snipe-it/routes/web.php
Daniel Meltzer cd8c585377 Discussion: Moving to policies for controller based authorization (#3080)
* Make delete routes work.  We put a little form in the modal that spoofs the delete field.

* Fix route on creating a user.

* Fix redundant id parameter.

* Port acceptance tests to new urls.

* Initial work on migrating to model based policies instead of global gates.  Will allow for much more detailed permissions bits in the future.

* This needs to stay for the dashboard checks.

* Add user states for permissions to build tests.

* Build up unit tests for gates/permissions.  Move accessories/consumables/assets to policies instead of in authserviceprovider

* Migrate various locations to new syntax.  Update test to be more specific

* Fix functional tests.

Add an artisan command for installing a settings setup on travis-ci

* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.

* Try to fix travis

* Update urls to use routes and not hardcode old paths.  Also fix some migration errors found along the way.:

* Add a environment for travis functional tests.

* Adjust config file to make travis use it.

* Use redirect()->route instead of redirect()-to

* Dump all failures in the output directory if travis fails.

* Cleanups and minor fixes.

* Adjust the supplier modelfactory to comply with new validation restrictions.

* Some test fixes.

* Locales can be longer than 5 characters according to faker... fex gez_ET.  Increase lenght in mysql and add a validation

* Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00

392 lines
11 KiB
PHP

<?php
use App\Models\CheckoutRequest;
use App\Models\Location;
use App\Models\Statuslabel;
/*
* Companies
*/
Route::resource('companies', 'CompaniesController', [
'parameters' => ['company' => 'company_id']
]);
/*
* Categories
*/
Route::resource('categories', 'CategoriesController', [
'parameters' => ['category' => 'category_id']
]);
/*
* Locations
*/
Route::resource('locations', 'LocationsController', [
'parameters' => ['location' => 'location_id']
]);
/*
* Manufacturers
*/
Route::resource('manufacturers', 'ManufacturersController', [
'parameters' => ['manufacturer' => 'manufacturers_id']
]);
/*
* Suppliers
*/
Route::resource('suppliers', 'SuppliersController', [
'parameters' => ['supplier' => 'supplier_id']
]);
/*
* Depreciations
*/
Route::resource('depreciations', 'DepreciationsController', [
'parameters' => ['depreciation' => 'depreciation_id']
]);
/*
* Status Labels
*/
Route::resource('statuslabels', 'StatuslabelsController', [
'parameters' => ['statuslabel' => 'statuslabel_id']
]);
/*
|--------------------------------------------------------------------------
| Log Routes
|--------------------------------------------------------------------------
|
| Register all the admin routes.
|
*/
Route::group(['middleware' => 'auth'], function () {
Route::get(
'display-sig/{filename}',
[
'as' => 'log.signature.view',
'uses' => 'ActionlogController@displaySig' ]
);
});
/*
|--------------------------------------------------------------------------
| Admin Routes
|--------------------------------------------------------------------------
|
| Register all the admin routes.
|
*/
Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () {
Route::get('requests',
// foreach( CheckoutRequest::with('user')->get() as $requestedItem) {
// echo $requestedItem->user->username . ' requested ' . $requestedItem->requestedItem->name;
[
'as' => 'requests',
'middleware' => 'authorize:admin',
'uses' => 'ViewAssetsController@getRequestedIndex'
]);
