheckout'); - Route::get( - '{assetId}/checkin/{backto?}', - [ 'as' => 'checkin/hardware', 'uses' => 'AssetsController@getCheckin' ] - ); - Route::post('{assetId}/checkin/{backto?}', 'AssetsController@postCheckin'); - Route::get('{assetId}/view', [ 'as' => 'view/hardware', 'uses' => 'AssetsController@getView' ]); + Route::get('{assetId}/delete', [ + 'as' => 'delete/hardware', + 'middleware' => 'authorize:assets.delete', + 'uses' => 'AssetsController@getDelete' + ]); + Route::get('{assetId}/checkout', [ + 'as' => 'checkout/hardware', + 'middleware' => 'authorize:assets.checkout', + 'uses' => 'AssetsController@getCheckout' + ]); + Route::post('{assetId}/checkout', [ + 'as' => 'checkout/hardware', + 'middleware' => 'authorize:assets.checkout', + 'uses' => 'AssetsController@postCheckout' + ]); + Route::get('{assetId}/checkin/{backto?}', [ + 'as' => 'checkin/hardware', + 'middleware' => 'authorize:assets.checkin', + 'uses' => 'AssetsController@getCheckin' + ]); + + Route::post('{assetId}/checkin/{backto?}', [ + 'as' => 'checkin/hardware', + 'middleware' => 'authorize:assets.checkin', + 'uses' => 'AssetsController@postCheckin' + ]); + Route::get('{assetId}/view', [ + 'as' => 'view/hardware', + 'middleware' => ['authorize:assets.view'], + 'uses' => 'AssetsController@getView' + ]); Route::get('{assetId}/qr-view', [ 'as' => 'qr-view/hardware', 'uses' => 'AssetsController@getView' ]); Route::get('{assetId}/qr_code', [ 'as' => 'qr_code/hardware', 'uses' => 'AssetsController@getQrCode' ]); Route::get('{assetId}/barcode', [ 'as' => 'barcode/hardware', 'uses' => 'AssetsController@getBarCode' ]); - Route::get('{assetId}/restore', [ 'as' => 'restore/hardware', 'uses' => 'AssetsController@getRestore' ]); - Route::post('{assetId}/upload', [ 'as' => 'upload/asset', 'uses' => 'AssetsController@postUpload' ]); - Route::get( - '{assetId}/deletefile/{fileId}', - [ 'as' => 'delete/assetfile', 'uses' => 'AssetsController@getDeleteFile' ] - ); - Route::get( - '{assetId}/showfile/{fileId}', - [ 'as' => 'show/assetfile', 'uses' => 'AssetsController@displayFile' ] - ); + Route::get('{assetId}/restore', [ + 'as' => 'restore/hardware', + 'middleware' => 'authorize:assets.delete', + 'uses' => 'AssetsController@getRestore' + ]); + Route::post('{assetId}/upload', [ + 'as' => 'upload/asset', + 'middleware' => 'authorize:assets.edit', + 'uses' => 'AssetsController@postUpload' + ]); - Route::get( - 'import/delete-import/{filename}', - [ 'as' => 'assets/import/delete-file', 'uses' => 'AssetsController@getDeleteImportFile' ] - ); + Route::get('{assetId}/deletefile/{fileId}', [ + 'as' => 'delete/assetfile', + 'middleware' => 'authorize:assets.edit', + 'uses' => 'AssetsController@getDeleteFile' + ]); - Route::get( - 'import/process/{filename}', - [ 'as' => 'assets/import/process-file', 'uses' => 'AssetsController@getProcessImportFile' ] - ); + Route::get('{assetId}/showfile/{fileId}', [ + 'as' => 'show/assetfile', + 'middleware' => 'authorize:assets.view', + 'uses' => 'AssetsController@displayFile' + ]); - Route::get( - 'import', - [ 'as' => 'assets/import', 'uses' => 'AssetsController@getImportUpload' ] - ); + Route::get('import/delete-import/{filename}', [ + 'as' => 'assets/import/delete-file', + 'middleware' => 'authorize:assets.create', + 'uses' => 'AssetsController@getDeleteImportFile' + ]); + + Route::get( 'import/process/{filename}', [ 'as' => 'assets/import/process-file', + 'middleware' => 'authorize:assets.create', + 'uses' => 'AssetsController@getProcessImportFile' + ]); + + Route::get('import',[ + 'as' => 'assets/import', + 'middleware' => 'authorize:assets.create', + 'uses' => 'AssetsController@getImportUpload' + ]); - Route::post('{assetId}/edit', 'AssetsController@postEdit'); + Route::post('{assetId}/edit',[ + 'as' => 'assets/import', + 'middleware' => 'authorize:assets.edit', + 'uses' => 