/** * Show the form for creating a new resource. * * @return \Illuminate\Http\Response */ public function create() { if (Gate::denies('addClient', new Client())) { abort(403, 'Not allowed'); } return View::make('client.create'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (Gate::denies('contributor')) { abort(403); } return $next($request); }
/** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); Gate::define('administer', function (User $user) { return $user->roles->contains('name', 'admin'); }); }
/** * updates activity sector * @param $id * @param Request $request * @param SectorRequestManager $sectorRequestManager * @return \Illuminate\Http\RedirectResponse */ public function update($id, Request $request, SectorRequestManager $sectorRequestManager) { $activityData = $this->activityManager->getActivityData($id); if (Gate::denies('ownership', $activityData)) { return redirect()->back()->withResponse($this->getNoPrivilegesMessage()); } $this->authorizeByRequestType($activityData, 'sector'); $sectors = $request->all(); foreach ($sectors['sector'] as &$sector) { if ($sector['sector_vocabulary'] == 1 || $sector['sector_vocabulary'] == '') { $sector['sector_vocabulary'] = 1; $sector['sector_category_code'] = ''; $sector['sector_text'] = ''; } elseif ($sector['sector_vocabulary'] == 2) { $sector['sector_code'] = ''; $sector['sector_text'] = ''; } else { $sector['sector_code'] = ''; $sector['sector_category_code'] = ''; } } if ($this->sectorManager->update($sectors, $activityData)) { $this->activityManager->resetActivityWorkflow($id); $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Sector']]]; return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response); } $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Sector']]]; return redirect()->back()->withInput()->withResponse($response); }
/** * @param $id * @return int */ public function destroy($id) { if (Gate::denies('manage-users')) { abort(403, 'You dont have permissions!!'); } return (int) $this->usersRepo->delete($this->usersRepo->byId($id)); }
public function destroy($id) { if (Gate::denies('managerOnly')) { abort(403); } return Group::destroy($id); }
/** * updates activity recipient region * @param $id * @param Request $request * @param RecipientRegionRequestManager $recipientRegionRequestManager * @return \Illuminate\Http\RedirectResponse */ public function update($id, Request $request, RecipientRegionRequestManager $recipientRegionRequestManager) { $activityData = $this->activityManager->getActivityData($id); if (Gate::denies('ownership', $activityData)) { return redirect()->back()->withResponse($this->getNoPrivilegesMessage()); } $this->authorizeByRequestType($activityData, 'recipient_region'); $activityTransactions = $this->transactionManager->getTransactions($id); $count = 0; if ($activityTransactions) { foreach ($activityTransactions as $transactions) { $transactionDetail = $transactions->transaction; removeEmptyValues($transactionDetail); if (!empty($transactionDetail['recipient_country']) || !empty($transactionDetail['recipient_region'])) { $count++; } } } if ($count > 0) { $response = ['type' => 'warning', 'code' => ['message', ['message' => 'You cannot save Recipient Region in activity level because you have already saved recipient country or region in transaction level.']]]; return redirect()->back()->withInput()->withResponse($response); } $recipientRegions = $request->all(); foreach ($recipientRegions['recipient_region'] as &$recipientRegion) { $recipientRegion['region_vocabulary'] != '' ?: ($recipientRegion['region_vocabulary'] = '1'); } if ($this->recipientRegionManager->update($recipientRegions, $activityData)) { $this->activityManager->resetActivityWorkflow($id); $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Recipient Region']]]; return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response); } $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Recipient Region']]]; return redirect()->back()->withInput()->withResponse($response); }
public function destroy($id) { if (Gate::denies('adminOnly')) { abort(403); } return Organization::destroy($id); }
/** * Create a new controller instance. * @internal param ReflectionClass $reflect */ public function __construct() { if (get_sparkplug_config('ACL')) { if (Gate::denies(get_module_class_name($this))) { abort('403', 'User has no privilages to access this page'); } } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (Gate::denies('authorization', $request->route()[1]['uses'])) { abort(403); } else { return $next($request); } }
/** * Show Dashboard. * * @return mixed */ public function show() { $content = Content::newPostInstance(); if (Gate::denies('create', $content)) { return view('orchestra/story::admin.home'); } return $this->writePost($content); }
/** * Display the specified resource. * * @param int $id * @return \Illuminate\Http\Response */ public function show($id) { $post = Post::findOrFail($id); if (Gate::denies('update', $post)) { abort(403, 'no f*****g way bitch'); } return $post->title; }
