/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//get currrnt user
$user = \Sentinel::getUser();
if ($user->inRole('coder')) {
return $next($request);
} else {
return \Redirect::back()->with('message', 'You do not have the permission to access this page');
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!\Sentinel::check() || !\Sentinel::getUser()->inRole('admin')) {
return redirect('/');
}
return $next($request);
}
/**
* Set the resource's model and validator.
* @param ResourceServiceModelContract $model Resource's model
* @param InputValidatorContract $inputValidator Resource's input validator
*/
public function __construct(ResourceServiceModelContract $model, InputValidatorContract $inputValidator = null)
{
$this->model = $model;
$this->inputValidator = $inputValidator;
$this->user = new SentinelServiceUserAdapter(\Sentinel::getUser());
// TODO: extract out
}
public function index()
{
$user = \Sentinel::getUser();
if (Sentinel::hasAccess('admin')) {
return view('admin.index');
}
}
public function logout()
{
$user = \Sentinel::getUser();
\Sentinel::logout($user);
event(new Logout($user->getUserId()));
return redirect('/');
}
public function doLogin(Request $request)
{
// dd($request);
//get the users credentials
$credentials = ['login' => $request->email];
//check if there is a match for the email and pword provided
$user = \Sentinel::findByCredentials($credentials);
//if there is no match redirect to login page ith input
if (is_null($user)) {
// dd($user);
session()->flash('flash_message', 'Login failure.');
session()->flash('flash_message_important', true);
return \Redirect::back()->withInput();
}
//attempt to login
$login = isset($request->remember_me) && $request->remember_me == 1 ? $user = \Sentinel::login($user) : ($user = \Sentinel::login($user));
// store user info in session
$user = \Sentinel::getUser();
\Session::put('user', $user);
//store user's role in session
$roles = [];
foreach ($user->roles as $role) {
$roles[] = $role;
}
\Session::put('roles', $roles);
//store session and term info in session
$term_info = DB::table('current_term')->orderBy('created_at', 'desc')->first();
if (null !== $term_info) {
\Session::put(['current_session' => $term_info->session, 'current_term' => $term_info->term]);
}
return \Redirect::intended();
}
/**
* Log a user out
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function logout()
{
$user = \Sentinel::getUser();
\Sentinel::getUserRepository()->recordLogout($user);
\Sentinel::logout();
return redirect('/');
}
public function getHome()
{
//widget Configurations
$user = \Sentinel::getUser();
/* if($user->hasAccess('admin')){
}
if($user->hasAccess('member')){
}*/
return view('admin.index', compact('user'));
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//get currrnt user
$user = \Sentinel::getUser();
if ($user->inRole('admin_dept_officer')) {
return $next($request);
} else {
session()->flash('flash_message', 'You do not have the permission to access this page');
session()->flash('flash_message_important', true);
return \Redirect::back();
}
}
/**
* Set created_by and updated_by to the current logged in user
*/
public static function boot()
{
parent::boot();
$user = Sentinel::getUser();
// Setup event bindings...
static::creating(function ($model) use($user) {
$model->created_by = $user->id;
$model->updated_by = $user->id;
});
static::updating(function ($model) use($user) {
$model->updated_by = $user->id;
});
}
/**
* extending hieu-le/active function
*
* @param int $user_id
*
* @return bool
*/
function is_admin($user_id = null)
{
if ($user_id) {
$user = Sentinel::findById($user_id);
} else {
if (Sentinel::check()) {
$user = Sentinel::getUser();
} else {
return false;
}
}
$admin = Sentinel::findRoleByName('Administrator');
return $user && $user->inRole($admin);
}
public function createOrUpdate(Product $product)
{
if ($product === null) {
return null;
}
$product->save();
if (\Request::input('note')) {
$note = new Note();
$note->note = \Request::input('note');
$note->user_id = \Sentinel::getUser()->id;
$note->created_by = \Sentinel::getUser()->id;
$note->reference_type = 'articles';
$note->reference_id = $product->id;
$note->save();
}
return $product;
}
/**
* Register the application services.