'AssetsController@postEdit' + ]); Route::post( 'bulkedit', [ 'as' => 'hardware/bulkedit', + 'middleware' => 'authorize:assets.edit', 'uses' => 'AssetsController@postBulkEdit' ] ); @@ -264,6 +310,7 @@ Route::group( 'bulkdelete', [ 'as' => 'hardware/bulkdelete', + 'middleware' => 'authorize:assets.delete', 'uses' => 'AssetsController@postBulkDelete' ] ); @@ -271,16 +318,22 @@ Route::group( 'bulksave', [ 'as' => 'hardware/bulksave', + 'middleware' => 'authorize:assets.edit', 'uses' => 'AssetsController@postBulkSave' ] ); # Bulk checkout / checkin - Route::get( - 'bulkcheckout', - [ 'as' => 'hardware/bulkcheckout', 'uses' => 'AssetsController@getBulkCheckout' ] - ); - Route::post('bulkcheckout', 'AssetsController@postBulkCheckout'); + Route::get( 'bulkcheckout', [ + 'as' => 'hardware/bulkcheckout', + 'middleware' => 'authorize:assets.checkout', + 'uses' => 'AssetsController@getBulkCheckout' + ]); + Route::post( 'bulkcheckout', [ + 'as' => 'hardware/bulkcheckout', + 'middleware' => 'authorize:assets.checkout', + 'uses' => 'AssetsController@postBulkCheckout' + ]); # Asset Model Management Route::group([ 'prefix' => 'models', 'middleware' => 'auth' ], function () { @@ -300,6 +353,7 @@ Route::group( Route::get('/', [ 'as' => 'hardware', + 'middleware' => 'authorize:assets.view', 'uses' => 'AssetsController@getIndex' ]); @@ -320,41 +374,57 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () # Licenses Route::group([ 'prefix' => 'licenses', 'middleware'=>'authorize:licenses.view' ], function () { - Route::get('create', [ 'as' => 'create/licenses', 'uses' => 'LicensesController@getCreate' ]); - Route::post('create', 'LicensesController@postCreate'); - Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'uses' => 'LicensesController@getEdit' ]); - Route::post('{licenseId}/edit', 'LicensesController@postEdit'); - Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'uses' => 'LicensesController@getClone' ]); - Route::post('{licenseId}/clone', 'LicensesController@postCreate'); - Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'uses' => 'LicensesController@getDelete' ]); - Route::get( - '{licenseId}/freecheckout', - [ 'as' => 'freecheckout/license', 'uses' => 'LicensesController@getFreeLicense' ] - ); + Route::get('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@getCreate' ]); + Route::post('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@postCreate' ]); + Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getEdit' ]); + Route::post('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@postEdit' ]); + Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@getClone' ]); + Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@postCreate' ]); + Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'middleware' => 'authorize:licenses.delete', 'uses' => 'LicensesController@getDelete' ]); + Route::get('{licenseId}/freecheckout', [ + 'as' => 'freecheckout/license', + 'middleware' => 'authorize:licenses.checkout', + 'uses' => 'LicensesController@getFreeLicense' + ]); Route::get( '{licenseId}/checkout', - [ 'as' => 'checkout/license', 'uses' => 'LicensesController@getCheckout' ] + [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@getCheckout' ] ); - Route::post('{licenseId}/checkout', 'LicensesController@postCheckout'); - Route::get( - '{licenseId}/checkin/{backto?}', - [ 'as' => 'checkin/license', 'uses' => 'LicensesController@getCheckin' ] + Route::post( + '{licenseId}/checkout', + [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@postCheckout' ] ); - Route::post('{licenseId}/checkin/{backto?}', 'LicensesController@postCheckin'); - Route::get('{licenseId}/view', [ 'as' => 'view/license', 'uses' => 'LicensesController@getView' ]); + Route::get('{licenseId}/checkin/{backto?}', [ + 'as' => 'checkin/license', + 'middleware' => 'authorize:licenses.checkin', + 'uses' => 'LicensesController@getCheckin' + ]); + + Route::post('{licenseId}/checkin/{backto?