<?php
use App\Role;
use App\User;
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Entrust::routeNeedsRole('dashboard*', 'business');
Entrust::routeNeedsRole('profile*', 'member');
Route::get('profile', 'ProfileController@getProfile');
Route::get('profile/account', 'ProfileController@getProfile');
Route::post('profile/account', 'ProfileController@postProfile');
Route::get('profile/reviews', 'ProfileController@getReviews');
Route::get('profile/jobs', 'ProfileController@getJobs');
Route::get('dashboard', 'AccountController@getReviews');
Route::get('get_towns/{term?}', 'CitiesController@getTowns');
Route::get('dashboard/account', 'AccountController@getReviews');
Route::get('dashboard/account/reviews', 'AccountController@getReviews');
Route::post('dashboard/account/request_reviews', 'AccountController@postReviewRequests');
Route::get('dashboard/account/settings', 'AccountController@getSettings');
Route::get('dashboard/account/business', 'AccountController@getBusiness');
Route::get('dashboard/account/jobs', 'AccountController@getJobs');
Route::post('dashboard/account/update-account-detail', 'AccountController@update_account_detail');
Route::get('/', function () {
Route::get('/entrust', function () {
$owner = new App\Role();
$owner->name = 'owner';
$owner->display_name = 'Project Owner';
// optional
$owner->description = 'User is the owner of a given project';
// optional
$owner->save();
$admin = new App\Role();
$admin->name = 'admin';
$admin->display_name = 'User Administrator';
// optional
$admin->description = 'User is allowed to manage and edit other users';
// optional
$admin->save();
echo 1;
$user = new \App\User();
$user->name = "John Nguyen";
$user->email = "*****@*****.**";
$user->password = bcrypt('123456');
$user->save();
$user->attachRole($admin);
});
Route::get('/create-user', function () {
dd(Auth::user());
});
Entrust::routeNeedsRole('create-user', 'owner', Redirect::to('/auth/login'));
Route::get('list-routes', function () {
$routeCollection = Route::getRoutes();
dd($routeCollection);
});
<?php
//Test Route
#Route::get('/', function(){
# dd(\App\Models\User::with('company')->find(1));
#});
Entrust::routeNeedsRole('users', 'admin', Redirect::to('unauthorized'));
Entrust::routeNeedsRole('users/*', 'admin', Redirect::to('unauthorized'));
Entrust::routeNeedsRole('companies', 'admin', Redirect::to('unauthorized'));
Entrust::routeNeedsRole('companies/*', 'admin', Redirect::to('unauthorized'));
Entrust::routeNeedsRole('orders/update', 'admin', Redirect::to('unauthorized'));
Entrust::routeNeedsRole('orders/viewOpenOrders', 'admin', Redirect::to('unauthorized'));
Entrust::routeNeedsRole('products/*', 'admin', Redirect::to('unauthorized'));
//Unauthorized Route
Route::get('unauthorized', function () {
return view('unauthorized');
});
//Home Routes
Route::get('/', 'ProductController@index');
Route::get('home', 'ProductController@index');
//Authentication routes
Route::controllers(['auth' => 'Auth\\AuthController', 'password' => 'Auth\\PasswordController']);
//Product Routes
Route::resource('products', 'ProductController');
//User Routes
Route::resource('users', 'UsersController', ['only' => ['index', 'show']]);
//Checkout Routes
Route::resource('checkout', 'CheckoutController');
//Company Routes
Route::resource('companies', 'CompanyController');
//Order Routes
|
| Access filters based on roles.