# Admin Settings Routes (for categories, maufactureres, etc)
Route::group([ 'prefix' => 'settings', 'middleware'=>'authorize:superuser'], function () {
# Settings
Route::group([ 'prefix' => 'app' ], function () {
Route::post('purge', ['as' => 'purge', 'uses' => 'SettingsController@postPurge']);
Route::get('edit', [ 'as' => 'edit/settings', 'uses' => 'SettingsController@getEdit' ]);
Route::post('edit', 'SettingsController@postEdit');
Route::get('ldaptest', [
'as' => 'settings/ldaptest',
'uses' => 'SettingsController@getLdapTest'
]);
Route::get('/', [ 'as' => 'app', 'uses' => 'SettingsController@getIndex' ]);
});
# Settings
Route::group([ 'prefix' => 'backups', 'middleware' => 'auth' ], function () {
Route::get('download/{filename}', [
'as' => 'settings/download-file',
'uses' => 'SettingsController@downloadFile' ]);
Route::get('delete/{filename}', [
'as' => 'settings/delete-file',
'uses' => 'SettingsController@deleteFile' ]);
Route::post('/', [
'as' => 'settings/backups',
'uses' => 'SettingsController@postBackups'
]);
Route::get('/', [ 'as' => 'settings/backups', 'uses' => 'SettingsController@getBackups' ]);
});
});
# Group Management
Route::group([ 'prefix' => 'groups', 'middleware' => ['web','auth','authorize:superadmin'] ], function () {
Route::get('/', [ 'as' => 'groups', 'uses' => 'GroupsController@getIndex' ]);
Route::get('create', [ 'as' => 'create/group', 'uses' => 'GroupsController@getCreate' ]);
Route::post('create', 'GroupsController@postCreate');
Route::get('{groupId}/edit', [ 'as' => 'update/group', 'uses' => 'GroupsController@getEdit' ]);
Route::post('{groupId}/edit', 'GroupsController@postEdit');
Route::get('{groupId}/delete', [ 'as' => 'delete/group', 'uses' => 'GroupsController@getDelete' ]);
Route::get('{groupId}/restore', [ 'as' => 'restore/group', 'uses' => 'GroupsController@getRestore' ]);
Route::get('{groupId}/view', [ 'as' => 'view/group', 'uses' => 'GroupsController@getView' ]);
});
# Dashboard
Route::get('/', [ 'as' => 'admin', 'uses' => 'DashboardController@getIndex' ]);
});
/*
|--------------------------------------------------------------------------
| Account Routes
|--------------------------------------------------------------------------
|
|
|
*/
Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function () {
# Profile
Route::get('profile', [ 'as' => 'profile', 'uses' => 'ProfileController@getIndex' ]);
Route::post('profile', 'ProfileController@postIndex');
# View Assets
Route::get('view-assets', [ 'as' => 'view-assets', 'uses' => 'ViewAssetsController@getIndex' ]);
# Accept Asset
Route::get(
'accept-asset/{logID}',
[ 'as' => 'account/accept-assets', 'uses' => 'ViewAssetsController@getAcceptAsset' ]
);
Route::post(
'accept-asset/{logID}',
[ 'as' => 'account/asset-accepted', 'uses' => 'ViewAssetsController@postAcceptAsset' ]
);
# Profile
Route::get(
'requestable-assets',
[ 'as' => 'requestable-assets', 'uses' => 'ViewAssetsController@getRequestableIndex' ]
);
Route::get(
'request-asset/{assetId}',
[ 'as' => 'account/request-asset', 'uses' => 'ViewAssetsController@getRequestAsset' ]
);
Route::post(
'request/{itemType}/{itemId}',
[ 'as' => 'account/request-item', 'uses' => 'ViewAssetsController@getRequestItem']
);
# Account Dashboard
Route::get('/', [ 'as' => 'account', 'uses' => 'ViewAssetsController@getIndex' ]);
});
Route::group(['middleware' => ['web','auth','authorize:reports.view']], function () {
Route::get(
'reports/depreciation',
[ 'as' => 'reports/depreciation', 'uses' => 'ReportsController@getDeprecationReport' ]
);
Route::get(
'reports/export/depreciation',
[ 'as' => 'reports/export/depreciation', 'uses' => 'ReportsController@exportDeprecationReport' ]