}', [ + 'as' => 'checkin/license', + 'middleware' => 'authorize:licenses.checkin', + 'uses' => 'LicensesController@postCheckin' + ]); + + Route::get('{licenseId}/view', [ + 'as' => 'view/license', + 'middleware' => 'authorize:licenses.view', + 'uses' => 'LicensesController@getView' + ]); + Route::post( '{licenseId}/upload', - [ 'as' => 'upload/license', 'uses' => 'LicensesController@postUpload' ] + [ 'as' => 'upload/license', 'middleware' => 'authorize:licenses.edit','uses' => 'LicensesController@postUpload' ] ); Route::get( '{licenseId}/deletefile/{fileId}', - [ 'as' => 'delete/licensefile', 'uses' => 'LicensesController@getDeleteFile' ] + [ 'as' => 'delete/licensefile', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getDeleteFile' ] ); Route::get( '{licenseId}/showfile/{fileId}', - [ 'as' => 'show/licensefile', 'uses' => 'LicensesController@displayFile' ] + [ 'as' => 'show/licensefile', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@displayFile' ] ); - Route::get('/', [ 'as' => 'licenses', 'uses' => 'LicensesController@getIndex' ]); + Route::get('/', [ 'as' => 'licenses', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@getIndex' ]); }); # Asset Maintenances @@ -384,84 +454,103 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () # Accessories Route::group([ 'prefix' => 'accessories', 'middleware'=>'authorize:accessories.view' ], function () { - Route::get('create', [ 'as' => 'create/accessory', 'uses' => 'AccessoriesController@getCreate' ]); + Route::get('create', [ 'as' => 'create/accessory', 'middleware' => 'authorize:accessories.create','uses' => 'AccessoriesController@getCreate' ]); Route::post('create', 'AccessoriesController@postCreate'); Route::get( '{accessoryID}/edit', - [ 'as' => 'update/accessory', 'uses' => 'AccessoriesController@getEdit' ] + [ 'as' => 'update/accessory', 'middleware' => 'authorize:accessories.edit','uses' => 'AccessoriesController@getEdit' ] ); Route::post('{accessoryID}/edit', 'AccessoriesController@postEdit'); Route::get( '{accessoryID}/delete', - [ 'as' => 'delete/accessory', 'uses' => 'AccessoriesController@getDelete' ] + [ 'as' => 'delete/accessory', 'middleware' => 'authorize:accessories.delete','uses' => 'AccessoriesController@getDelete' ] ); - Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'uses' => 'AccessoriesController@getView' ]); + Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'middleware' => 'authorize:accessories.view','uses' => 'AccessoriesController@getView' ]); Route::get( '{accessoryID}/checkout', - [ 'as' => 'checkout/accessory', 'uses' => 'AccessoriesController@getCheckout' ] + [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@getCheckout' ] ); - Route::post('{accessoryID}/checkout', 'AccessoriesController@postCheckout'); + Route::post( + '{accessoryID}/checkout', + [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@postCheckout' ] + ); + Route::get( '{accessoryID}/checkin/{backto?}', - [ 'as' => 'checkin/accessory', 'uses' => 'AccessoriesController@getCheckin' ] + [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@getCheckin' ] + ); + Route::post( + '{accessoryID}/checkin/{backto?}', + [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@postCheckin' ] ); - Route::post('{accessoryID}/checkin/{backto?