|
*/
// Check for role on all admin routes
Entrust::routeNeedsRole('admin*', array('admin'), Redirect::to('/'));
Entrust::routeNeedsRole('contacts', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('documents*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('events*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('hotels*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('hospitalities*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('pictures*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('search*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('tickets*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('companies*', array('admin', 'User'), Redirect::intended('/'), false);
Entrust::routeNeedsRole('venues*', array('admin', 'User'), Redirect::intended('/'), false);
// Check for permissions on admin actions
Entrust::routeNeedsPermission('admin/blogs*', 'manage_blogs', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/comments*', 'manage_comments', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/users*', 'manage_users', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/roles*', 'manage_roles', Redirect::to('/admin'));
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
if (Session::token() != Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
// Permission filter for sales module
Entrust::routeNeedsPermission('sales*', ['view_sales']);
// Permission filter for customers
Entrust::routeNeedsPermission('customer*', ['manage_customers']);
Entrust::routeNeedsRole('admin*', ['Admin']);
Route::filter('users.manage', function () {
if (!Entrust::can('manage_users')) {
return Response::make('Unauthorized', 403);
}
});
Route::filter('request.create', function () {
if (Entrust::can('direct_award')) {
return;
}
if (!Entrust::can('create_quotations')) {
return Redirect::route('sales.index')->with('message', 'You do not have permission to view create RFQs.')->with('alert-class', 'danger');
}
});
Route::filter('request.view', function ($route) {
// Bypass if direct award
Route::get('/personal/engine', 'PersonalController@engine');
Route::get('/personal/engine_action', 'PersonalController@engineAction');
Route::get('/personal/exception', 'PersonalController@exception');
Route::post('/personal/exception', 'PersonalController@postException');
Route::get('/personal/overmilleage', 'PersonalController@overmilleage');
Route::get('/personal/overshift', 'PersonalController@overshift');
Route::get('/personal/orders', 'PersonalController@ordersFromSite');
Route::get('/personal/carlist', 'PersonalController@carList');
Route::get('/personal/last_connect', 'PersonalController@lastConnect');
Route::get('/personal/user/list', 'UsersController@userlists');
Route::get('/personal/user/edit/{id}', 'UsersController@userEdit');
Route::post('/personal/user_edit', 'UsersController@postUserEdit');
Route::get('/personal/user/create', 'UsersController@createUser');
Route::post('/personal/user/create', 'UsersController@postCreateUser');
Route::get('/personal/user/delete/{id}', 'UsersController@deleteUser');
Route::get('/personal/airport', ['uses' => 'AirportController@orders']);
Route::post('/personal/airport/note_edit', ['uses' => 'AirportController@noteEdit']);
Route::post('/personal/airport/time_edit', ['uses' => 'AirportController@timeEdit']);
Route::get('/personal/test/', 'PersonalController@aircraft');
Route::get('/personal/shifts_to_credit/', 'PersonalController@shiftsToCredit');
Route::post('/personal/shifts_to_credit/', 'PersonalController@postShiftsToCredit');
Route::get('/personal/new_debtor_id/', 'PersonalController@newDebtorID');
Route::get('/personal/compensation/', 'PersonalController@compensation');
Route::post('/personal/compensation/', 'PersonalController@postCompensation');
Route::post('/personal/add_for_waiting/', 'PersonalController@addForWaiting');
Route::get('/personal/has_second_id/', 'PersonalController@hasSecondID');
Route::get('/personal/get_shifts/', 'PersonalController@getShifts');
Route::get('/personal/configs', 'PersonalController@configs');
Route::get('/personal/configActions', 'PersonalController@configActions');
Entrust::routeNeedsRole('personal/user/*', 'admin');
Entrust::routeNeedsRole('purchaseRequest/edit', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('purchaseRequest/vieweach/*', array('Administrator', 'Procurement Personnel', 'Requisitioner'), Redirect::to('/'), false);
Entrust::routeNeedsRole('purchaseRequest/edit/*', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
// Image Upload
Entrust::routeNeedsRole('back', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('pr_imageupload', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('attach/*', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('pr_id', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('resultstest', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
// Filter for Workflow Module
Entrust::routeNeedsRole('workflow/below-fifty', array('Administrator', 'Procurement Personnel', 'Requisitioner'), Redirect::to('/'), false);
// Filter for JAN Routes
Entrust::routeNeedsRole('workflow/belowFifty', array('Administrator'), Redirect::to('/'), false);
Entrust::routeNeedsRole('workflow/aboveFifty', array('Administrator'), Redirect::to('/'), false);
Entrust::routeNeedsRole('workflow/workflow/aboveFive', array('Administrator'), Redirect::to('/'), false);
Entrust::routeNeedsRole('workflow', array('Administrator'), Redirect::to('/'), false);
// Filter for Designations
Entrust::routeNeedsRole('designation', array('Administrator'), Redirect::to('/'));
Entrust::routeNeedsRole('designation/delete/*', array('Administrator'), Redirect::to('/'));
Entrust::routeNeedsRole('designation/create', array('Administrator'), Redirect::to('/'));
Entrust::routeNeedsRole('designation/*', array('Administrator'), Redirect::to('/'));
Entrust::routeNeedsRole('designation/*/edit', array('Administrator'), Redirect::to('/'));
Entrust::routeNeedsRole('designation/*/members', array('Administrator'), Redirect::to('/'));
// Filter for Task
Entrust::routeNeedsRole('task/active', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('task/overdue', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('task/new', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Entrust::routeNeedsRole('task/*', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
// Filter for Summary
Entrust::routeNeedsRole('summary', array('Administrator', 'Procurement Personnel'), Redirect::to('/'), false);
Route::post('/login', ['as' => 'login.submit', 'uses' => 'Auth\\AuthController@postLogin']);
Route::get('/logout', ['as' => 'logout', 'uses' => 'Auth\\AuthController@getLogout']);
// Password reset link request routes...