public function update(Request $request, PersonModel $person) { $person->setName($request->input('name'))->setEnabled($request->has('enabled')); if (Gate::allows('editSuperuser', $person)) { $person->setSuperuser($request->has('superuser')); } PersonFacade::save($person); }
public function managerIndex() { if (Gate::denies('managerOnly')) { abort(403); } // Retrieve all the users defined for the organization of the currently authenticated manager return Auth::user()->organization->users; }
public function coverStore(Request $request, $id) { $book = Book::find($id); if (Gate::denies('manageBook', $book)) { abort(403, 'voce não é o dono desse livro'); } $bookService = app()->make(BookService::class); $bookService->storeCover($book, $request->file('file')); }
public function destroy($id, $chapter_id) { $chapter = Chapter::find($chapter_id); if (Gate::denies('manage', $chapter)) { abort(403, "you do not own this book/chapter"); } $chapter->delete(); return redirect()->route('admin.books.chapters.index', ['id' => $id]); }
/** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); foreach ($this->getPermissions() as $permission) { Gate::define($permission->name, function ($user) use($permission) { return $user->hasRole($permission->roles); }); } }
/** * @param $todoListId * @return mixed */ public function todoCollection($todoListId) { $todoList = $this->todolistRepository->byId($todoListId); $todoListCollection = $this->todolistRepository->todoCollection($todoListId); if (Gate::denies('add-todo', $todoList)) { abort(403); } return $todoListCollection; }
/** * @param $todoId */ public function activate($todoId) { $todoApplicationService = new TodoApplicationService(); $todo = $this->todoRepository->byId($todoId); if (Gate::denies('delete-todo', $todo)) { abort(403); } $todoApplicationService->reActivateTodo($todoId); }
public function edit($id) { $post = Post::findOrFail($id); if (Gate::denies('update', $post)) { Alert::danger('No tienes permisos para editar este post'); return redirect('posts'); } return $post->title; }
public function __construct() { $this->middleware('auth'); if (Gate::denies('manage-university')) { abort(403); } if (Auth::check()) { $this->university = Auth::user()->university; } }
public function delete($id) { $profile = Profile::findOrFail($id); if (Gate::denies('manage-profile', $profile)) { return abort(403); } $profile->delete(); $this->flasher->success('Profile Deleted', 'The profile has been deleted.'); return redirect('admin'); }
public function delete($id) { $article = Article::findOrFail($id); if (Gate::denies('manage-article', $article)) { return abort('403'); } $article->delete(); $this->flasher->success('Post Deleted', 'That post has been permanently removed'); return redirect('admin/blog'); }
/** * returns the activity title edit form * @param $id * @return \Illuminate\View\View */ public function index($id) { $activityData = $this->activityManager->getActivityData($id); if (Gate::denies('ownership', $activityData)) { return redirect()->back()->withResponse($this->getNoPrivilegesMessage()); } $activityTitle = $this->titleManager->getTitleData($id); $form = $this->title->editForm($activityTitle, $id); return view('Activity.title.title', compact('form', 'id', 'activityData')); }
/** * Define abilities that checks if the current user is admin. * * @param array $arguments * @return boolean */ private function isAdmin($arguments) { foreach ($arguments as $resource => $actions) { foreach ($actions as $action) { Gate::define($this->ability($action, $resource), function ($user) { return $user->is_admin; }); } } }
public function __construct() { if (!Gate::allows('manage-university')) { abort(403); } $this->middleware('auth'); if (auth()->check()) { $this->university = auth()->user()->university; } }
public function __construct() { $this->middleware('auth'); if (auth()->check()) { $this->university = auth()->user()->university; } if (Gate::denies('is-student')) { abort(403); } }
/** * Show a board's tasks * * @param $identifier * @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Illuminate\View\View */ public function boardTasks($identifier) { $board = Board::where('identifier', $identifier)->first(); if (Gate::denies('see', $board)) { return redirect('/boards'); } if (is_null($board)) { return redirect('/boards'); } return view('task_home', compact('board')); }
/** * Register any authentication / authorization services. * * @return void */ public function boot() { $this->registerPolicies(); Gate::define('create', function ($user) { if ($user->id) { return true; } else { return false; } }); }
public function compose(View $view) { $view->sidebar->group(trans('global.menus.social'), function (SidebarGroup $group) { $group->addItem(trans('reasons::global.name'), function (SidebarItem $item) { $item->icon = config('typicms.reasons.sidebar.icon'); $item->weight = config('typicms.reasons.sidebar.weight'); $item->route('admin::index-reasons'); $item->append('admin::create-reason'); $item->authorize(Gate::allows('index-reasons')); }); }); }