*
* @return void
*/
public function register()
{
$this->app->register('ErenMustafaOzdal\\LaravelUserModule\\LaravelUserModuleComposerServiceProvider');
$this->app->register('ErenMustafaOzdal\\LaravelModulesBase\\LaravelModulesBaseServiceProvider');
$this->mergeConfigFrom(__DIR__ . '/../config/laravel-user-module.php', 'laravel-user-module');
// merge default configs with publish configs
$this->mergeDefaultConfig();
$router = $this->app['router'];
$router->middleware('guest', \ErenMustafaOzdal\LaravelUserModule\Http\Middleware\RedirectIfAuthenticated::class);
$router->middleware('auth', \ErenMustafaOzdal\LaravelUserModule\Http\Middleware\Authenticate::class);
// model binding
$router->bind(config('laravel-user-module.url.user'), function ($id) {
$user = \App\User::findOrFail($id);
if (config('laravel-user-module.non_visibility.super_admin') && !\Sentinel::getUser()->is_super_admin && $user->is_super_admin) {
abort(403);
}
return $user;
});
$router->model(config('laravel-user-module.url.role'), 'App\\Role');
$router->model('role', 'App\\Role');
}
/**
* Insert new Article into database
*
* @return Response Redirect
*/
public function postEdit($id, ProductRequest $request)
{
$product = $this->productRepository->findById($id);
$product->fill($request->all());
if ($request->input('featured') == null) {
$product->featured = false;
}
$product = $this->productRepository->createOrUpdate($product);
$this->registerMediaLibraryProcessing($product);
$tags = $product->tags->lists('name')->all();
if (implode(',', $tags) !== $request->get('tag')) {
$product->tags()->detach();
$tagInputs = explode(',', $request->get('tag'));
foreach ($tagInputs as $tagName) {
$tag = $this->tagRepository->findByName($tagName);
if ($tag === null) {
$tag = new Tag();
$tag->name = $tagName;
$tag->user_id = \Sentinel::getUser()->id;
$tag = $this->tagRepository->createOrUpdate($tag, $request);
}
$product->tags()->attach($tag->id);
}
}
event(new AuditHandlerEvent('Product', 'updated', $product->id));
\Cache::forget('home_widget_featured');
if ($request->get('submit') === 'save') {
return redirect()->route('products.list')->with('success_msg', trans('notices.update_success_message'));
} elseif ($request->get('submit') === 'apply') {
return redirect()->route('products.edit', $id)->with('success_msg', trans('notices.update_success_message'));
}
}
/**
* get operation buttons
*
* @param \Illuminate\Support\Collection $model
* @param string $currentPage
* @param boolean $isPublishable
* @param \Illuminate\Support\Collection|null $relatedModel
* @param string $modelRouteRegex
* @return string
*/
function getOps($model, $currentPage, $isPublishable = false, $relatedModel = null, $modelRouteRegex = '')
{
$routeName = snake_case(class_basename($model));
$routeParams = ['id' => $model->id];
if (!is_null($relatedModel)) {
$routeName = snake_case(class_basename($relatedModel)) . '.' . $routeName;
$routeParams = ['id' => $relatedModel->id, $modelRouteRegex => $model->id];
}
$ops = Form::open(['method' => 'DELETE', 'url' => lmbRoute("admin.{$routeName}.destroy", $routeParams), 'style' => 'margin:0', 'id' => "destroy_form_{$model->id}"]);
// edit buton
if ($currentPage !== 'edit') {
$hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.show") ? "admin.{$routeName}.show#####" . $relatedModel->id : "admin.{$routeName}.edit";
if ($routeName === 'user' && $model->id === Sentinel::getUser()->id || hasPermission($hackedRoute)) {
$ops .= '<a href="' . lmbRoute("admin.{$routeName}.edit", $routeParams) . '" class="btn btn-sm btn-outline yellow margin-right-10">';
$ops .= '<i class="fa fa-pencil"></i>';
$ops .= '<span class="hidden-xs">';
$ops .= trans('laravel-modules-core::admin.ops.edit');
$ops .= '</span>';
$ops .= '</a>';
}
}
// show buton
if ($currentPage !== 'show') {
$hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.show") ? "admin.{$routeName}.show#####" . $relatedModel->id : "admin.{$routeName}.show";
if ($routeName === 'user' && $model->id === Sentinel::getUser()->id || hasPermission($hackedRoute)) {
$ops .= '<a href="' . lmbRoute("admin.{$routeName}.show", $routeParams) . '" class="btn btn-sm btn-outline green margin-right-10">';
$ops .= '<i class="fa fa-search"></i>';
$ops .= '<span class="hidden-xs">';
$ops .= trans('laravel-modules-core::admin.ops.show');
$ops .= '</span>';
$ops .= '</a>';
}
}
// silme butonu
$hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.destroy") ? "admin.{$routeName}.destroy#####" . $relatedModel->id : "admin.{$routeName}.destroy";
if (hasPermission($hackedRoute)) {
if ($routeName !== 'user' || $model->id !== Sentinel::getUser()->id) {
$ops .= '<button type="submit" onclick="bootbox.confirm( \'' . trans('laravel-modules-core::admin.ops.destroy_confirmation') . '\', function(r){if(r) $(\'#destroy_form_' . $model->id . '\').submit();}); return false;" class="btn btn-sm red btn-outline margin-right-10">';
$ops .= '<i class="fa fa-trash"></i>';
$ops .= '<span class="hidden-xs">';
$ops .= trans('laravel-modules-core::admin.ops.destroy');
$ops .= '</span>';
$ops .= '</button>';
}
}
// yayınlama veya yayından kaldırma butonu
if ($isPublishable) {
// yayından kaldırma
if ($model->is_publish) {
$hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.notPublish") ? "admin.{$routeName}.notPublish#####" . $relatedModel->id : "admin.{$routeName}.notPublish";
if (hasPermission($hackedRoute)) {
$ops .= '<a href="' . lmbRoute("admin.{$routeName}.notPublish", $routeParams) . '" class="btn btn-sm btn-outline purple margin-right-10">';
$ops .= '<i class="fa fa-times"></i>';
$ops .= '<span class="hidden-xs">';
$ops .= trans('laravel-modules-core::admin.ops.not_publish');
$ops .= '</span>';
$ops .= '</a>';
}
} else {
$hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.publish") ? "admin.{$routeName}.publish#####" . $relatedModel->id : "admin.{$routeName}.publish";
if (hasPermission($hackedRoute)) {
$ops .= '<a href="' . lmbRoute("admin.{$routeName}.publish", $routeParams) . '" class="btn btn-sm btn-outline blue margin-right-10">';
$ops .= '<i class="fa fa-bullhorn"></i>';
$ops .= '<span class="hidden-xs">';
$ops .= trans('laravel-modules-core::admin.ops.publish');
$ops .= '</span>';
$ops .= '</a>';
}
}
}
$ops .= Form::close();
return $ops;
}
@extends('app')
@section('container')
<div class="vd_content-section clearfix">
<div class="row">
<div class="col-sm-3">
<div class="panel widget light-widget panel-bd-top">
<div class="panel-heading no-title"> </div>
<div class="panel-body">
<div class="text-center vd_info-parent"> <img src="/images/blog/avatar3.png"> </div>
<?php
$user = \Sentinel::getUser();
?>
<h2 class="font-semibold mgbt-xs-5">{{ $user->first_name . $user->last_name }}</h2>
<div class="mgtp-20">
<table class="table table-striped table-hover">
<tbody>
<tr>
<td style="width:60%;">Status</td>
@if (Activation::completed($user))
<td><span class="label label-success">Active</span></td>
@endif
</tr>
<tr>
<td>Member Since</td>
<td> {{ Carbon\Carbon::parse($user->created_at)->format('d-m-Y') }} </td>
</tr>
public function getLoggedUser()
{
return \Sentinel::getUser();
}
public function __construct()
{
$this->beforeFilter('auth');
$this->user = Sentinel::getUser();
}
/**
* Upload the image.
*
* @return Response
*/
public function upload(Request $request)
{
if (!$request->file('file')->isValid()) {
abort(400, 'Invalid file!');
}
$raw = $request->file('file');
// Create model
$model = Image::createFromUpload($raw, Sentinel::getUser()->id);
return;
}
case 'CSV':
$method = 'nd';
break;
default:
$method = 'nw';
break;
}
$url = str_replace(array('rss.pml.php'), array('rss.php'), $url) . '?f=' . urlencode($file_id) . '&l=' . urlencode(isset($_GET['l']) ? $_GET['l'] : $lang) . '&tz=' . urlencode($tz) . '&format=' . urlencode($format) . '&count=' . (isset($files[$file_id]['max']) ? urlencode($files[$file_id]['max']) : urlencode(LOGS_MAX)) . '&timeout=' . urlencode(MAX_SEARCH_LOG_TIME) . '&search=' . urlencode(@$_POST['search']);
$current_user = Sentinel::attempt($files);
// We authenticate the url if a user is logged in
// -> if log is anonymous, the request will be authenticated and if an admin remove
// the anonymous log, this user will always be able to get it
// -> if the log file is protected, this user will be able to get ot according to its rights
if (!is_null($current_user)) {
$username = Sentinel::getCurrentUsername();
$user = Sentinel::getUser($username);
$token = $user['at'];
$hash = Sentinel::sign(array('f' => $_POST['file']), $username);
$url = $url . '&t=' . urlencode($token) . '&h=' . urlencode($hash);
}
$u = parse_url($url);
$ip = $u['host'];
if (filter_var($ip, FILTER_VALIDATE_IP)) {
$return['war'] = !is_not_local_ip($ip);
} else {
if ($ip === 'localhost') {
$return['war'] = true;
} else {
$return['war'] = false;