Route::get('password', ['as' => 'password', 'uses' => 'Auth\\PasswordController@getEmail']);
Route::post('password', ['as' => 'password.submit', 'uses' => 'Auth\\PasswordController@postEmail']);
// Password reset routes...
Route::get('password/reset/{token}', ['as' => 'password.reset', 'uses' => 'Auth\\PasswordController@getReset']);
Route::post('password/reset', ['as' => 'password.reset.submit', 'uses' => 'Auth\\PasswordController@postReset']);
Entrust::routeNeedsRole('cliente*', ['administrativo', 'admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('presupuesto*', ['administrativo', 'admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('proyecto*', ['administrativo', 'admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('impuesto*', ['financiero', 'admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('factura*', ['financiero', 'admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('producto*', ['admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('servicio*', ['admin'], Redirect::to('dashboard'), false);
Entrust::routeNeedsRole('usuario*', ['administrativo', 'admin'], Redirect::to('dashboard'), false);
Route::resource("producto", "ProductoController");
Route::resource("servicio", "ServicioController");
Route::resource("cliente", "ClienteController");
Route::resource("factura", "FacturaController");
Route::resource("impuesto", "ImpuestoController");
Route::resource("presupuesto", "PresupuestoController");
Route::resource("proyecto", "ProyectoController");
Route::resource("usuario", "UsuarioController");
Route::post("producto/buscar", ["as" => "producto.search", "uses" => "ProductoController@search"]);
Route::post("servicio/buscar", ["as" => "servicio.search", "uses" => "ServicioController@search"]);
Route::post("usuario/buscar", ["as" => "usuario.search", "uses" => "UsuarioController@search"]);
Route::post("cliente/buscar", ["as" => "cliente.search", "uses" => "ClienteController@search"]);
Route::post("factura/buscar", ["as" => "factura.search", "uses" => "FacturaController@search"]);
Route::post("presupuesto/buscar", ["as" => "presupuesto.search", "uses" => "PresupuestoController@search"]);
Route::post("proyecto/buscar", ["as" => "proyecto.search", "uses" => "ProyectoController@search"]);
<?php
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::get('/', 'DashboardController@index');
Route::get('/home', 'DashboardController@index');
//Protect actions on the user controller => https://github.com/Zizaco/entrust
Entrust::routeNeedsRole('users*', 'admin');
Route::get('/users', 'UsersController@index');
Route::get('/users/edit/{id?}', 'UsersController@edit');
Route::post('/users', 'UsersController@store');
Route::post('/users/destroy', 'UsersController@destroy');
Route::controllers(['auth' => 'Auth\\AuthController', 'password' => 'Auth\\PasswordController']);
/*
|--------------------------------------------------------------------------
| Role Permissions
|--------------------------------------------------------------------------
|
| Access filters based on roles.
|
*/
// Check for role on all admin routes
Entrust::routeNeedsRole('admin/*', array('admin'), function () {
$user = null;
$is_admin = false;
if (!Auth::guest()) {
$user = Auth::user();
}
if ($user !== null) {
$is_admin = $user->hasRole('admin');
}
if (Request::ajax() === false && $is_admin === false) {
Log::error('failed to authenticate in Entrust route ' . Request::getRequestUri());
return Redirect::to('user/login');
}
});
// Check for permissions on admin actions
Entrust::routeNeedsPermission('admin/blogs*', 'manage_blogs', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/comments*', 'manage_comments', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/users*', 'manage_users', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/roles*', 'manage_roles', Redirect::to('/admin'));
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
<?php
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
//Invoice Controller routes
Entrust::routeNeedsRole('invoice/create', 'admin');
Route::get('invoice', 'InvoiceController@index');
Route::get('invoice/create', 'InvoiceController@create');
Route::post('invoice', 'InvoiceController@save');
Route::get('invoice/{id}', 'InvoiceController@show');
Route::get('invoice/edit/{id}', 'InvoiceController@edit')->where('id', '[0-9]+');
Route::patch('invoice/{id}', 'InvoiceController@update');
Route::delete('invoice/{id}', 'InvoiceController@delete');
Route::get('invoice/download/pdf/{id}', 'InvoiceController@downloadPDF')->where('id', '[0-9]+');
Route::controllers(['auth' => 'Auth\\AuthController', 'password' => 'Auth\\PasswordController']);
/**
* Admin routes
*/
Route::group(['prefix' => 'admin', 'middleware' => ['role:admin']], function () {