}', 'AccessoriesController@postCheckin'); - Route::get('/', [ 'as' => 'accessories', 'uses' => 'AccessoriesController@getIndex' ]); + Route::get('/', [ 'as' => 'accessories', 'middleware'=>'authorize:accessories.view', 'uses' => 'AccessoriesController@getIndex' ]); }); # Consumables Route::group([ 'prefix' => 'consumables', 'middleware'=>'authorize:consumables.view' ], function () { - Route::get('create', [ 'as' => 'create/consumable', 'uses' => 'ConsumablesController@getCreate' ]); - Route::post('create', 'ConsumablesController@postCreate'); + Route::get('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@getCreate' ]); + Route::post('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@postCreate' ]); Route::get( '{consumableID}/edit', - [ 'as' => 'update/consumable', 'uses' => 'ConsumablesController@getEdit' ] + [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@getEdit' ] + ); + Route::post( + '{consumableID}/edit', + [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@postEdit' ] ); - Route::post('{consumableID}/edit', 'ConsumablesController@postEdit'); Route::get( '{consumableID}/delete', - [ 'as' => 'delete/consumable', 'uses' => 'ConsumablesController@getDelete' ] + [ 'as' => 'delete/consumable', 'middleware'=>'authorize:consumables.delete','uses' => 'ConsumablesController@getDelete' ] ); Route::get( '{consumableID}/view', - [ 'as' => 'view/consumable', 'uses' => 'ConsumablesController@getView' ] + [ 'as' => 'view/consumable', 'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getView' ] ); Route::get( '{consumableID}/checkout', - [ 'as' => 'checkout/consumable', 'uses' => 'ConsumablesController@getCheckout' ] + [ 'as' => 'checkout/consumable', 'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@getCheckout' ] ); - Route::post('{consumableID}/checkout', 'ConsumablesController@postCheckout'); - Route::get('/', [ 'as' => 'consumables', 'uses' => 'ConsumablesController@getIndex' ]); + Route::post( + '{consumableID}/checkout', + [ 'as' => 'checkout/consumable', 'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@postCheckout' ] + ); + Route::get('/', [ 'as' => 'consumables', 'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getIndex' ]); }); # Components Route::group([ 'prefix' => 'components', 'middleware'=>'authorize:components.view' ], function () { - Route::get('create', [ 'as' => 'create/component', 'uses' => 'ComponentsController@getCreate' ]); - Route::post('create', 'ComponentsController@postCreate'); + Route::get('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@getCreate' ]); + Route::post('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@postCreate' ]); Route::get( '{componentID}/edit', - [ 'as' => 'update/component', 'uses' => 'ComponentsController@getEdit' ] + [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@getEdit' ] + ); + Route::post( + '{componentID}/edit', + [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postEdit' ] ); - Route::post('{componentID}/edit', 'ComponentsController@postEdit'); Route::get( '{componentID}/delete', - [ 'as' => 'delete/component', 'uses' => 'ComponentsController@getDelete' ] + [ 'as' => 'delete/component', 'middleware'=>'authorize:components.delete','uses' => 'ComponentsController@getDelete' ] ); Route::get( '{componentID}/view', - [ 'as' => 'view/component', 'uses' => 'ComponentsController@getView' ] + [ 'as' => 'view/component', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getView' ] ); Route::get( '{componentID}/checkout', - [ 'as' => 'checkout/component', 'uses' => 'ComponentsController@getCheckout' ] + [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@getCheckout' ] ); - Route::post('{componentID}/checkout', 'ComponentsController@postCheckout'); - Route::post('bulk', [ 'as' => 'component/bulk-form', 'uses' => 'ComponentsController@postBulk' ]); - Route::post('bulksave', [ 'as' => 'component/bulk-save', 'uses' => 'ComponentsController@postBulkSave' ]); - Route::get('/', [ 'as' => 'components', 'uses' => 'ComponentsController@getIndex' ]); + Route::post( + '{componentID}/checkout', + [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postCheckout' ] + ); + Route::post('bulk', [ 'as' => 'component/bulk-form', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postBulk' ]); + Route::post('bulksave', [ 'as' => 'component/bulk-save', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postBulkSave' ]); + Route::get('/', [ 