From ff711a84904de87a66786963af23e15845133209 Mon Sep 17 00:00:00 2001 From: Vincent Vanwaelscappel Date: Wed, 2 Dec 2020 13:37:21 +0100 Subject: [PATCH] wip #3753 @3 --- .../Admin/FluidbookQuoteCrudController.php | 1 + app/Models/AuthUser.php | 21 ++++++++++++++++++ app/Models/FluidbookQuote.php | 6 +++++ app/Models/Quiz.php | 6 +++++ app/Models/User.php | 3 ++- app/Providers/AuthServiceProvider.php | 22 +++++++++++++++++++ composer.lock | 10 ++++----- config/auth.php | 6 ++--- config/backpack/base.php | 4 ++-- config/backpack/permissionmanager.php | 2 +- .../base/inc/sidebar_content.blade.php | 2 +- routes/backpack/backupmanager.php | 2 +- routes/backpack/permissionmanager.php | 3 +-- 13 files changed, 72 insertions(+), 16 deletions(-) create mode 100644 app/Models/AuthUser.php diff --git a/app/Http/Controllers/Admin/FluidbookQuoteCrudController.php b/app/Http/Controllers/Admin/FluidbookQuoteCrudController.php index 90f63b8ac..6674277ac 100644 --- a/app/Http/Controllers/Admin/FluidbookQuoteCrudController.php +++ b/app/Http/Controllers/Admin/FluidbookQuoteCrudController.php @@ -6,6 +6,7 @@ class FluidbookQuoteCrudController extends \Cubist\Backpack\app\Magic\Controller { use \App\Http\Controllers\Admin\Operations\FluidbookQuote\AssignOperation; use \App\Http\Controllers\Admin\Operations\FluidbookQuote\CreateFromWebsite; + use \App\Http\Controllers\Admin\Operations\FluidbookQuote\ConfirmAssignmentOperation; use \Backpack\CRUD\app\Http\Controllers\Operations\UpdateOperation; use \Cubist\Backpack\app\Http\Controllers\Operations\BulkPublishOperation; use \Backpack\ReviseOperation\ReviseOperation; diff --git a/app/Models/AuthUser.php b/app/Models/AuthUser.php new file mode 100644 index 000000000..e4f78e876 --- /dev/null +++ b/app/Models/AuthUser.php @@ -0,0 +1,21 @@ +can($abilities, $arguments); + } +} diff --git a/app/Models/FluidbookQuote.php b/app/Models/FluidbookQuote.php index 65bac0462..f4de2627d 100644 --- a/app/Models/FluidbookQuote.php +++ b/app/Models/FluidbookQuote.php @@ -8,6 +8,7 @@ use App\Http\Controllers\Admin\Operations\FluidbookQuote\ConfirmAssignmentOperat use App\Http\Controllers\Admin\Operations\FluidbookQuote\CreateFromWebsite; use Cubedesigners\UserDatabase\User; use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel; +use Illuminate\Database\Eloquent\Builder; class FluidbookQuote extends CubistMagicAbstractModel { @@ -21,6 +22,11 @@ class FluidbookQuote extends CubistMagicAbstractModel protected $_enableDeletion = false; protected $_enableCreation = false; + public static function addOwnerClause(Builder $builder) + { + $builder->where('reseller', backpack_user()->id); + } + public function setFields() { parent::setFields(); diff --git a/app/Models/Quiz.php b/app/Models/Quiz.php index 1ddc926f6..ab1b43a04 100644 --- a/app/Models/Quiz.php +++ b/app/Models/Quiz.php @@ -6,6 +6,7 @@ namespace App\Models; use App\Http\Controllers\Admin\Base\QuizController; use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel; use Cubist\Util\Files\Files; +use Illuminate\Database\Eloquent\Builder; use Spatie\MediaLibrary\MediaCollections\Models\Media; use Spatie\Image\Manipulations; use App\Fields\User; @@ -342,4 +343,9 @@ class Quiz extends CubistMagicAbstractModel } return parent::create($data); } + + public static function addOwnerClause(Builder $builder) + { + $builder->whereIn('owner', backpack_user()->getManagedUsers()); + } } diff --git a/app/Models/User.php b/app/Models/User.php index c51b446c3..f06cb77ea 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -4,5 +4,6 @@ namespace App\Models; class User extends \Cubedesigners\UserDatabase\User { - protected $_syncDbSchema=false; + protected $_syncDbSchema = false; + } diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 89f36732d..570493cd1 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -3,12 +3,34 @@ namespace App\Providers; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; +use