Route::get('users', 'AdminController@users');
Route::get('roles-pesrmission', 'AdminController@createRolePermission');
Route::post('saveRole', 'AdminController@saveRole');
Route::post('savePermission', 'AdminController@savePermission');
Route::group(array('prefix' => 'api'), function () {
Route::resource('timeclock', 'TimeClockController');
Route::resource('user', 'UserTimeController');
});
//AJAX Request Pages
Route::post('/api/clockin', 'TimeClockController@clockIn');
Route::post('/api/clockout', 'TimeClockController@clockOut');
Route::get('/api/getClockedStatus', 'TimeClockController@getClockedStatus');
Route::get('/api/employee-list', 'EmployeeListController@getList');
Route::get('/api/getDepartments', 'TasksController@getDepartments');
Route::get('/api/getAllDepartments', 'TasksController@getAllDepartments');
Route::post('/api/postDepartments', 'TasksController@postDepartments');
Route::get('/api/getTasks/', 'TasksController@getTasks');
Route::get('/api/task-records', 'TasksController@getTaskRecords');
Route::any('/api/edit-task', 'TasksController@editTask');
Route::any('/api/delete-task', 'TasksController@deleteTask');
Route::any('/api/approve-task', 'TasksController@approveTask');
Route::get('/api/it-topics', 'ITController@getItTopics');
Route::get('/api/tasks-wdepartments', 'TasksController@getDepartmentsWTasks');
Route::get('/api/user-status', 'UserController@getEmployeeStatus');
Route::get('/api/user-departments', 'UserController@getUsersDepartments');
Route::get('/api/UserDepartments', 'TasksController@getUserDepartments');
Route::any('/api/log-user', 'UserController@logUser');
Route::get('/api/pending-tasks', 'TasksController@getPendingTaskRecords');
Route::get('/api/recently-completed', 'TasksController@getRecentlyCompleted');
// Route Permissions
Entrust::routeNeedsRole('admin/*', 'admin', Redirect::to('/'));
Entrust::routeNeedsRole('it-request-form/add-topics', 'admin', Redirect::to('/'));
Entrust::routeNeedsRole('user/edit*', 'admin', Redirect::to('/'));
Entrust::routeNeedsPermission('tasks/create', 'create-task', Redirect::to('/'));
Entrust::routeNeedsPermission('tasks/view-all-tasks', 'view-tasks', Redirect::to('/'));
// Receive PO
Route::get('receivePO', ['as' => 'receivePO.index', 'uses' => 'Receive\\ReceivePOController@index']);
Route::post('receivePO', ['as' => 'receivePO.filter', 'uses' => 'Receive\\ReceivePOController@filter']);
Route::get('receivePO/{id}', ['as' => 'receivePO.show', 'uses' => 'Receive\\ReceivePOController@show']);
Route::put('receivePO/{id}', ['as' => 'receivePO.update', 'uses' => 'Receive\\ReceivePOController@update']);
Entrust::routeNeedsRole('receive*', ['teamLead', 'super', 'manager'], Redirect::to('home'), false);
// PO Reconciliation
Route::get('poReconciliation', ['as' => 'poReconciliation.index', 'uses' => 'Receive\\POReconciliationController@index']);
Route::post('poReconciliation', ['as' => 'poReconciliation.filter', 'uses' => 'Receive\\POReconciliationController@filter']);
Route::get('poReconciliation/{id}', ['as' => 'poReconciliation.show', 'uses' => 'Receive\\POReconciliationController@show']);
Route::get('poReconciliation/{id}/review', ['as' => 'poReconciliation.review', 'uses' => 'Receive\\POReconciliationController@review']);
Route::post('poReconciliation/{id}/confirm', ['as' => 'poReconciliation.confirm', 'uses' => 'Receive\\POReconciliationController@confirm']);
Route::patch('poReconciliation/{id}/export', ['as' => 'poReconciliation.export', 'uses' => 'Receive\\POReconciliationController@export']);
//Route::post('poReconciliation/{id}', ['as' => 'poReconciliation.show', 'uses' => 'Receive\POReconciliationController@show']);
//Route::put('poReconciliation/{id}', ['as' => 'poReconciliation.update', 'uses' => 'Receive\POReconciliationController@update']);
Entrust::routeNeedsRole('poReconciliation', ['teamLead', 'super', 'manager'], Redirect::to('home'), false);
// Receive Article
Route::get('receiveArticle', ['as' => 'receiveArticle.index', 'uses' => 'Receive\\ReceiveArticleController@index']);
Route::patch('receiveArticle', ['as' => 'receiveArticle.filter', 'uses' => 'Receive\\ReceiveArticleController@filter']);
Route::get('receiveArticle/{id}', ['as' => 'receiveArticle.show', 'uses' => 'Receive\\ReceiveArticleController@show']);
#Route::put('receiveArticle/{id}', ['as' => 'receiveArticle.update', 'uses' => 'Receive\ReceiveArticleController@update']);
#Route::post('receiveArticle/{id}', ['as' => 'receiveArticle.create', 'uses' => 'Receive\ReceiveArticleController@create']);
Route::post('receiveArticle/refresh', ['as' => 'receiveArticle.refresh', 'uses' => 'Receive\\ReceiveArticleController@refresh']);
Route::post('receiveArticle/texting', ['as' => 'receiveArticle.texting', 'uses' => 'Receive\\ReceiveArticleController@texting']);