}
}
public function fetchSheet(Request $request)
{
// dd($request->class);
$class_id = $request->class;
$data['title'] = 'Scoresheet';
$data['results_menu'] = 1;
//data for selecting class
$staff = Staff::find(\Session::get('user')->staff_id);
if (\Sentinel::getUser()->inRole('principal') or \Sentinel::getUser()->inRole('coder')) {
$data['classes'] = studentClass::lists('name', 'id')->prepend('Select a class');
} else {
$classes = array('Please select a class');
foreach ($staff->classes as $class) {
$classes[$class->id] = $class->name;
}
$data['classes'] = $classes;
}
// dd($request);
if ($class_id == 0) {
session()->flash('flash_message', 'Select a class');
// session()->flash('flash_message_important', true);
return \Redirect::to('academics/results');
}
$class = studentClass::where(['id' => $class_id])->first();
$subjects = \DB::table('class_subject')->where(['class_id' => $class_id])->get();
$students = Student::where(['class_id' => $class_id])->get();
//add students to class results table with initial values of zero
foreach ($students as $student) {
foreach ($class->subjects as $subject) {
//ensure that at least a session variable has been set. If there is at least on session variable set, the system will run well else it'll throw an error
if (CurrentTerm::all() !== null) {
$table = 'class_results_' . \Session::get('current_session') . '_' . \Session::get('current_term');
$positions_table = 'class_positions_' . \Session::get('current_session') . '_' . \Session::get('current_term');
$subject_exemption_table = 'subject_ex_' . \Session::get('current_session') . '_' . \Session::get('current_term');
//initialize class results table
try {
\DB::table($table)->insert(['class_id' => $class->id, 'student_id' => $student->id, 'subject_id' => $subject->id, 'created_at' => date('Y-m-d H:i:s'), 'updated_at' => date('Y-m-d H:i:s')]);
} catch (\Illuminate\Database\QueryException $e) {
$errorCode = $e->errorInfo[1];
// if($errorCode == 1062){
// session()->flash('flash_message', 'Session and Term variables have alreaddy been created.');
// return \Redirect::back()->withInput($request->except('element_id', 'amount'));
// }
}
//initialize class positions table
try {
\DB::table($positions_table)->insert(['class_id' => $class->id, 'student_id' => $student->id]);
} catch (\Illuminate\Database\QueryException $e) {
$errorCode = $e->errorInfo[1];
// if($errorCode == 1050){
// session()->flash('flash_message', 'Result table for chosen session and term already exists.');
// return \Redirect::back()->withInput();
// }
}
//initialize subject exemption table
try {
\DB::table($subject_exemption_table)->insert(['class_id' => $class->id, 'student_id' => $student->id, 'subject_id' => $subject->id]);
} catch (\Illuminate\Database\QueryException $e) {
$errorCode = $e->errorInfo[1];
if ($errorCode == 1050) {
session()->flash('flash_message', 'Result table for chosen session and term already exists.');
return \Redirect::back()->withInput();
}
}
} else {
session()->flash('flash_message', 'Please set session variables. Go to Settings>school settings');
return redirect()->back()->withInput();
}
}
}
$data['class'] = $class;
$data['subjects'] = $subjects;
$data['students'] = $students;
$data['selected_class'] = 1;
return view('academics.results.index', $data);
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function __construct()
{
$this->user = \Sentinel::getUser();
}
<label for="name" class="control-label">Name</label>
<div class="controls">
<input type="text" name="name" id="name" value="<?php
echo Sentinel::check() ? Sentinel::getUser()->first_name . " " . Sentinel::getUser()->last_name : "";
?>
" class="form-control" />
</div>
</div>
</div>
<div class="col-lg-6">
<div class="control-group">
<label for="email" class="control-label">Email</label>
<div class="controls">
<input type="text" name="email" id="email" value="<?php
echo Sentinel::check() ? Sentinel::getUser()->email : "";
?>
" class="form-control" />
</div>
</div>
</div>
</div>
<div class="row-fluid">
<div class="col-lg-6">
<div class="control-group">
<label for="subject" class="control-label">Subject</label>
<div class="controls">
<input type="text" name="subject" id="subject" value="" class="form-control" />
</div>
</div>
public function logout()
{
// we get the current user
$user = \Sentinel::getUser();
// we logout the user
try {
Sentinel::logout();
