Ajustes varios de permisos y visuales
This commit is contained in:
33
app/Console/Commands/CreateAdmin.php
Normal file
33
app/Console/Commands/CreateAdmin.php
Normal file
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
namespace App\Console\Commands;
|
||||
|
||||
use App\Enums\RoleName;
|
||||
use App\Models\Role;
|
||||
use App\Models\User;
|
||||
use Illuminate\Console\Command;
|
||||
use Illuminate\Contracts\Console\PromptsForMissingInput;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
|
||||
class CreateAdmin extends Command implements PromptsForMissingInput
|
||||
{
|
||||
protected $signature = 'app:create-admin {user : E-Mail for the admin account} {password : Password for the admin account}';
|
||||
protected $description = 'Creates a super admin for the system';
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
$user = $this->argument('user');
|
||||
$password = $this->argument('password');
|
||||
|
||||
$user = User::create([
|
||||
'name' => $user,
|
||||
'email' => $user,
|
||||
'password' => Hash::make($password),
|
||||
]);
|
||||
|
||||
$role = Role::where('name', RoleName::SuperAdmin)->first();
|
||||
$user->roles()->attach($role);
|
||||
|
||||
$this->info("Admin account created");
|
||||
}
|
||||
}
|
||||
@@ -58,7 +58,7 @@ class ResetPassword extends Component
|
||||
);
|
||||
|
||||
if ($status === Password::PASSWORD_RESET) {
|
||||
Session::flash('toast', ['type' => 'success', 'message' => __($status)]);
|
||||
$this->toast()->success("Éxito", __($status))->flash()->send();
|
||||
$this->redirectRoute('login', navigate: true);
|
||||
} else {
|
||||
throw ValidationException::withMessages(['email' => __($status)]);
|
||||
|
||||
@@ -82,7 +82,7 @@ class Index extends Component
|
||||
'diez' => 0,
|
||||
]);
|
||||
|
||||
Session::flash('toast', ['type' => 'success', 'message' => 'Caja registrada correctamente']);
|
||||
$this->toast()->success("Éxito", "Caja registrada correctamente")->flash()->send();
|
||||
|
||||
$this->redirectRoute('cajas.edit', $turno, navigate: true);
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ use App\Models\Role;
|
||||
use App\Models\User;
|
||||
use Illuminate\Contracts\View\View;
|
||||
use Illuminate\Support\Collection;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\Session;
|
||||
use Illuminate\Validation\Rule;
|
||||
@@ -53,7 +54,7 @@ class Edit extends Component
|
||||
{
|
||||
return [
|
||||
'name' => 'required|string',
|
||||
'email' => ['required', 'email', Rule::unique('users', 'email')->ignore($this->user->id)],
|
||||
'email' => ['required', 'email', Rule::unique('users', 'email')->ignore($this->user?->id)],
|
||||
'password' => $this->change_password ? 'required|string|min:8|confirmed' : 'nullable|string|min:8|confirmed',
|
||||
'password_confirmation' => $this->change_password ? 'required' : 'nullable',
|
||||
'roles' => 'nullable',
|
||||
@@ -86,19 +87,26 @@ class Edit extends Component
|
||||
|
||||
$this->user->save();
|
||||
|
||||
$isSuperAdmin = $this->user->roles()->where('name', RoleName::SuperAdmin)->exists();
|
||||
$this->user->roles()->sync($this->roles);
|
||||
if ($isSuperAdmin) {
|
||||
$this->user->roles()->attach(Role::where('name', RoleName::SuperAdmin)->first()->id);
|
||||
$isSuperAdmin = $this->user->isAn(RoleName::SuperAdmin);
|
||||
if($isSuperAdmin) {
|
||||
$this->roles[] = Role::where('name', RoleName::SuperAdmin)->first()->id;
|
||||
}
|
||||
|
||||
Session::flash('toast', ['type' => 'success', 'message' => 'Usuario modificado correctamente']);
|
||||
$this->user->roles()->sync($this->roles);
|
||||
|
||||
$this->toast()->success("Éxito", "Usuario modificado correctamente")->flash()->send();
|
||||
}
|
||||
|
||||
public function store(): void
|
||||
{
|
||||
$this->authorize('create', User::class);
|
||||
|
||||
$superadmin = Role::whereName(RoleName::SuperAdmin)->first();
|
||||
|
||||
if(collect($this->roles)->contains($superadmin->id)) {
|
||||
Gate::authorize('create-super-admin', User::class);
|
||||
}
|
||||
|
||||
$user = User::create([
|
||||
'name' => $this->name,
|
||||
'email' => $this->email,
|
||||
@@ -107,12 +115,16 @@ class Edit extends Component
