public function editArticle(User $user, Article $article) { if ($this->isBadStatus($user)) { return false; } if (is_admin_role($user) or $user->owns($article)) { return true; } return false; }
public function deleteComment(User $user) { if ($this->isBadStatus($user)) { return false; } if (is_admin_role($user)) { return true; } return false; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->is('admin') or $request->is('admin/*')) { if (\Auth::guest()) { return redirect('/')->with('flash_info', 'У вас нет прав доступа.'); } if (!is_admin_role(\Auth::user())) { return redirect('/')->with('flash_info', 'У вас нет прав доступа.'); } } return $next($request); }
$basemenu[4] = get_string('courseenrolstart') . ' (' . userdate($course->enrolstartdate, $timeformat) . ')'; } if ($course->enrolenddate > 0) { $basemenu[5] = get_string('courseenrolend') . ' (' . userdate($course->enrolenddate, $timeformat) . ')'; } } /// Process any incoming role assignments before printing the header. if ($roleid) { /// Create the user selector objects. $options = array('context' => $context, 'roleid' => $roleid); if ($context->contextlevel > CONTEXT_COURSE && !is_inside_frontpage($context)) { $potentialuserselector = new potential_assignees_below_course('addselect', $options); } else { $potentialuserselector = new potential_assignees_course_and_above('addselect', $options); } if ($context->contextlevel == CONTEXT_SYSTEM && is_admin_role($roleid)) { $currentuserselector = new existing_role_holders_site_admin('removeselect', $options); } else { $currentuserselector = new existing_role_holders('removeselect', $options); } /// Process incoming role assignments $errors = array(); if (optional_param('add', false, PARAM_BOOL) && confirm_sesskey()) { $userstoassign = $potentialuserselector->get_selected_users(); if (!empty($userstoassign)) { foreach ($userstoassign as $adduser) { $allow = true; if ($inmeta) { if (has_capability('moodle/course:managemetacourse', $context, $adduser->id)) { //ok } else {
<input type="hidden" id="submitter_id" name="submitter_id" value="<?php echo $user_id; ?> " > <input type="hidden" id="admin_department" name="admin_department" value="<?php echo $user_id; ?> " > <input type="hidden" id="date" name="date" value="<?php echo $date_selected; ?> " > <div> <?php if (is_admin_role() && $_GET['id'] < 1) { ?> <h3>Punch Clock - Administration</h3> <?php $bootstrap->the_employee_search_table(); ?> <?php } else { ?> <h3>Punch Clock</h3> <?php if ($_GET['id']) { $user_info = $bootstrap->get_user($user_id); $fullname = $user_info['fullname']; $bootstrap->the_employee_search_table(); }
public function update(Requests\ArticleRequest $request, Article $article) { $this->authorize('editArticle', $article); if (!is_admin_role(\Auth::user())) { if ($request->user_id != \Auth::user()->id) { return redirect('/article/' . $article->slug . '/edit')->withInput()->with('flash_warning', 'Неверный автор.'); } } $data = $request->all(); if ($request->image) { $destinationPath = base_path() . config('app.uploads_articles_path'); // delete image $image = $destinationPath . '/' . $article->id . '/' . $article->image; if (file_exists($image)) { unlink($image); } $imageExt = $request->image->getClientOriginalExtension(); $imageName = $article->id . '.' . $imageExt; $article->image = $imageName; $article->save(); $request->image->move($destinationPath . '/' . $article->id, $imageName); } unset($data['image']); $article->update($data); $article->tags()->sync($request->input('tag_list')); // \Auth::user()->articles()->save($article); return redirect('/')->with('flash_success', 'Новость успешно обновлена.'); }