Illuminate\Support\Facades\Gate; class AuthServiceProvider extends ServiceProvider { + /** + * The policy mappings for the application. + * + * @var array + */ + protected $policies = [ + // 'App\Model' => 'App\Policies\ModelPolicy', + ]; + /** + * Register any authentication / authorization services. + * + * @return void + */ public function boot() { $this->registerPolicies(); + Gate::before(function ($user, $ability) { + return $user->hasRole('superadmin') ? true : null; + }); + + Gate::before(function ($user, $ability) { + debug($user); + return $user->hasPermissionTo($ability) ? true : null; + }); } } diff --git a/composer.lock b/composer.lock index 83a2af7f7..55ce22f0f 100644 --- a/composer.lock +++ b/composer.lock @@ -990,13 +990,13 @@ "source": { "type": "git", "url": "git://git.cubedesigners.com/cubedesigners_userdatabase.git", - "reference": "10088864870b63e2a3d27e3e9b3cc25c8cbe4019" + "reference": "e38d10f283a03e3dd79d046f3634fd95e1c5e9f0" }, "dist": { "type": "tar", - "url": "https://composer.cubedesigners.com/dist/cubedesigners/userdatabase/cubedesigners-userdatabase-dev-master-26ae6b.tar", - "reference": "10088864870b63e2a3d27e3e9b3cc25c8cbe4019", - "shasum": "763d02b2f8b22febab7c26e19e302ecd1b118ccd" + "url": "https://composer.cubedesigners.com/dist/cubedesigners/userdatabase/cubedesigners-userdatabase-dev-master-9f9fc8.tar", + "reference": "e38d10f283a03e3dd79d046f3634fd95e1c5e9f0", + "shasum": "81d40c0a9e6c556799cf8d8ed4ad05fb61d778af" }, "require": { "cubist/cms-back": "dev-master" @@ -1017,7 +1017,7 @@ } ], "description": "Cubedesigners common users database", - "time": "2020-11-25T20:21:18+00:00" + "time": "2020-12-01T17:19:49+00:00" }, { "name": "cubist/cms-back", diff --git a/config/auth.php b/config/auth.php index aaf982bcd..f6c662bf1 100644 --- a/config/auth.php +++ b/config/auth.php @@ -14,7 +14,7 @@ return [ */ 'defaults' => [ - 'guard' => 'web', + 'guard' => 'backpack', 'passwords' => 'users', ], @@ -36,7 +36,7 @@ return [ */ 'guards' => [ - 'web' => [ + 'backpack' => [ 'driver' => 'session', 'provider' => 'users', ], @@ -68,7 +68,7 @@ return [ 'providers' => [ 'users' => [ 'driver' => 'eloquent', - 'model' => App\User::class, + 'model' => \App\Models\AuthUser::class, ], // 'users' => [ diff --git a/config/backpack/base.php b/config/backpack/base.php index 991a8d893..4774d9540 100644 --- a/config/backpack/base.php +++ b/config/backpack/base.php @@ -201,14 +201,14 @@ return [ */ // Fully qualified namespace of the User model - 'user_model_fqn' => App\Models\User::class, + 'user_model_fqn' => App\Models\AuthUser::class, // The classes for the middleware to check if the visitor is an admin // Can be a single class or an array of clases 'middleware_class' => [ App\Http\Middleware\CheckIfAdmin::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, - // \Backpack\CRUD\app\Http\Middleware\UseBackpackAuthGuardInsteadOfDefaultAuthGuard::class, + \Backpack\CRUD\app\Http\Middleware\UseBackpackAuthGuardInsteadOfDefaultAuthGuard::class, ], // Alias for that middleware diff --git a/config/backpack/permissionmanager.php b/config/backpack/permissionmanager.php index 6396f8d3b..c963c0469 100644 --- a/config/backpack/permissionmanager.php +++ b/config/backpack/permissionmanager.php @@ -12,7 +12,7 @@ return [ */ 'models' => [ - 'user' => App\Models\User::class, + 'user' => App\Models\AuthUser::class, 'permission' => Backpack\PermissionManager\app\Models\Permission::class, 'role' => Backpack\PermissionManager\app\Models\Role::class, ], diff --git a/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php b/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php index 9648e1b5c..743936148 100644 --- a/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php +++ b/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php @@ -34,7 +34,7 @@ @endcanany -@canany(['users:read','company:read']) +@canany(['users:read','company:read','managerolesandpersmissions'])
  • Clients