skrd/unified-restaurant-original
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Forzando el uso de roles segun la vista

Browse Source 
Principlamente aplica a los post/put/delete de cada ruta, ya que estos
pueden ser destructivos y solamente un administrador o global admin
puede hacer esta accion
This commit is contained in:
Daniel Cortés
2021-07-20 00:56:34 -04:00
parent e6ad8af661
commit 3534fdd02a
1 changed files with 35 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
backend/routes/web.php
View File

@@ -22,71 +22,71 @@ $router->group(['prefix' => 'api/v1', 'middleware' => ['auth', 'log_endpoint']],
$router->group(['prefix' => '/restaurantes'], function () use ($router) { $router->group(['prefix' => '/restaurantes'], function () use ($router) {
$router->get( '/', ['as' => 'restaurant.all', 'uses' => 'RestaurantesController@all']); $router->get( '/', ['as' => 'restaurant.all', 'uses' => 'RestaurantesController@all']);
$router->get( '/{id}', ['as' => 'restaurant.get', 'uses' => 'RestaurantesController@get']); $router->get( '/{id}', ['as' => 'restaurant.get', 'uses' => 'RestaurantesController@get']);
$router->post( '/', ['as' => 'restaurant.create', 'uses' => 'RestaurantesController@create', 'middleware' => 'role:global_admin']); $router->post( '/', ['as' => 'restaurant.create', 'uses' => 'RestaurantesController@create', 'middleware' => ['role:global_admin']]);
$router->put( '/{id}', ['as' => 'restaurant.update', 'uses' => 'RestaurantesController@update', 'middleware' => 'role:global_admin']); $router->put( '/{id}', ['as' => 'restaurant.update', 'uses' => 'RestaurantesController@update', 'middleware' => ['role:global_admin']]);
$router->delete('/{id}', ['as' => 'restaurant.delete', 'uses' => 'RestaurantesController@delete', 'middleware' => 'role:global_admin']); $router->delete('/{id}', ['as' => 'restaurant.delete', 'uses' => 'RestaurantesController@delete', 'middleware' => ['role:global_admin']]);
$router->get( '/{restaurante_id}/canales-venta', ['as' => 'canales-venta.all', 'uses' => 'CanalesVentaController@all']); $router->get( '/{restaurante_id}/canales-venta', ['as' => 'canales-venta.all', 'uses' => 'CanalesVentaController@all']);
$router->get( '/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.get', 'uses' => 'CanalesVentaController@get']); $router->get( '/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.get', 'uses' => 'CanalesVentaController@get']);
$router->post( '/{restaurante_id}/canales-venta', ['as' => 'canales-venta.create', 'uses' => 'CanalesVentaController@create']); $router->post( '/{restaurante_id}/canales-venta', ['as' => 'canales-venta.create', 'uses' => 'CanalesVentaController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.update', 'uses' => 'CanalesVentaController@update']); $router->put( '/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.update', 'uses' => 'CanalesVentaController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.delete', 'uses' => 'CanalesVentaController@delete']); $router->delete('/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.delete', 'uses' => 'CanalesVentaController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/sectores', ['as' => 'sectores.all', 'uses' => 'SectoresController@all']); $router->get( '/{restaurante_id}/sectores', ['as' => 'sectores.all', 'uses' => 'SectoresController@all']);
$router->get( '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.get', 'uses' => 'SectoresController@get']); $router->get( '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.get', 'uses' => 'SectoresController@get']);
$router->post( '/{restaurante_id}/sectores', ['as' => 'sectores.create', 'uses' => 'SectoresController@create']); $router->post( '/{restaurante_id}/sectores', ['as' => 'sectores.create', 'uses' => 'SectoresController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.update', 'uses' => 'SectoresController@update']); $router->put( '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.update', 'uses' => 'SectoresController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/sectores/{id}', ['as' => 'sectores.delete', 'uses' => 'SectoresController@delete']); $router->delete('/{restaurante_id}/sectores/{id}', ['as' => 'sectores.delete', 'uses' => 'SectoresController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/zonas-produccion', ['as' => 'zonas-produccion.all', 'uses' => 'ZonasProduccionController@all']); $router->get( '/{restaurante_id}/zonas-produccion', ['as' => 'zonas-produccion.all', 'uses' => 'ZonasProduccionController@all']);
$router->get( '/{restaurante_id}/zonas-produccion/{id}', ['as' => 'zonas-produccion.get', 'uses' => 'ZonasProduccionController@get']); $router->get( '/{restaurante_id}/zonas-produccion/{id}', ['as' => 'zonas-produccion.get', 'uses' => 'ZonasProduccionController@get']);