|
||||
|
||||
$user->roles()->sync($this->roles);
|
||||
|
||||
Session::flash('toast', ['type' => 'success', 'message' => 'Usuario registrado correctamente']);
|
||||
$this->toast()->success("Éxito", "Usuario registrado correctamente")->flash()->send();
|
||||
}
|
||||
|
||||
#[Computed]
|
||||
public function availableRoles(): Collection
|
||||
{
|
||||
return Role::whereNot('name', RoleName::SuperAdmin)->get();
|
||||
if(Gate::allows('create-super-admin', User::class)) {
|
||||
return Role::all();
|
||||
} else {
|
||||
return Role::whereNot('name', RoleName::SuperAdmin)->get();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -51,6 +51,7 @@ class Index extends Component
|
||||
return [
|
||||
['index' => 'name', 'label' => 'Nombre'],
|
||||
['index' => 'email', 'label' => 'Email'],
|
||||
['index' => 'roles', 'label' => 'Roles'],
|
||||
['index' => 'action', 'label' => 'Acciones'],
|
||||
];
|
||||
}
|
||||
@@ -58,6 +59,6 @@ class Index extends Component
|
||||
#[Computed]
|
||||
public function rows(): LengthAwarePaginator
|
||||
{
|
||||
return User::paginate();
|
||||
return User::filterSuperadmin()->with('roles')->paginate();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
namespace App\Models;
|
||||
|
||||
use App\Enums\RoleName;
|
||||
use Illuminate\Database\Eloquent\Builder;
|
||||
use Illuminate\Database\Eloquent\Concerns\HasUlids;
|
||||
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
|
||||
@@ -30,6 +32,23 @@ class User extends Authenticatable
|
||||
return $this->belongsToMany(Role::class, 'user_roles', 'user_id', 'role_id');
|
||||
}
|
||||
|
||||
public function isAn(...$roles): bool
|
||||
{
|
||||
return $this->roles()->whereIn('name', $roles)->exists();
|
||||
}
|
||||
|
||||
public function scopeFilterSuperadmin(Builder $query) {
|
||||
if(!auth()->check()) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!auth()->user()->isAn(RoleName::SuperAdmin)) {
|
||||
$query->whereDoesntHave('roles', function (Builder $builder) {
|
||||
$builder->where('name', RoleName::SuperAdmin);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
protected function casts(): array
|
||||
{
|
||||
return [
|
||||
|
||||
@@ -10,68 +10,65 @@ class UserPolicy
|
||||
{
|
||||
public function before(User $user, string $ability): bool|null
|
||||
{
|
||||
$isAdmin = $user->roles()->whereIn('name', [RoleName::SuperAdmin, RoleName::Admin])->exists();
|
||||
|
||||
if (!$isAdmin) {
|
||||
if (!$user->isAn(RoleName::SuperAdmin, RoleName::Admin)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*/
|
||||
public function viewAny(User $user): bool
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can view the model.
|
||||
*/
|
||||
public function view(User $user, User $model): bool
|
||||
{
|
||||
if($model->isAn(RoleName::SuperAdmin)) {
|
||||
return $user->isAn(RoleName::SuperAdmin);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can create models.
|
||||
*/
|
||||
public function create(User $user): bool
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*/
|
||||
public function createSuperAdmin(User $user): bool
|
||||
{
|
||||
return $user->isAn(RoleName::SuperAdmin);
|
||||
}
|
||||
|
||||
public function update(User $user, User $model): bool
|
||||
{
|
||||
if($model->isAn(RoleName::SuperAdmin)) {
|
||||
return $user->isAn(RoleName::SuperAdmin);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*/
|
||||
public function delete(User $user, User $model): bool
|
||||
{
|
||||
if($model->isAn(RoleName::SuperAdmin)) {
|
||||
return $user->isAn(RoleName::SuperAdmin);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can restore the model.
|
||||
*/
|
||||
public function restore(User $user, User $model): bool
|
||||
{
|
||||
if($model->isAn(RoleName::SuperAdmin)) {
|
||||
return $user->isAn(RoleName::SuperAdmin);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can permanently delete the model.
|
||||
*/
|
||||
public function forceDelete(User $user, User $model): bool
|
||||
{
|
||||
if($model->isAn(RoleName::SuperAdmin)) {
|
||||
return $user->isAn(RoleName::SuperAdmin);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user