'as' => 'components', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getIndex' ]); }); # Admin Settings Routes (for categories, maufactureres, etc) diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index d33f45143f..d504efe962 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -91,6 +91,13 @@ class AuthServiceProvider extends ServiceProvider } }); + // Checks for some level of management + $gate->define('assets.manage', function ($user) { + if (($user->hasAccess('assets.checkin')) || ($user->hasAccess('assets.edit')) || ($user->hasAccess('assets.delete')) || ($user->hasAccess('assets.checkout')) || ($user->hasAccess('admin'))) { + return true; + } + }); + # ----------------------------------------- # Accessories @@ -131,6 +138,13 @@ class AuthServiceProvider extends ServiceProvider } }); + // Checks for some level of management + $gate->define('accessories.manage', function ($user) { + if (($user->hasAccess('accessories.checkin')) || ($user->hasAccess('accessories.edit')) || ($user->hasAccess('accessories.checkout')) || ($user->hasAccess('admin'))) { + return true; + } + }); + # ----------------------------------------- # Consumables # ----------------------------------------- @@ -170,6 +184,13 @@ class AuthServiceProvider extends ServiceProvider } }); + // Checks for some level of management + $gate->define('consumables.manage', function ($user) { + if (($user->hasAccess('consumables.checkin')) || ($user->hasAccess('consumables.edit')) || ($user->hasAccess('consumables.delete')) || ($user->hasAccess('consumables.checkout')) || ($user->hasAccess('admin'))) { + return true; + } + }); + # ----------------------------------------- @@ -228,6 +249,13 @@ class AuthServiceProvider extends ServiceProvider } }); + // Checks for some level of management + $gate->define('components.manage', function ($user) { + if (($user->hasAccess('components.edit')) || ($user->hasAccess('components.delete')) || ($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) { + return true; + } + }); + # ----------------------------------------- # Licenses @@ -274,6 +302,13 @@ class AuthServiceProvider extends ServiceProvider } }); + // Checks for some level of management + $gate->define('licenses.manage', function ($user) { + if (($user->hasAccess('licenses.checkin')) || ($user->hasAccess('licenses.edit')) || ($user->hasAccess('licenses.delete')) || ($user->hasAccess('licenses.checkout')) || ($user->hasAccess('admin'))) { + return true; + } + }); + } } diff --git a/config/permissions.php b/config/permissions.php index 10e1b206f2..fbcfef81e7 100644 --- a/config/permissions.php +++ b/config/permissions.php @@ -46,19 +46,19 @@ return array( 'permission' => 'assets.create', 'label' => 'Create ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'assets.edit', - 'label' => 'Edit ', + 'label' => 'Edit ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'assets.delete', 'label' => 'Delete ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'assets.checkout', @@ -71,7 +71,14 @@ return array( 'permission' => 'assets.checkin', 'label' => 'Checkin ', 'note' => '', - 'display' => false, + 'display' => true, + ), + + array( + 'permission' => 'assets.checkout', + 'label' => 'Checkout ', + 'note' => '', + 'display' => true, ), array( @@ -88,6 +95,7 @@ return array( 'note' => '', 'display' => true, ), + ), 'Accessories' => array( @@ -101,31 +109,31 @@ return array( 'permission' => 'accessory.create', 'label' => 'Create ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'accessories.edit', 'label' => 'Edit ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'accessories.delete', 'label' => 'Delete ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'accessories.checkout', 'label' => 'Checkout ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'accessories.checkin', 