Modal::alert([trans('auth.message.logout.success', ['name' => $user->first_name . ' ' . $user->last_name])], 'success');
return redirect(route('home'));
} catch (Exception $e) {
// we log the error
CustomLog::error($e);
// we notify the current user
Modal::alert([trans('auth.message.logout.failure', ['name' => $user->first_name . ' ' . $user->last_name]), trans('global.message.global.failure.contact.support', ['email' => config('settings.support_email')])], 'error');
return redirect()->back();
}
}
/**
* @param $id
* @return mixed
*/
public function destroy($id)
{
// we get the image
try {
$image = $this->repository->find($id);
} catch (Exception $e) {
// we notify the current user
Modal::alert([trans('libraries.images.message.find.failure', ['id' => $id]), trans('global.message.global.failure.contact.support', ['email' => config('settings.support_email')])], 'error');
return redirect()->back();
}
// we check the current user permission
if (!Permission::hasPermission('libraries.images.delete')) {
// we redirect the current user to the images list if he has the required permission
if (Sentinel::getUser()->hasAccess('libraries.images.page.view')) {
return redirect()->route('libraries.images.page.edit');
} else {
// or we redirect the current user to the home page
return redirect()->route('backoffice.index');
}
}
try {
// we remove the news image
if ($image->src) {
ImageManager::remove($image->src, $image->storagePath(), $image->availableSizes('image'));
}
// we delete the role
$image->delete();
Modal::alert([trans('libraries.images.message.delete.success', ['image' => $image->src])], 'success');
return redirect()->route('libraries.images.index');
} catch (Exception $e) {
// we log the error
CustomLog::error($e);
// we notify the current user
Modal::alert([trans('libraries.images.message.delete.failure', ['image' => $image->src]), trans('global.message.global.failure.contact.support', ['email' => config('settings.support_email')])], 'error');
return redirect()->route('libraries.images.index');
}
}
public function __construct()
{
parent::__construct();
$this->user = Sentinel::getUser();
$this->isLoggedIn = Sentinel::check();
}
Sentinel::save();
break;
/*
|--------------------------------------------------------------------------
| Profile get
|--------------------------------------------------------------------------
|
*/
/*
|--------------------------------------------------------------------------
| Profile get
|--------------------------------------------------------------------------
|
*/
case 'profile_get':
$user = Sentinel::getUser($current_user);
$accesstoken = $user['at'];
$hashpresalt = $user['hp'];
$r = '';
$r .= '<div class="form-group">';
$r .= '<label for="" class="col-sm-3 control-label">' . __('Access token') . '</label>';
$r .= '<div class="col-sm-5">';
$r .= '<div class="input-group">';
$r .= '<span class="input-group-addon"><span class="glyphicon glyphicon-certificate"></span></span>';
$r .= '<input type="text" id="prat" class="form-control" value="' . h($accesstoken) . '" disabled="disabled"/>';
$r .= '</div>';
$r .= '</div>';
$r .= '<div class="col-sm-4">';
$r .= '<a class="btn btn-xs btn-primary clipboardat">' . __('Copy to clipboard') . '</a>';
$r .= '</div>';
$r .= '</div>';
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index()
{
$allpayments = Payments::paginate(15);
return view('settings.payments.index', array('user' => \Sentinel::getUser(), 'payments' => $allpayments));
}
/**
* Return current active user id
*
* @return int
*/
protected function getUserId()
{
try {
if (class_exists('\\Auth') && ($userId = \Auth::id())) {
return $userId;
}
} catch (\Exception $e) {
}
try {
if (class_exists('\\Sentinel') && ($user = \Sentinel::getUser())) {
return $user->id;
}
} catch (\Exception $e) {
}
try {
if (class_exists('\\Sentry') && ($user = \Sentry::getUser())) {
return $user->id;
}
} catch (\Exception $e) {
}
}
<body>
<div id="wrapper">
<!-- Navigation -->
<nav class="navbar navbar-default navbar-static-top" role="navigation" style="margin-bottom: 0">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<?php
$admin = \Sentinel::getUser();
?>
<a class="navbar-brand" href="index">{{ $admin->first_name }}</a>
</div>
<!-- /.navbar-header -->
<ul class="nav navbar-top-links navbar-right">
<li class="dropdown">
<a href="/">
<i class="fa fa-home"></i> Home
</a>
</li>
<!-- /.dropdown -->