// Reports
// Rework Report
Route::get('reworkReport', ['as' => 'reworkReport.index', 'uses' => 'ReworkReportController@index']);
Route::patch('reworkReport', ['as' => 'reworkReport.filter', 'uses' => 'ReworkReportController@filter']);
#Route::get('reworkReport/review', ['as' => 'reworkReport.review', 'uses' => 'ReworkReportController@review']);
Route::post('reworkReport/email', ['as' => 'reworkReport.email', 'uses' => 'ReworkReportController@email']);
Route::patch('reworkReport/export', ['as' => 'reworkReport.export', 'uses' => 'ReworkReportController@export']);
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
if (Session::token() != Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
/*
|--------------------------------------------------------------------------
| Roles & Permissions Filters
|--------------------------------------------------------------------------
|
*/
Entrust::routeNeedsRole('admin', ['Administrator', 'Users Manager', 'Premium Author', 'Author', 'Eraser'], Redirect::to('/'), false);
Entrust::routeNeedsPermission('admin/xcasts*', ['manage_premium_casts', 'manage_free_casts', 'delete_casts'], Redirect::to('admin'), false);
Entrust::routeNeedsPermission('admin/series*', ['manage_series', 'delete_series'], Redirect::to('admin'), false);
Entrust::routeNeedsPermission('admin/users*', ['manage_users', 'delete_users'], Redirect::to('admin'), false);
Route::filter('can_manage_premium_casts', function () {
if (Xcast::find(Route::input('xcasts'))->levels > 0) {
if (!Entrust::can('manage_premium_casts') && !Entrust::can('delete_casts')) {
return Redirect::to('admin');
}
}
});
<?php
App::before(function ($request) {
//
});
App::after(function ($request, $response) {
//
});
Entrust::routeNeedsRole('admin*', 'Admin', Redirect::to('/'));
Entrust::routeNeedsRole('manager*', 'Manager', Redirect::to('/'));
Entrust::routeNeedsRole('player*', 'Manager', Redirect::to('/'));
Entrust::routeNeedsRole('home/edit*', 'admin', Redirect::to('/home'));
Entrust::routeNeedsRole('home/delete*', 'admin', Redirect::to('/home'));
Entrust::routeNeedsRole('home/store*', 'admin', Redirect::to('/home'));
//Home
Route::get('/', ['as' => 'home', 'uses' => 'HomeController@index']);
Route::get('home', ['as' => 'home', 'uses' => 'HomeController@index']);
Route::get('home/edit/{id}', ['as' => 'home.edit', 'uses' => 'HomeController@edit']);
Route::get('home/show/{id}', ['as' => 'home.show', 'uses' => 'HomeController@show']);
Route::get('home/delete/{id}', ['as' => 'home.delete', 'uses' => 'HomeController@destroy']);
Route::post('home/store', ['as' => 'home.store', 'uses' => 'HomeController@store']);
Route::post('home/edit/{id}', ['as' => 'home.update', 'uses' => 'HomeController@update']);
//Order
Route::get('order', ['as' => 'order', 'uses' => 'OrderController@index']);
//Portfolio
Route::get('portfolio', ['as' => 'portfolio', 'uses' => 'PortfolioController@index']);
//Blog
Route::get('blog', ['as' => 'blog', 'uses' => 'BlogController@index']);
//Contacts
Entrust::routeNeedsRole('contacts/edit*', 'admin', Redirect::to('/contacts'));
Entrust::routeNeedsRole('contacts/delete*', 'admin', Redirect::to('/contacts'));
Entrust::routeNeedsRole('contacts/store*', 'admin', Redirect::to('/contacts'));
Entrust::routeNeedsRole('guestbook/delete*', 'admin', Redirect::to('/contacts'));
Route::get('contacts', ['as' => 'contacts', 'uses' => 'ContactsController@index']);
Route::get('contacts/edit/{id}', ['as' => 'contacts.edit', 'uses' => 'ContactsController@edit']);
Route::get('contacts/show/{id}', ['as' => 'contacts.show', 'uses' => 'ContactsController@show']);
Route::get('contacts/delete/{id}', ['as' => 'contacts.delete', 'uses' => 'ContactsController@destroy']);
Route::post('contacts/store', ['as' => 'contacts.store', 'uses' => 'ContactsController@store']);
Route::post('contacts/edit/{id}', ['as' => 'contacts.update', 'uses' => 'ContactsController@update']);
Route::post('guestbook/store', ['as' => 'guestbook.store', 'uses' => 'ContactsController@storeGuestbook']);
Route::get('guestbook/delete/{id}', ['as' => 'guestbook.delete', 'uses' => 'ContactsController@deleteGuestbook']);
});
return Auth::basic();
});
Route::filter('guest', function () {
if (Auth::check()) {
return Redirect::to('user/login/');
}
});
if (Auth::check()) {
$client_roles = Cache::remember('client_roles', '60', function () {
return Role::where('access', '=', 'client')->lists('name');
});
$admin_roles = Cache::remember('admin_roles', '60', function () {
return Role::where('access', '=', 'admin')->lists('name');
});
Entrust::routeNeedsRole('client*', $client_roles, Redirect::to('/nopermission'), false);
Entrust::routeNeedsRole('admin*', $admin_roles, Redirect::to('/nopermission'), false);
