From a02676aba8dd25e45b43eb0c6f1f437a92c69477 Mon Sep 17 00:00:00 2001 From: IsharaEkanayaka Date: Mon, 15 Jul 2024 15:27:05 +0530 Subject: [PATCH] authorize events secction --- app/Http/Livewire/Backend/EventsTable.php | 10 ++++++++-- app/Providers/AuthServiceProvider.php | 4 ++-- .../views/backend/event/index-table-row.blade.php | 7 ++++--- routes/backend/event.php | 12 ++++++++++-- 4 files changed, 24 insertions(+), 9 deletions(-) diff --git a/app/Http/Livewire/Backend/EventsTable.php b/app/Http/Livewire/Backend/EventsTable.php index cfcfc94..fc5e0b4 100644 --- a/app/Http/Livewire/Backend/EventsTable.php +++ b/app/Http/Livewire/Backend/EventsTable.php @@ -2,6 +2,7 @@ namespace App\Http\Livewire\Backend; +use Illuminate\Support\Facades\Gate; use App\Domains\Event\Models\Event; use Illuminate\Database\Eloquent\Builder; use Rappasoft\LaravelLivewireTables\DataTableComponent; @@ -17,7 +18,7 @@ class EventsTable extends DataTableComponent public function columns(): array { - return [ + $columns = [ Column::make("Title", "title") ->sortable() ->searchable(), @@ -39,8 +40,13 @@ public function columns(): array ->sortable(), Column::make("Updated At", "updated_at") ->sortable(), - Column::make("Actions") ]; + + if (Gate::allows('edit-or-delete-news')) { + $columns[] = Column::make("Actions"); + } + + return $columns; } public function query(): Builder diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 1fa1b2c..b54ca2c 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -40,12 +40,12 @@ public function boot() // }); Gate::define('edit-or-delete-news', function ($user) { - // Logic to determine if the user can edit news + // Logic to determine if the user can edit or delete news return $user->hasAnyPermission(['admin.access.news.edit','admin.access.news.delete']); }); Gate::define('edit-or-delete-events', function ($user) { - // Logic to determine if the user can edit news + // Logic to determine if the user can edit or delete events return $user->hasAnyPermission(['admin.access.events.edit','admin.access.events.delete']); }); } diff --git a/resources/views/backend/event/index-table-row.blade.php b/resources/views/backend/event/index-table-row.blade.php index adcaa1f..e0cf217 100644 --- a/resources/views/backend/event/index-table-row.blade.php +++ b/resources/views/backend/event/index-table-row.blade.php @@ -38,9 +38,6 @@ @endif - - -
{{ $row->start_at }} @@ -74,12 +71,16 @@
+ @if ($logged_in_user->hasPermissionTo('admin.access.events.edit')) + @endif + @if ($logged_in_user->hasPermissionTo('admin.access.events.edit')) + @endif
diff --git a/routes/backend/event.php b/routes/backend/event.php index 1e8f2d9..63af0ed 100644 --- a/routes/backend/event.php +++ b/routes/backend/event.php @@ -4,11 +4,13 @@ use Illuminate\Support\Facades\Route; use App\Http\Controllers\Backend\EventController; -Route::group(['middleware' => ['permission:admin.access.events.edit']], function () { +Route::group(['middleware' => ['permission:admin.access.events.show|admin.access.events.create|admin.access.events.edit|admin.access.events.delete']], function () { Route::get('/event', function () { return view('backend.event.index'); - })->name('event.index') + }) + ->middleware('permission:admin.access.events.show') + ->name('event.index') ->breadcrumbs(function (Trail $trail) { $trail->push(__('Home'), route('dashboard.home')) ->push(__('event'), route('dashboard.event.index')); @@ -16,6 +18,7 @@ // Create Route::get('event/create', [EventController::class, 'create']) + ->middleware('permission:admin.access.events.create') ->name('event.create') ->breadcrumbs(function (Trail $trail) { $trail->push(__('Home'), route('dashboard.home')) @@ -25,10 +28,12 @@ // Store Route::post('event/', [EventController::class, 'store']) + ->middleware('permission:admin.access.events.create') ->name('event.store'); // Edit Route::get('event/edit/{event}', [EventController::class, 'edit']) + ->middleware('permission:admin.access.events.edit') ->name('event.edit') ->breadcrumbs(function (Trail $trail) { $trail->push(__('Home'), route('dashboard.home')) @@ -39,10 +44,12 @@ // Update Route::put('event/{event}', [EventController::class, 'update']) + ->middleware('permission:admin.access.events.edit') ->name('event.update'); // Delete Route::get('event/delete/{event}', [EventController::class, 'delete']) + ->middleware('permission:admin.access.events.delete') ->name('event.delete') ->breadcrumbs(function (Trail $trail) { $trail->push(__('Home'), route('dashboard.home')) @@ -52,5 +59,6 @@ // Destroy Route::delete('event/{event}', [EventController::class, 'destroy']) + ->middleware('permission:admin.access.events.delete') ->name('event.destroy'); });