/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param $value
*
* @return mixed
*/
public function handle($request, Closure $next, $value)
{
if (\Gate::denies($value)) {
app()->abort(403, 'Missing permission \'' . $value . '\'');
}
return $next($request);
}
public function handle($request, Closure $next, $permission)
{
if (\Gate::denies($permission)) {
return redirect('')->with('message_error', trans('admin.no_permission'));
}
return $next($request);
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
* @return \Illuminate\Http\Response
*/
public function update(Request $request, $id)
{
try {
$user = User::findOrFail($id);
if (\Gate::denies('user.edit', $user)) {
return abort(403);
}
} catch (ModelNotFoundException $e) {
return abort(404);
}
// обновляем профиль пользователя
$user->fill($request->all())->save();
// Удаляем все присвоенные роли у пользователя
$user->roles()->detach();
// если иммеются назнаеченные роли
if (count($request->input('roles'))) {
// для оптимизации запросов выполняем добавление ролей в одну транзакцию
\DB::transaction(function () use($request, $user) {
foreach ($request->input('roles') as $role_id) {
$user->roles()->attach($role_id);
}
});
}
return redirect()->route('user.index');
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function edit($id)
{
$applicant = Applicant::with('documents')->findOrFail($id);
if (\Gate::denies('update', $applicant)) {
return abort(403);
}
return view('applicants.edit', compact('applicant'));
}
public function delete($id)
{
$customer = $this->customerRepository->getById($id);
if (\Gate::denies('show', $customer)) {
return $this->json->error('You Cannot View or Alter Someone\'s Customer ...');
}
$customer->delete();
return $this->json->success('Customer Deleted Successfully ...');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if (\Gate::denies('app.admin.show')) {
if ($request->ajax()) {
return response('Forbidden.', 403);
} else {
return app()->abort(403, 'No permission to view backend');
}
}
return $next($request);
}
/**
* Check if the logged in user can follow the specified user.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = $request->route('users');
if (\Gate::denies('can-follow', $user)) {
if ($request->ajax()) {
return response()->json(['message' => 'Забранет пристап'], 401);
} else {
return redirect(route('users.show', $user->slug))->withErrors(['error' => 'Забранет пристап']);
}
}
return $next($request);
}
/**
* Check if the logged in user can remove the dislike
* from the specified course.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$course = $request->route('courses');
if (\Gate::denies('remove-course-dislike', $course)) {
if ($request->ajax()) {
return response()->json(['message' => 'Забранет пристап'], 401);
} else {
return redirect(route('courses.show', $course->slug))->withErrors(['error' => 'Забранет пристап']);
}
}
return $next($request);
}
public function handle(Request $request, \Closure $next, $guard = null)
{
if (\Gate::denies('admin.access')) {
if ($request->ajax()) {
return response('Unauthorized.', 401, ['X-Redirect-Url' => route('admin.login')]);
} elseif (\Auth::guard($guard)->check()) {
return view('admin::auth.denied');
} else {
return redirect()->guest(route('admin.login'));
}
}
return $next($request);
}
public function storePermission(Request $request, WidgetBoxHandler $handler, $id)
{
if (\Gate::denies('edit', new Instance('widgetbox.' . $id))) {
throw new AccessDeniedHttpException();
}
$this->permissionRegister($request, 'widgetbox.' . $id, ['edit']);
return XePresenter::makeApi(['type' => 'success', 'message' => '권한을 저장했습니다.']);
}
/**
* @param FormRequestAbstract $request
* @param bool $usePartial
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function indexUsersListBackEnd(FormRequestAbstract $request, $usePartial = false)
{
$name = $request->has('name') ? $request->get('name') : null;
$email = $request->has('email') ? $request->get('email') : null;
$roles = $request->has('roles') ? $request->get('roles') : null;
$trashed = $request->has('trashed') ? $request->get('trashed') : null;
$environments = $request->has('environments') ? $request->get('environments') : [];
$this->setPresenter(new IndexUsersListPresenter());
if (\Gate::denies('super-administrator')) {
$environments = [\Environments::currentId()];
}
$this->filterEnvironments($environments);
if (!is_null($name)) {
$this->filterUserName($name);
}
if (!is_null($email)) {
$this->filterEmail($email);
}
if (!is_null($roles)) {
$this->filterRoles($roles);
}
if (!is_null($trashed)) {
switch ($trashed) {
case 'with_trashed':
$this->filterShowWithTrashed();
break;
case 'only_trashed':
$this->filterShowOnlyTrashed();
break;
default:
// Display active users only
}
}
$users = $this->with(['environments', 'roles'])->paginate(\Settings::get('app.pagination'), ['users.id', 'users.first_name', 'users.last_name', 'users.email', 'users.deleted_at']);
return cmsview($usePartial ? 'users.backend.users.chunks.index_tables' : 'users.backend.users.index', ['users' => $users, 'nb_users' => $this->count(), 'user_can_see_env' => true, 'is_role_management_allowed' => \Settings::get('users.is_role_management_allowed'), 'filters' => ['name' => $name, 'email' => $email, 'roles' => $roles, 'environments' => $environments]], 'users::');
}
/**
* 보이지 않는(보기 권한이 없는) 메뉴는 제외시킨다.