}
Entrust::routeNeedsPermission('admin/slugs*', 'manage_blogs', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/comments*', 'manage_comments', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/users*', 'manage_users', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/roles*', 'manage_roles', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/settings*', 'manage_settings', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/search*', 'site_search', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/todos*', 'manage_todos', Redirect::to('/admin'));
Route::filter('csrf', function () {
if (Session::getToken() != Input::get('csrf_token') && Session::getToken() != Input::get('_token')) {
return Redirect::to('invalidtoken');
}
});
Route::filter('detectLang', function ($route, $request, $lang = 'auto') {
if ($lang != "auto" && in_array($lang, Config::get('app.available_language'))) {
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::get('/', function () {
return redirect()->action('Auth\\AuthController@getLogin');
});
Route::get('/home', function () {
return redirect('/travels');
});
// Authentication routes...
Route::get('auth/login', 'Auth\\AuthController@getLogin');
Route::post('auth/login', 'Auth\\AuthController@postLogin');
Route::get('auth/logout', 'Auth\\AuthController@getLogout');
// Registration routes...
Route::get('auth/register', 'Auth\\AuthController@getRegister');
Route::post('auth/register', 'Auth\\AuthController@postRegister');
Route::get('travels/changestatus/{status}/{travel}', 'TravelController@changeStatus');
Route::resource('travels', 'TravelController');
//Route routes
Route::get('routes/searchlocation', 'LocationController@getLocation');
Route::post('routes/searchroute', 'RouteController@getRoute');
Route::resource('routes', 'RouteController');
Route::resource('locations', 'LocationController');
Route::get('cars/searchcar', 'CarController@getCar');
Route::resource('cars', 'CarController');
Route::resource('roles', 'RoleController');
Route::resource('gas', 'GasController');
//Permissions
Entrust::routeNeedsRole('roles*', 'admin', Redirect::to('/locations'));
Route::get('/post/edit/{id}', ['as' => 'post.edit', 'uses' => 'PostController@editPostView']);
Route::post('/post/edit/{id}', ['uses' => 'PostController@editPost']);
Route::get('/vote/{id}/{votestatus}', ['as' => 'vote', 'uses' => 'PostController@vote'])->before('auth');
Route::group(['prefix' => 'admin'], function () {
Route::get('/', ['as' => 'admin.home', 'uses' => 'AdminController@showHome']);
Route::get('/subtitles', ['as' => 'admin.subtitles', 'uses' => 'AdminController@listSubtitles']);
Route::get('/inactive/subtitles', ['as' => 'admin.inactive.subtitles', 'uses' => 'AdminController@listInactiveSubtitles']);
Route::get('/activate/subtitle/{slug}', ['as' => 'admin.activate.subtitle', 'uses' => 'AdminController@activateSubtitle']);
Route::get('/edit/subtitle/{slug}', ['as' => 'admin.edit.subtitle', 'uses' => 'AdminController@editSubtitleView']);
Route::post('/edit/subtitle/{slug}', ['uses' => 'AdminController@editSubtitle']);
Route::get('/delete/subtitle/{slug}', ['as' => 'admin.delete.subtitle', 'uses' => 'AdminController@deleteSubtitle']);
Route::get('/users', ['as' => 'admin.users', 'uses' => 'AdminController@users']);
Route::get('/user/edit/{username}', ['as' => 'admin.user.edit', 'uses' => 'AdminController@editUserView']);
Route::post('/user/edit/{username}', ['as' => 'admin.user.update', 'uses' => 'AdminController@editUser']);
});
Entrust::routeNeedsRole('admin*', 'admin');
});
Route::group(['domain' => '{subdomain}.' . Config::get('app.domain')], function () {
Route::get('/', ['as' => 'subtitle', 'uses' => 'SubtitleController@showSubtitle']);
Route::get('/signup', ['as' => 'subtitle.signup', 'uses' => 'SubtitleController@signup'])->before('auth');
Route::get('/signout', ['as' => 'subtitle.signout', 'uses' => 'SubtitleController@signout'])->before('auth');
Route::get('post/create', ['as' => 'post.create', 'uses' => 'PostController@createPostView'])->before('auth');
Route::post('post/create', ['uses' => 'PostController@createPost'])->before('auth');
Route::get('p/{id}', ['as' => 'post.view', 'uses' => 'PostController@showPost']);
Route::post('p/{id}', ['as' => 'post.comment', 'uses' => 'PostController@makeComment'])->before('auth');
Route::get('/login', function () {
return Redirect::route('login');
});
Route::group(['prefix' => 'admin', 'before' => 'auth'], function () {
Route::get('/', ['as' => 'subadmin.home', 'uses' => 'SubtitleController@showAdmin']);
Route::get('/users', ['as' => 'subadmin.users', 'uses' => 'SubtitleController@adminUsers']);
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
// Authentication routes...
