Only allow asset files to be deleted, maintenances to be added if user has assets.edit permission

This commit is contained in:
snipe 2016-11-29 13:37:45 -08:00
parent abcc01f5e0
commit f5e100a6a5
4 changed files with 45 additions and 15 deletions

View file

@ -21,6 +21,7 @@ use App\Models\Setting;
use App\Models\Asset; use App\Models\Asset;
use App\Helpers\Helper; use App\Helpers\Helper;
use Auth; use Auth;
use Gate;
/** /**
* This controller handles all actions related to Asset Maintenance for * This controller handles all actions related to Asset Maintenance for
@ -119,8 +120,12 @@ class AssetMaintenancesController extends Controller
$settings = Setting::getSettings(); $settings = Setting::getSettings();
foreach ($maintenances as $maintenance) { foreach ($maintenances as $maintenance) {
$actions = '';
$actions = '<nobr><a href="'.route('update/asset_maintenance', $maintenance->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/asset_maintenance', $maintenance->id).'" data-content="'.trans('admin/asset_maintenances/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($maintenance->title).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>'; if (Gate::allows('assets.edit')) {
$actions .= '<nobr><a href="' . route('update/asset_maintenance',
$maintenance->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/asset_maintenance',
$maintenance->id) . '" data-content="' . trans('admin/asset_maintenances/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($maintenance->title) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
}
if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) && ($maintenance->asset->assetloc->currency!='')) { if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) && ($maintenance->asset->assetloc->currency!='')) {
$maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost; $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;

View file

@ -481,16 +481,25 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
# Asset Maintenances # Asset Maintenances
Route::group([ 'prefix' => 'asset_maintenances', 'middleware'=>'authorize:assets.view' ], function () { Route::group([ 'prefix' => 'asset_maintenances', 'middleware'=>'authorize:assets.view' ], function () {
Route::get( Route::get('create/{assetId?}',
'create/{assetId?}', [ 'as' => 'create/asset_maintenances',
[ 'as' => 'create/asset_maintenances', 'uses' => 'AssetMaintenancesController@getCreate' ] 'middleware' => 'authorize:assets.edit',
); 'uses' => 'AssetMaintenancesController@getCreate'
Route::post('create/{assetId?}', 'AssetMaintenancesController@postCreate'); ]);
Route::get('/', [ 'as' => 'asset_maintenances', 'uses' => 'AssetMaintenancesController@getIndex' ]);
Route::get( Route::post('create/{assetId?}',
'{assetMaintenanceId}/edit', [ 'as' => 'create/asset_maintenances.save',
[ 'as' => 'update/asset_maintenance', 'uses' => 'AssetMaintenancesController@getEdit' ] 'middleware' => 'authorize:assets.edit',
); 'uses' => 'AssetMaintenancesController@postCreate'
]);
Route::get('{assetMaintenanceId}/edit',
[ 'as' => 'update/asset_maintenance',
'middleware' => 'authorize:assets.edit',
'uses' => 'AssetMaintenancesController@getEdit'
]);
Route::post('{assetMaintenanceId}/edit', 'AssetMaintenancesController@postEdit'); Route::post('{assetMaintenanceId}/edit', 'AssetMaintenancesController@postEdit');
Route::get( Route::get(
'{assetMaintenanceId}/delete', '{assetMaintenanceId}/delete',
@ -500,6 +509,8 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
'{assetMaintenanceId}/view', '{assetMaintenanceId}/view',
[ 'as' => 'view/asset_maintenance', 'uses' => 'AssetMaintenancesController@getView' ] [ 'as' => 'view/asset_maintenance', 'uses' => 'AssetMaintenancesController@getView' ]
); );
Route::get('/', [ 'as' => 'asset_maintenances', 'uses' => 'AssetMaintenancesController@getIndex' ]);
}); });
# Accessories # Accessories