*
* @param \Xpressengine\Menu\Models\MenuItem $item menu item
* @param \Xpressengine\Menu\Models\Menu $menu menu
*
* @return null|\Xpressengine\Menu\Models\MenuItem
*/
function removeInvisible($item, $menu)
{
// resolve item
if (Gate::denies('visible', [$item, $menu])) {
return null;
}
// resolve child menuitems of item
$children = new \Illuminate\Support\Collection();
foreach ($item['children'] as $child) {
if ($new = removeInvisible($child, $menu)) {
if ($new) {
$children[] = $new;
}
}
}
$item['children'] = $children;
return $item;
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return Response
*/
public function destroy($id)
{
$group = Group::findOrFail($id);
if (Gate::denies('destroy-group', $event, $group)) {
abort(403);
}
$group->delete();
return response()->json("ok");
}
public function destroy($slug)
{
if (\Gate::denies('edit-pages')) {
abort(403);
}
$page = \Crockenhill\Page::where('slug', $slug)->first();
$page->delete();
return redirect('/members/pages')->with('message', 'Page successfully deleted!');
}
/**
* Not used !!
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize(Request $request)
{
$order = $this->order->getUserOrder($request);
return Gate::denies('view-resource', $order);
}
public function detailEvaluation($id_user, $id_evaluador)
{
if (\Gate::denies('ver-evaluacion', $id_user)) {
$mensaje = "Acceso no autorizado, tu solo puedes acceder a tus evaluaciones";
\Session::flash('alerta', $mensaje);
return redirect()->route('estudiante.index');
}
$user = Evaluation::where('evaluations.id_user', $id_user)->where('evaluations.id_evaluador', $id_evaluador)->select('users.*', 'evaluations.*', 'carreras.*', 'universidades.*', 'projects.autor2', 'projects.cedula2', 'projects.tutor', 'projects.cedulatutor')->join('users', 'users.id', '=', 'evaluations.id_user')->join('projects', 'projects.id_user', '=', 'users.id')->join('carreras', 'carreras.id', '=', 'users.id_carrera')->join('universidades', 'universidades.id', '=', 'carreras.id_universidad')->first();
$evaluador = Evaluation::where('id_user', $id_user)->where('id_evaluador', $id_evaluador)->select('users.*', 'carreras.*', 'universidades.*')->join('users', 'users.id', '=', 'evaluations.id_evaluador')->join('carreras', 'carreras.id', '=', 'users.id_carrera')->join('universidades', 'universidades.id', '=', 'carreras.id_universidad')->first();
$formevaluacion = EvaluacionForm::where('id_carrera', $user->id_carrera)->first();
$evaluacion = Evaluation::where('id_user', $id_user)->where('id_evaluador', $id_evaluador)->select('evaluations.*')->first();
return view('estudianteviews.evaluaciondetalle', ['user' => $user, 'evaluador' => $evaluador, 'formevaluacion' => $formevaluacion, 'evaluacion' => $evaluacion]);
}
public static function get_list($object, $single_model, $extra = [])
{
$module = $object->module;
$node = \Solunes\Master\App\Node::where('name', $single_model)->first();
$model = \FuncNode::node_check_model($node);
if (\Gate::denies('node-admin', ['list', $module, $node, 'list'])) {
return \Login::redirect_dashboard('no_permission');
}
$array = ['module' => $module, 'node' => $node, 'model' => $single_model, 'i' => NULL, 'filter_category' => 'admin', 'filter_category_id' => '0', 'filter_type' => 'field', 'filter_node' => $node->name, 'dt' => 'form', 'id' => NULL, 'parent' => NULL, 'action_fields' => ['create', 'edit', 'delete']];
if ($action_field = $node->node_extras()->where('type', 'action_field')->first()) {
$array['action_fields'] = json_decode($action_field->value_array, true);
}
if (request()->has('parent_id')) {
$id = request()->input('parent_id');
$array['id'] = $id;
$items = $model->whereHas('parent', function ($q) use($id) {
$q->where('id', $id);
});