'label' => 'Checkin ', 'note' => '', - 'display' => false, + 'display' => true, ), ), @@ -140,25 +148,25 @@ return array( 'permission' => 'consumables.create', 'label' => 'Create ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'consumables.edit', 'label' => 'Edit ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'consumables.delete', 'label' => 'Delete ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'consumables.checkout', 'label' => 'Checkout ', 'note' => '', - 'display' => false, + 'display' => true, ), ), @@ -172,27 +180,27 @@ return array( ), array( 'permission' => 'licenses.create', - 'label' => 'Create Licenses', + 'label' => 'Create ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'licenses.edit', - 'label' => 'Edit Licenses', + 'label' => 'Edit ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'licenses.delete', - 'label' => 'Delete Licenses', + 'label' => 'Delete ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'licenses.checkout', - 'label' => 'Checkout Licenses', + 'label' => 'Checkout ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'licenses.keys', @@ -212,33 +220,33 @@ return array( ), array( 'permission' => 'components.create', - 'label' => 'Create Components', + 'label' => 'Create ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'components.edit', - 'label' => 'Edit Components', + 'label' => 'Edit ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'components.delete', - 'label' => 'Delete Components', + 'label' => 'Delete ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'components.checkout', - 'label' => 'Checkout Components', + 'label' => 'Checkout ', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'components.checkin', - 'label' => 'Checkin Components', + 'label' => 'Checkin ', 'note' => '', - 'display' => false, + 'display' => true, ), ), @@ -254,19 +262,19 @@ return array( 'permission' => 'users.create', 'label' => 'Create Users', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'users.edit', 'label' => 'Edit Users', 'note' => '', - 'display' => false, + 'display' => true, ), array( 'permission' => 'users.delete', 'label' => 'Delete Users', 'note' => '', - 'display' => false, + 'display' => true, ), ), diff --git a/gulpfile.js b/gulpfile.js index 346d1ffa95..20389efb9a 100644 --- a/gulpfile.js +++ b/gulpfile.js @@ -38,7 +38,7 @@ elixir(function(mix) { mix.version(['assets/css/app.css','assets/js/all.js']); - // mix.codeception(); + mix.codeception(); diff --git a/resources/views/accessories/index.blade.php b/resources/views/accessories/index.blade.php index cd3c538050..827719672d 100755 --- a/resources/views/accessories/index.blade.php +++ b/resources/views/accessories/index.blade.php @@ -7,7 +7,9 @@ @stop @section('header_right') - {{ trans('general.create') }} + @can('accessories.create') + {{ trans('general.create') }} + @endcan @stop {{-- Page content --}} diff --git a/resources/views/accessories/view.blade.php b/resources/views/accessories/view.blade.php index 8fbaf409ad..1f742d2958 100644 --- a/resources/views/accessories/view.blade.php +++ b/resources/views/accessories/view.blade.php @@ -10,20 +10,28 @@ {{-- Right header --}} @section('header_right') - + @endcan @stop {{-- Page content --}} @@ -64,7 +72,9 @@

{{ trans('admin/accessories/general.about_accessories_title') }}

{{ trans('admin/accessories/general.about_accessories_text') }}

+ @can('accessories.checkout') numRemaining() > 0 ) ? '' : ' disabled') }}>{{ trans('general.checkout') }} + @endcan