);
Route::get(
'reports/asset_maintenances',
[ 'as' => 'reports/asset_maintenances', 'uses' => 'ReportsController@getAssetMaintenancesReport' ]
);
Route::get(
'reports/export/asset_maintenances',
[
'as' => 'reports/export/asset_maintenances',
'uses' => 'ReportsController@exportAssetMaintenancesReport'
]
);
Route::get(
'reports/licenses',
[ 'as' => 'reports/licenses', 'uses' => 'ReportsController@getLicenseReport' ]
);
Route::get(
'reports/export/licenses',
[ 'as' => 'reports/export/licenses', 'uses' => 'ReportsController@exportLicenseReport' ]
);
Route::get('reports/assets', [ 'as' => 'reports/assets', 'uses' => 'ReportsController@getAssetsReport' ]);
Route::get(
'reports/export/assets',
[ 'as' => 'reports/export/assets', 'uses' => 'ReportsController@exportAssetReport' ]
);
Route::get('reports/accessories', [ 'as' => 'reports/accessories', 'uses' => 'ReportsController@getAccessoryReport' ]);
Route::get(
'reports/export/accessories',
[ 'as' => 'reports/export/accessories', 'uses' => 'ReportsController@exportAccessoryReport' ]
);
Route::get('reports/custom', [ 'as' => 'reports/custom', 'uses' => 'ReportsController@getCustomReport' ]);
Route::post('reports/custom', 'ReportsController@postCustom');
Route::get(
'reports/activity',
[ 'as' => 'reports/activity', 'uses' => 'ReportsController@getActivityReport' ]
);
Route::get(
'reports/activity/json',
[ 'as' => 'api.activity.list', 'uses' => 'ReportsController@getActivityReportDataTable' ]
);
Route::get(
'reports/unaccepted_assets',
[ 'as' => 'reports/unaccepted_assets', 'uses' => 'ReportsController@getAssetAcceptanceReport' ]
);
Route::get(
'reports/export/unaccepted_assets',
[ 'as' => 'reports/export/unaccepted_assets', 'uses' => 'ReportsController@exportAssetAcceptanceReport' ]
);
});
/*
|--------------------------------------------------------------------------
| Setup Routes
|--------------------------------------------------------------------------
|
|
|
*/
Route::group([ 'prefix' => 'setup', 'middleware' => 'web'], function () {
Route::get(
'user',
[
'as' => 'setup.user',
'uses' => 'SettingsController@getSetupUser' ]
);
Route::post(
'user',
[
'as' => 'setup.user.save',
'uses' => 'SettingsController@postSaveFirstAdmin' ]
);
Route::get(
'migrate',
[
'as' => 'setup.migrate',
'uses' => 'SettingsController@getSetupMigrate' ]
);
Route::get(
'done',
[
'as' => 'setup.done',
'uses' => 'SettingsController@getSetupDone' ]
);
Route::get(
'mailtest',
[
'as' => 'setup.mailtest',
'uses' => 'SettingsController@ajaxTestEmail' ]
);
Route::get(
'/',
[
'as' => 'setup',
'uses' => 'SettingsController@getSetupIndex' ]
);
});
Route::get(
'two-factor-enroll',
[
'as' => 'two-factor-enroll',
'middleware' => ['web'],
'uses' => 'Auth\LoginController@getTwoFactorEnroll' ]
);
Route::get(
'two-factor',
[
'as' => 'two-factor',
'middleware' => ['web'],
'uses' => 'Auth\LoginController@getTwoFactorAuth' ]
);
Route::post(
'two-factor',
[
'as' => 'two-factor',
'middleware' => ['web'],
'uses' => 'Auth\LoginController@postTwoFactorAuth' ]
);
Route::get(
'/',
[
'as' => 'home',
'middleware' => ['web', 'auth'],
'uses' => 'DashboardController@getIndex' ]
);
Route::group(['middleware' => 'web'], function () {
//Route::auth();
Route::get(
'login',
[
'as' => 'login',
'middleware' => ['web'],
'uses' => 'Auth\LoginController@showLoginForm' ]
);
Route::post(
'login',
[
'as' => 'login',
'middleware' => ['web'],
'uses' => 'Auth\LoginController@login' ]
);
Route::get(
'logout',
[
'as' => 'logout',
'uses' => 'Auth\LoginController@logout' ]
);
});
Route::get('home', function () {
return redirect('/');
});