} else {
$items = $model->whereNotNull('id');
}
if ($node) {
if ($node->soft_delete == 1 && request()->has('view-trash') && request()->input('view-trash') == 'true') {
$items->onlyTrashed();
}
if ($node->translation) {
$items->with('translations');
}
if ($node->parent) {
$array['parent'] = $node->parent->name;
}
if (request()->has('download-excel')) {
$display_fields = ['show', 'excel'];
} else {
$display_fields = ['show'];
}
$array['fields'] = $node->fields()->whereIn('display_list', $display_fields)->where('type', '!=', 'field')->with('translations')->get();
$relation_fields = $node->fields()->whereIn('display_list', $display_fields)->where('type', 'relation')->get();
if (count($relation_fields) > 0) {
foreach ($relation_fields as $relation) {
$sub_node = \Solunes\Master\App\Node::where('name', str_replace('_', '-', $relation->value))->first();
if ($sub_node->translation) {
$items = $items->with([$relation->trans_name, $relation->trans_name . '.translations']);
} else {
$items = $items->with($relation->trans_name);
}
}
}
}
$array = \AdminList::filter_node($array, $node, $model, $items, 'admin');
$items = $array['items'];
$graphs = $node->node_extras()->whereIn('type', ['graph', 'parent_graph'])->get();
$array = \AdminList::graph_node($array, $node, $model, $items, $graphs);
$items_relations = $node->fields()->where('name', '!=', 'parent_id')->whereIn('type', ['relation', 'child', 'subchild'])->get();
if (count($items_relations) > 0) {
foreach ($items_relations as $item_relation) {
$items->with($item_relation->trans_name);
}
}
$array['items'] = $items->get();
if ($node->translation == 1) {
$array['langs'] = \Solunes\Master\App\Language::get();
} else {
$array['langs'] = [];
}
if (request()->has('download-excel')) {
return AdminList::generate_query_excel($array);
} else {
return view('master::list.general-list', $array);
}
}
public static function post_request_success($request, $model, $item, $type = 'admin')
{
$node = \Solunes\Master\App\Node::where('name', $model)->first();
if ($type == 'admin') {
if (\Gate::denies('node-admin', ['item', $type, $node, $request->input('action'), $request->input('id')])) {
return \Login::redirect_dashboard('no_permission');
}
}
if ($type == 'admin') {
$display_array = ['none'];
} else {
$display_array = ['item_admin', 'none'];
}
$total_ponderation = 0;
$rejected_fields = ['title', 'content', 'child', 'subchild', 'field'];
foreach ($node->fields()->whereNotIn('type', $rejected_fields)->whereNotIn('display_item', $display_array)->with('field_extras')->get() as $field) {
$field_name = $field->name;
$input = NULL;
if ($request->has($field_name)) {
$input = $request->input($field_name);
}
if ($input && $input != 0 && ($pond = $field->field_extras()->where('type', 'ponderation')->first())) {
$total_ponderation = $total_ponderation + $pond->value;
}
$item = \FuncNode::put_data_field($item, $field, $input);
}
if ($total_ponderation > 0) {
$item->total_ponderation = $total_ponderation;
}
$item->save();
foreach ($node->fields()->whereIn('type', ['subchild', 'field'])->get() as $field) {
if ($field->type == 'subchild') {
$subfield_name = str_replace('_', '-', $field->value);
$sub_node = \Solunes\Master\App\Node::where('name', $subfield_name)->first();
$sub_node_table = $sub_node->table_name;
AdminItem::post_subitems($sub_node, $field->name, 'parent_id', $item->id, $sub_node->fields()->where('display_item', '!=', 'none')->whereNotIn('name', ['id', 'parent_id'])->get());
foreach ($node->fields()->where('child_table', $sub_node_table)->get() as $field_extra) {
$field_extra_name = $field_extra->name;
if ($field_extra_name == $sub_node_table . '_count') {
$subvalue = count($item->{$sub_node_table});
} else {