Route::get('/', 'Auth\\AuthController@getLogin');
Route::post('auth/login', 'Auth\\AuthController@postLogin');
Route::get('auth/logout', 'LoginController@logout');
// Home Page
Route::get('home', ['middleware' => 'auth', 'uses' => 'LoginController@home']);
//Managing Scheduling
Route::get('schedule', ['middleware' => 'auth', 'uses' => 'PageController@schedule']);
// Caller Scheduling Shifts
Route::post('schedule', ['middleware' => 'auth', 'uses' => 'ShiftController@scheduleShifts']);
// Only manager can manage shifts, others get redirected to the home page.
Entrust::routeNeedsRole('manage-shifts', array('manager'), Redirect::to('/home'));
// Managing the shift data
Route::get('manage-shifts', ['middleware' => 'auth', 'uses' => 'PageController@manageShifts']);
Route::post('manage-shifts', ['middleware' => 'auth', 'uses' => 'ShiftController@ModifyShifts']);
// View caller details
Route::get('caller-shifts', ['middleware' => 'auth', 'uses' => 'PageController@viewCallerShifts']);
Route::get('caller-shift-details', 'ShiftController@getCallerShiftDetails');
// Exporting shift data
Route::get('export-xls', 'ShiftController@exportToExcel');
Route::get('export-pdf', 'ShiftController@exportToPDF');
// Creating users
Route::get('create-users', 'PageController@createUsers');
Route::post('create-users', 'CreateUsers@createUsers');
Route::get('view-users', 'CreateUsers@viewUsers');
// Resting the password for inactive users
Route::get('reset-password', 'Auth\\PasswordController@getEmail');
Route::get('profil/{slug}', ['as' => 'showprofil_id', 'uses' => 'ProfilController@showprofil_id']);
#Showprofil - EN
Route::get('about/{slug}', ['as' => 'showprofil_en', 'uses' => 'ProfilController@showprofil_en']);
#Berita
#RouteDinamis (Paling Bawah)
Route::get('{kategori_artikel}', ['as' => 'daftar_kategori', 'uses' => 'ArtikelController@kategori_artikel']);
Route::get('{kategori_artikel}/{slug}', ['as' => 'tampil_artikel', 'uses' => 'ArtikelController@tampil_artikel']);
});
#END RouteGroup MultiLang
#Authentication
Route::controllers(['auth' => 'Auth\\AuthController', 'password' => 'Auth\\PasswordController']);
#RoutePermission
Entrust::routeNeedsRole('admin', 'administrator');
Entrust::routeNeedsRole('admin/*', 'administrator');
Entrust::routeNeedsRole('dosen', 'dosen');
Entrust::routeNeedsRole('dosen/*', 'dosen');
Route::get('ubahpassword', ['as' => 'ubahpassword', 'uses' => 'AdminController@ubahpassword']);
Route::post('updatepassword', ['as' => 'updatepassword', 'uses' => 'AdminController@updatepassword']);
#Admin
Route::get('admin', ['as' => 'dashboard', 'uses' => 'AdminController@dashboard']);
#SearchAdmin
Route::post('admin/search', ['as' => 'adminsearch', 'uses' => 'AdminController@search']);
Route::get('admin/search/{cari}', ['as' => 'adminsearchresults', 'uses' => 'AdminController@searchresults']);
#User
Route::get('admin/user', ['as' => 'admin-user', 'uses' => 'AdminController@user']);
#TambahUser
Route::get('admin/tambahuser', ['as' => 'tambahuser', 'uses' => 'UserController@tambahuser']);
Route::post('admin/simpanuser', ['as' => 'simpanuser', 'uses' => 'UserController@simpanuser']);
#EditUser
Route::get('admin/edituser/{username}', ['as' => 'edituser', 'uses' => 'UserController@edituser']);
Route::patch('admin/updateuser/{username}', ['as' => 'updateuser', 'uses' => 'UserController@updateuser']);
*/
Route::filter('guest', function () {
if (Auth::check()) {
return Redirect::to('user/login/');
}
});
/*
|--------------------------------------------------------------------------
| Role Permissions
|--------------------------------------------------------------------------
|
| Access filters based on roles.