$router->post( '/{restaurante_id}/zonas-produccion', ['as' => 'zonas-produccion.create', 'uses' => 'ZonasProduccionController@create']); $router->post( '/{restaurante_id}/zonas-produccion', ['as' => 'zonas-produccion.create', 'uses' => 'ZonasProduccionController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/zonas-produccion/{id}', ['as' => 'zonas-produccion.update', 'uses' => 'ZonasProduccionController@update']); $router->put( '/{restaurante_id}/zonas-produccion/{id}', ['as' => 'zonas-produccion.update', 'uses' => 'ZonasProduccionController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/zonas-produccion/{id}', ['as' => 'zonas-produccion.delete', 'uses' => 'ZonasProduccionController@delete']); $router->delete('/{restaurante_id}/zonas-produccion/{id}', ['as' => 'zonas-produccion.delete', 'uses' => 'ZonasProduccionController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/categorias', ['as' => 'categorias.all', 'uses' => 'CategoriasController@all']); $router->get( '/{restaurante_id}/categorias', ['as' => 'categorias.all', 'uses' => 'CategoriasController@all']);
$router->get( '/{restaurante_id}/categorias/{id}', ['as' => 'categorias.get', 'uses' => 'CategoriasController@get']); $router->get( '/{restaurante_id}/categorias/{id}', ['as' => 'categorias.get', 'uses' => 'CategoriasController@get']);
$router->post( '/{restaurante_id}/categorias', ['as' => 'categorias.create', 'uses' => 'CategoriasController@create']); $router->post( '/{restaurante_id}/categorias', ['as' => 'categorias.create', 'uses' => 'CategoriasController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/categorias/{id}', ['as' => 'categorias.update', 'uses' => 'CategoriasController@update']); $router->put( '/{restaurante_id}/categorias/{id}', ['as' => 'categorias.update', 'uses' => 'CategoriasController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/categorias/{id}', ['as' => 'categorias.delete', 'uses' => 'CategoriasController@delete']); $router->delete('/{restaurante_id}/categorias/{id}', ['as' => 'categorias.delete', 'uses' => 'CategoriasController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/proveedores', ['as' => 'proveedores.all', 'uses' => 'ProveedoresController@all']); $router->get( '/{restaurante_id}/proveedores', ['as' => 'proveedores.all', 'uses' => 'ProveedoresController@all']);
$router->get( '/{restaurante_id}/proveedores/{id}', ['as' => 'proveedores.get', 'uses' => 'ProveedoresController@get']); $router->get( '/{restaurante_id}/proveedores/{id}', ['as' => 'proveedores.get', 'uses' => 'ProveedoresController@get']);
$router->post( '/{restaurante_id}/proveedores', ['as' => 'proveedores.create', 'uses' => 'ProveedoresController@create']); $router->post( '/{restaurante_id}/proveedores', ['as' => 'proveedores.create', 'uses' => 'ProveedoresController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/proveedores/{id}', ['as' => 'proveedores.update', 'uses' => 'ProveedoresController@update']); $router->put( '/{restaurante_id}/proveedores/{id}', ['as' => 'proveedores.update', 'uses' => 'ProveedoresController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/proveedores/{id}', ['as' => 'proveedores.delete', 'uses' => 'ProveedoresController@delete']); $router->delete('/{restaurante_id}/proveedores/{id}', ['as' => 'proveedores.delete', 'uses' => 'ProveedoresController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/ingredientes', ['as' => 'ingredientes.all', 'uses' => 'IngredientesController@all']); $router->get( '/{restaurante_id}/ingredientes', ['as' => 'ingredientes.all', 'uses' => 'IngredientesController@all']);
$router->get( '/{restaurante_id}/ingredientes/{id}', ['as' => 'ingredientes.get', 'uses' => 'IngredientesController@get']); $router->get( '/{restaurante_id}/ingredientes/{id}', ['as' => 'ingredientes.get', 'uses' => 'IngredientesController@get']);
$router->post( '/{restaurante_id}/ingredientes', ['as' => 'ingredientes.create', 'uses' => 'IngredientesController@create']); $router->post( '/{restaurante_id}/ingredientes', ['as' => 'ingredientes.create', 'uses' => 'IngredientesController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/ingredientes/{id}', ['as' => 'ingredientes.update', 'uses' => 'IngredientesController@update']); $router->put( '/{restaurante_id}/ingredientes/{id}', ['as' => 'ingredientes.update', 'uses' => 'IngredientesController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/ingredientes/{id}', ['as' => 'ingredientes.delete', 'uses' => 'IngredientesController@delete']); $router->delete('/{restaurante_id}/ingredientes/{id}', ['as' => 'ingredientes.delete', 'uses' => 'IngredientesController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/productos', ['as' => 'productos.all', 'uses' => 'ProductosController@all']); $router->get( '/{restaurante_id}/productos', ['as' => 'productos.all', 'uses' => 'ProductosController@all']);
$router->get( '/{restaurante_id}/productos/{id}', ['as' => 'productos.get', 'uses' => 'ProductosController@get']); $router->get( '/{restaurante_id}/productos/{id}', ['as' => 'productos.get', 'uses' => 'ProductosController@get']);