diff --git a/resources/views/components/index.blade.php b/resources/views/components/index.blade.php index 4801dace5f..266617389b 100644 --- a/resources/views/components/index.blade.php +++ b/resources/views/components/index.blade.php @@ -7,7 +7,9 @@ @stop @section('header_right') - {{ trans('general.create') }} + @can('components.create') + {{ trans('general.create') }} + @endcan @stop {{-- Page content --}} diff --git a/resources/views/components/view.blade.php b/resources/views/components/view.blade.php index 1de14e79f1..8c3454bd66 100644 --- a/resources/views/components/view.blade.php +++ b/resources/views/components/view.blade.php @@ -10,20 +10,28 @@ {{-- Right header --}} @section('header_right') + @can('components.manage') + @endcan @stop diff --git a/resources/views/consumables/index.blade.php b/resources/views/consumables/index.blade.php index 889e2a415a..6d083acd9f 100644 --- a/resources/views/consumables/index.blade.php +++ b/resources/views/consumables/index.blade.php @@ -7,7 +7,9 @@ @stop @section('header_right') - {{ trans('general.create') }} + @can('consumables.create') + {{ trans('general.create') }} + @endcan @stop {{-- Page content --}} diff --git a/resources/views/dashboard.blade.php b/resources/views/dashboard.blade.php index 88fe0bfa8d..59b9ef77e1 100755 --- a/resources/views/dashboard.blade.php +++ b/resources/views/dashboard.blade.php @@ -24,7 +24,9 @@
- More info + @can('assets.view') + More info + @endcan @@ -38,7 +40,9 @@
- More info + @can('licenses.view') + More info + @endcan @@ -52,7 +56,9 @@
- More info + @can('accessories.view') + More info + @endcan @@ -66,7 +72,9 @@
- More info + @can('consumables.view') + More info + @endcan diff --git a/resources/views/hardware/view.blade.php b/resources/views/hardware/view.blade.php index 37b8296463..d1f3c17cdd 100755 --- a/resources/views/hardware/view.blade.php +++ b/resources/views/hardware/view.blade.php @@ -11,6 +11,7 @@ {{-- Right header --}} @section('header_right') + @can('assets.manage') + @endcan @stop diff --git a/resources/views/layouts/default.blade.php b/resources/views/layouts/default.blade.php index c24030135b..628ed1cd5c 100644 --- a/resources/views/layouts/default.blade.php +++ b/resources/views/layouts/default.blade.php @@ -166,6 +166,7 @@ @endcan + @can('admin') @endcan diff --git a/resources/views/licenses/index.blade.php b/resources/views/licenses/index.blade.php index ae7c1168eb..5ecd381c5d 100755 --- a/resources/views/licenses/index.blade.php +++ b/resources/views/licenses/index.blade.php @@ -8,9 +8,11 @@ @section('header_right') - - {{ trans('general.create') }} - +@can('licenses.create') + + {{ trans('general.create') }} + + @endcan @stop {{-- Page content --}} diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php index 288ef4d044..022288e66a 100755 --- a/resources/views/users/edit.blade.php +++ b/resources/views/users/edit.blade.php @@ -290,7 +290,7 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl
- + @if (!Auth::user()->isSuperUser())

Only superadmins may grant a user superadmin access.

@@ -318,7 +318,7 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl
- +
@endif diff --git a/resources/views/users/index.blade.php b/resources/views/users/index.blade.php index d95ced8b38..887f08d74e 100755 --- a/resources/views/users/index.blade.php +++ b/resources/views/users/index.blade.php @@ -15,16 +15,20 @@ @stop @section('header_right') -@if (\App\Models\Setting::getSettings()->ldap_enabled == 1) - LDAP -@endif - {{ trans('general.import') }} - {{ trans('general.create') }} -@if (Input::get('status')=='deleted') - {{ trans('admin/users/table.show_current') }} -@else - {{ trans('admin/users/table.show_deleted') }} -@endif + @can('users.create') + @if (\App\Models\Setting::getSettings()->ldap_enabled == 1) + LDAP + @endif + {{ trans('general.import') }} + {{ trans('general.create') }} + @endcan + + @if (Input::get('status')=='deleted') + {{ trans('admin/users/table.show_current') }} + @else + {{ trans('admin/users/table.show_deleted') }} + @endif + @stop {{-- Page content --}} @@ -43,12 +47,14 @@ 'class' => 'form-inline' ]) }} @if (Input::get('status')!='deleted') + @can('users.delete')
+ @endcan @endif