|
*/
// Check for role on all admin routes
Entrust::routeNeedsRole('admin*', array('admin'), Redirect::to('/'));
// Check for permissions on admin actions
Entrust::routeNeedsPermission('admin/blogs*', 'manage_blogs', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/comments*', 'manage_comments', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/users*', 'manage_users', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/roles*', 'manage_roles', Redirect::to('/admin'));
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
if (Auth::check()) {
return Redirect::to('/');
}
});
Route::filter('csrf', function () {
if (Session::token() !== Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
/*
|--------------------------------------------------------------------------
| ENTRUST Filter
|--------------------------------------------------------------------------
|
|
|
*/
//~Entrust::routeNeedsRole( 'dashboard*','admin',Redirect::to('users/logout'));
Entrust::routeNeedsRole('files*', array('admin', 'client'), Redirect::to('users/logout'), null, false);
Entrust::routeNeedsRole('events*', array('admin', 'driver'), Redirect::to('users/logout'), null, false);
});
Route::filter('auth', function ($route, $request) {
if (Auth::guest()) {
Session::put('loginRedirect', Request::url());
return Redirect::to('user/login/');
}
});
Route::filter('auth.basic', function () {
return Auth::basic();
});
Route::filter('guest', function () {
if (Auth::check()) {
return Redirect::to('user/login/');
}
});
Entrust::routeNeedsRole('admin*', array('admin'), Redirect::to('/nopermission'));
Entrust::routeNeedsPermission('admin/slugs*', 'manage_blogs', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/comments*', 'manage_comments', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/users*', 'manage_users', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/roles*', 'manage_roles', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/settings*', 'manage_settings', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/search*', 'site_search', Redirect::to('/admin'));
Entrust::routeNeedsPermission('admin/todos*', 'manage_todos', Redirect::to('/admin'));
Route::filter('csrf', function () {
if (Session::getToken() != Input::get('csrf_token') && Session::getToken() != Input::get('_token')) {
return Redirect::to('invalidtoken');
}
});
Route::filter('detectLang', function ($route, $request, $lang = 'auto') {
if ($lang != "auto" && in_array($lang, Config::get('app.available_language'))) {
Config::set('app.locale', $lang);
Route::get('show/{id}', $Demand . 'showDemand');
Route::get('cancel/{id}', $Demand . 'cancelDemand');
Route::get('my', $Demand . 'myDemandsByType');
Route::get('my/{type}', $Demand . 'myDemandsByType');
Route::post('win', $Demand . 'win');
Route::get('list/cate/{id}', $Demand . 'index')->where('id', '[0-9]+');
Route::get('atest', $Demand . 'atest');
Route::get('getinfo', $Demand . 'gettbinfo');
Route::get('delay/{id}', $Demand . 'delaya')->where('id', '[0-9]+');
Route::post('delay/{id}', $Demand . 'delaya')->where('id', '[0-9]+');
Route::get('/delivery/{id}', $Demand . 'delivery')->where('id', '[0-9]+');
Route::get('/fav/', $Demand . 'fav');
Route::get('/choose/{id?}', $Demand . 'choose')->where('id', '[0-9]+');
Route::post('/choose/{id?}', $Demand . 'choose')->where('id', '[0-9]+');
Route::post('shouhuo', $Demand . 'shouhuo');
Entrust::routeNeedsRole('demand/post', array('tenderee', 'admin'), null, false);
});
Route::group(['prefix' => 'bid'], function () {
$Bid = 'BidController@';
Route::post('add', $Bid . 'addBid');
Route::get('my', $Bid . 'myBidsByType');
Route::get('cancel/{id}', $Bid . 'cancelBid');
Route::get('my/{type}', $Bid . 'myBidsByType');
Route::get('express', $Bid . 'myexpress');
Route::get('myinfo', $Bid . 'myinfo');
// Route::post('savehuo', $Bid . 'savehuo');
Route::match(['get', 'post'], 'f/{id}', $Bid . 'fahuo')->where('id', '[0-9]+');
Route::match(['get', 'post'], 'sk/{id}', $Bid . 'shoukuan')->where('id', '[0-9]+');
});
Route::group(['prefix' => 'pay'], function () {
$Pay = 'PayController@';