$router->post( '/{restaurante_id}/productos', ['as' => 'productos.create', 'uses' => 'ProductosController@create']); $router->post( '/{restaurante_id}/productos', ['as' => 'productos.create', 'uses' => 'ProductosController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/productos/{id}', ['as' => 'productos.update', 'uses' => 'ProductosController@update']); $router->put( '/{restaurante_id}/productos/{id}', ['as' => 'productos.update', 'uses' => 'ProductosController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/productos/{id}', ['as' => 'productos.delete', 'uses' => 'ProductosController@delete']); $router->delete('/{restaurante_id}/productos/{id}', ['as' => 'productos.delete', 'uses' => 'ProductosController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/productos/{producto_id}/ingredientes/', ['as' => 'productos.receta.all', 'uses' => 'RecetasController@all']); $router->get( '/{restaurante_id}/productos/{producto_id}/ingredientes/', ['as' => 'productos.receta.all', 'uses' => 'RecetasController@all']);
$router->get( '/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.get', 'uses' => 'RecetasController@get']); $router->get( '/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.get', 'uses' => 'RecetasController@get']);
$router->post( '/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.add_ingrediente', 'uses' => 'RecetasController@create']); $router->post( '/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.add_ingrediente', 'uses' => 'RecetasController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.update_ingrediente', 'uses' => 'RecetasController@update']); $router->put( '/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.update_ingrediente', 'uses' => 'RecetasController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.remove_ingrediente', 'uses' => 'RecetasController@delete']); $router->delete('/{restaurante_id}/productos/{producto_id}/ingredientes/{ingrediente_id}', ['as' => 'productos.receta.remove_ingrediente', 'uses' => 'RecetasController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/compras', ['as' => 'compras.all', 'uses' => 'ComprasController@all']); $router->get( '/{restaurante_id}/compras', ['as' => 'compras.all', 'uses' => 'ComprasController@all']);
$router->get( '/{restaurante_id}/compras/{id}', ['as' => 'compras.get', 'uses' => 'ComprasController@get']); $router->get( '/{restaurante_id}/compras/{id}', ['as' => 'compras.get', 'uses' => 'ComprasController@get']);
$router->post( '/{restaurante_id}/compras', ['as' => 'compras.create', 'uses' => 'ComprasController@create']); $router->post( '/{restaurante_id}/compras', ['as' => 'compras.create', 'uses' => 'ComprasController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/compras/{id}', ['as' => 'compras.update', 'uses' => 'ComprasController@update']); $router->put( '/{restaurante_id}/compras/{id}', ['as' => 'compras.update', 'uses' => 'ComprasController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/compras/{id}', ['as' => 'compras.delete', 'uses' => 'ComprasController@delete']); $router->delete('/{restaurante_id}/compras/{id}', ['as' => 'compras.delete', 'uses' => 'ComprasController@delete', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/compras/{id}/ingredientes', ['as' => 'compras.ingredientes.get', 'uses' => 'ComprasController@getIngredientes']); $router->get( '/{restaurante_id}/compras/{id}/ingredientes', ['as' => 'compras.ingredientes.get', 'uses' => 'ComprasController@getIngredientes']);
$router->post( '/{restaurante_id}/compras/{id}/ingredientes/{ingrediente_id}', ['as' => 'compras.ingredientes.add', 'uses' => 'ComprasController@addIngrediente']); $router->post( '/{restaurante_id}/compras/{id}/ingredientes/{ingrediente_id}', ['as' => 'compras.ingredientes.add', 'uses' => 'ComprasController@addIngrediente', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/compras/{id}/ingredientes/{ingrediente_id}', ['as' => 'compras.ingredientes.delete', 'uses' => 'ComprasController@deleteIngrediente']); $router->delete('/{restaurante_id}/compras/{id}/ingredientes/{ingrediente_id}', ['as' => 'compras.ingredientes.delete', 'uses' => 'ComprasController@deleteIngrediente','middleware' => ['role:admin|global_admin']]);
$router->get( '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.get', 'uses' => 'FacturasController@get']); $router->get( '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.get', 'uses' => 'FacturasController@get']);
$router->post( '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.create', 'uses' => 'FacturasController@create']); $router->post( '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.create', 'uses' => 'FacturasController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.update', 'uses' => 'FacturasController@update']); $router->put( '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.update', 'uses' => 'FacturasController@update', 'middleware' => ['role:admin|global_admin']]);
$router->delete('/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.delete', 'uses' => 'FacturasController@delete']); $router->delete('/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.delete', 'uses' => 'FacturasController@delete', 'middleware' => ['role:admin|global_admin']]);
}); });
}); });