$field_extra_name_fixed = str_replace('_total', '', $field_extra_name);
$subvalue = 0;
foreach ($item->{$sub_node_table} as $sub_item) {
$subvalue += $sub_item->{$field_extra_name_fixed};
}
}
$item->{$field_extra_name} = $subvalue;
$item->save();
}
} else {
$field_name = $field->name;
if ($field->multiple) {
$item->{$field_name}()->sync($request->input($field_name));
} else {
$item->{$field_name}()->sync([$request->input($field_name)]);
}
}
}
foreach ($node->indicators as $indicator) {
$node_model = \FuncNode::node_check_model($node);
$items = \FuncNode::node_check_model($node);
$array = \AdminList::filter_node(['filter_category_id' => $indicator->id], $node, $node_model, $items, 'indicator');
$items = $array['items'];
if ($indicator->type == 'count') {
$indicator_value = $items->count();
} else {
$indicator_value = $items->count();
}
if ($today_indicator = $indicator->indicator_values()->where('date', date('Y-m-d'))->first()) {
} else {
$today_indicator = new \Solunes\Master\App\IndicatorValue();
$today_indicator->parent_id = $indicator->id;
$today_indicator->date = date('Y-m-d');
}
$today_indicator->value = $indicator_value;
$today_indicator->save();
}
\Asset::delete_temp();
return $item;
}
// .env APP_ENV APP_DEBUG DB_*
// bootstrap/app.php AuthServiceProvider, $app->withFacades(), $app->routeMiddleware(), $app->withEloquent()
// ExampleEvent ExampleListener EventServiceProvider
// ExampleTest.php phpunit
// database/factories/ModelFactory.php
Gate::define('update-post', function ($user, $post) {
return $user->id === $post->user_id;
});
$this->app['auth']->viaRequest('api', function ($request) {
$user = Auth::user();
// Return User or null...
});
if (Gate::allows('update-post', $post)) {
//
}
if (Gate::denies('update-post', $post)) {
abort(403);
}
$app->group(['middleware' => 'role:editor', 'namespace' => 'App\\Http\\Controllers\\Admin', 'prefix' => 'admin'], function () use($app) {
$app->get('/', ['middleware' => 'auth', 'uses' => 'UserController@showProfile']);
});
function update(Request $request, $id)
{
$this->validate($request, ['name' => 'required', 'email' => 'required|email|unique:users']);
event(new ExampleEvent());
$name = $request->input('name', 'default_val');
$uri = $request->path();
$uri = $request->has('name');
$foo = $request->is('admin\\*');
$foo = $request->isMethod('post');
$url = $request->url();
public function store()
{
if (\Gate::denies('edit-songs')) {
abort(403);
}
// Get input
$title = \Input::get('title');
$alternative = \Input::get('alternative');
$author = \Input::get('author');
$copyright = \Input::get('copyright');
$lyrics = \Input::get('lyrics');
// Save new song
$song = new \Crockenhill\Song();
$song->title = $title;
$song->alternative_title = $alternative;
$song->author = $author;
$song->copyright = $copyright;
$song->lyrics = $lyrics;
$song->save();
// Send user back to index
return redirect('/members/songs')->with('message', '"' . \Input::get('title') . '" successfully uploaded!');
}
public function getTestDokumen()
{
$dokumen = Dokumen::where("id", 1)->firstOrFail();
if (\Gate::denies('view-dokumen', $dokumen)) {
abort(404);
}
echo "string";
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return Response
*/
public function destroy($id)
{
if (\Gate::denies('edit-documents')) {
abort(403);
}
//
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return Response
*/
public function destroy($year, $month, $slug)
{
if (\Gate::denies('edit-sermons')) {
abort(403);
}
$sermon = \Crockenhill\Sermon::where('slug', $slug)->whereBetween('date', array($year . '-' . $month . '-01', $year . '-' . $month . '-31'))->first();
$sermon->delete();
return redirect('sermons')->with('message', 'Sermon successfully deleted!');
}
