/**
  * Check if the user has the permission for the action described
  * by $type (entity), $action (view, update, ...) and $key (entity name).
  *
  * @param $login
  * @param $type
  * @param $action
  * @param $key
  * @return mixed
  */
 function checkAccess($login, $type, $action, $key)
 {
     if ($login == Auth::user()->login) {
         $user = Auth::user();
     } else {
         $user = User::where("login", $login)->first();
     }
     if ($user) {
         if ($key == "zone") {
             return $user->login == "admin";
         } elseif ($key == "giraffe") {
             switch ($action) {
                 case "delete":
                 case "create":
                     return $user->login == "admin";
             }
         }
         return true;
     }
     return false;
 }
Beispiel #2
0
 public function run()
 {
     DB::table('users')->delete();
     User::create(["login" => "admin", "email" => "*****@*****.**", "password" => Hash::make('admin'), "is_sharp_user" => true]);
     User::create(["login" => "bob", "email" => "*****@*****.**", "password" => Hash::make('bob'), "is_sharp_user" => true]);
 }