View file

@ -8,7 +8,9 @@
@section('header_right') @section('header_right')
@can('assets.edit')
<a href="{{ route('create/asset_maintenances') }}" class="btn btn-primary pull-right"> {{ trans('general.create') }}</a> <a href="{{ route('create/asset_maintenances') }}" class="btn btn-primary pull-right"> {{ trans('general.create') }}</a>
@endcan
@stop @stop
@ -45,7 +47,9 @@
<th data-searchable="true" data-sortable="true" data-field="cost" class="text-right">{{ trans('admin/asset_maintenances/form.cost') }}</th> <th data-searchable="true" data-sortable="true" data-field="cost" class="text-right">{{ trans('admin/asset_maintenances/form.cost') }}</th>
<th data-searchable="true" data-sortable="true" data-field="user_id">{{ trans('general.admin') }}</th> <th data-searchable="true" data-sortable="true" data-field="user_id">{{ trans('general.admin') }}</th>
<th data-searchable="true" data-sortable="true" data-field="notes" data-visible="false">{{ trans('admin/asset_maintenances/form.notes') }}</th> <th data-searchable="true" data-sortable="true" data-field="notes" data-visible="false">{{ trans('admin/asset_maintenances/form.notes') }}</th>
<th data-switchable="false" data-searchable="false" data-sortable="false" data-field="actions">{{ trans('table.actions') }}</th> @can('assets.edit')
<th data-switchable="false" data-searchable="false" data-sortable="false" data-field="actions">{{ trans('table.actions') }}</th>
@endcan
</tr> </tr>
</thead> </thead>
</table> </table>

View file

@ -65,7 +65,7 @@
<a href="#files" data-toggle="tab"><span class="hidden-lg hidden-md"><i class="fa fa-files-o"></i></span> <span class="hidden-xs hidden-sm">Files</span></a> <a href="#files" data-toggle="tab"><span class="hidden-lg hidden-md"><i class="fa fa-files-o"></i></span> <span class="hidden-xs hidden-sm">Files</span></a>
</li> </li>
<li class="pull-right"> <li class="pull-right">
<a href="#" data-toggle="modal" data-target="#uploadFileModal"><i class="fa fa-paperclip"></i> </a> <!-- <a href="#" data-toggle="modal" data-target="#uploadFileModal"><i class="fa fa-paperclip"></i> </a> -->
</li> </li>
</ul> </ul>
<div class="tab-content"> <div class="tab-content">
@ -496,9 +496,11 @@
<div class="tab-pane fade" id="maintenances"> <div class="tab-pane fade" id="maintenances">
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
@can('assets.edit')
<h6>{{ trans('general.asset_maintenances') }} <h6>{{ trans('general.asset_maintenances') }}
[ <a href="{{ route('create/asset_maintenances', $asset->id) }}">{{ trans('button.add') }}</a> ] [ <a href="{{ route('create/asset_maintenances', $asset->id) }}">{{ trans('button.add') }}</a> ]
</h6> </h6>
@endcan
<!-- Asset Maintenance table --> <!-- Asset Maintenance table -->
@if (count($asset->assetmaintenances) > 0) @if (count($asset->assetmaintenances) > 0)
@ -514,7 +516,9 @@
<th>{{ trans('admin/asset_maintenances/table.is_warranty') }}</th> <th>{{ trans('admin/asset_maintenances/table.is_warranty') }}</th>
<th>{{ trans('admin/asset_maintenances/form.cost') }}</th> <th>{{ trans('admin/asset_maintenances/form.cost') }}</th>
<th>{{ trans('general.admin') }}</th> <th>{{ trans('general.admin') }}</th>
<th>{{ trans('table.actions') }}</th> @can('assets.edit')
<th>{{ trans('table.actions') }}</th>
@endcan
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
@ -537,9 +541,11 @@
@endif @endif
</td> </td>
<?php $totalCost += $assetMaintenance->cost; ?> <?php $totalCost += $assetMaintenance->cost; ?>
@can('assets.edit')
<td> <td>
<a href="{{ route('update/asset_maintenance', $assetMaintenance->id) }}" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a href="{{ route('update/asset_maintenance', $assetMaintenance->id) }}" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a>
</td> </td>
@endcan
</tr> </tr>
@endif @endif
@endforeach @endforeach
@ -665,6 +671,7 @@
<div class="tab-pane fade" id="files"> <div class="tab-pane fade" id="files">
<div class="row"> <div class="row">
@can('assets.edit')
{{ Form::open([ {{ Form::open([
'method' => 'POST', 'method' => 'POST',
'route' => ['upload/asset', $asset->id], 'route' => ['upload/asset', $asset->id],
@ -688,6 +695,7 @@
</div> </div>
{{ Form::close() }} {{ Form::close() }}
@endcan
<div class="col-md-12"> <div class="col-md-12">
@ -724,7 +732,9 @@
@endif @endif
</td> </td>
<td> <td>
@can('assets.edit')
<a class="btn delete-asset btn-danger btn-sm" href="{{ route('delete/assetfile', [$asset->id, $file->id]) }}"><i class="fa fa-trash icon-white"></i></a> <a class="btn delete-asset btn-danger btn-sm" href="{{ route('delete/assetfile', [$asset->id, $file->id]) }}"><i class="fa fa-trash icon-white"></i></a>
@endcan
</td> </td>
</tr> </tr>
@endforeach @endforeach