/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next, $role) { if (\Auth::check() && !\Entrust::hasRole($role)) { return redirect()->back(); } return $next($request); }
public static function isAdmin() { if (!Entrust::hasRole('admin')) { return false; } return true; }
/** * Display a listing of rateinquiries * * @return Response */ public function index() { //RateInquiry::where('viewed', 0)->where('status', 1)->update(array('viewed'=> 1)); $from = null; $to = null; if (Input::has('search')) { //dd(Input::all()); $from = Input::get('from'); $to = Input::get('to'); if (Entrust::hasRole('Admin')) { $user_id = Input::get('agent_id'); $rateinquiries = RateInquiry::whereHas('user', function ($q) use($user_id) { $q->where('users.id', 'like', '%' . $user_id . '%'); }); } elseif (Entrust::hasRole('Agent')) { $rateinquiries = RateInquiry::whereHas('user', function ($q) { $q->where('users.id', '=', Auth::id()); }); } if (!empty($from) && !empty($to)) { $rateinquiries = $rateinquiries->where('from', '>=', $from)->where('to', '<=', $to); } $rateinquiries = $rateinquiries->get(); } else { if (Entrust::hasRole('Admin')) { $rateinquiries = RateInquiry::orderBy('updated_at', 'desc')->get(); } elseif (Entrust::hasRole('Agent')) { $rateinquiries = RateInquiry::where('user_id', Auth::id())->orderBy('updated_at', 'desc')->get(); } } return View::make('inquiries.rate-inquiries.index', compact('rateinquiries', 'user_id', 'from', 'to')); }
public function allowed($sAction = null, $sRole = null) { if (static::isAdmin() || \Entrust::hasRole('admin') || \Entrust::can($sAction) || \Entrust::hasRole($sRole)) { return true; } return false; }
public static function getCreditLimit($agent_id) { if (Entrust::hasRole('Agent')) { return Agent::where('user_id', $agent_id)->first()->credit_limit; } return false; }
public static function userHasAgent() { if (Entrust::hasRole('Agent')) { if ($x = User::getAgentOfUser(Auth::user())) { return Agent::with('market')->find($x->agent_id); } } return false; }
public function __construct() { $this->_user = Auth::user(); $this->_parameters = Route::current()->parameters(); if (!User::hasHotelPermission($this->_user, $this->_parameters['hotels'])) { if (!Entrust::hasRole('Admin')) { App::abort(403); } } }
public function destroy(Comment $comment) { if ($comment->user_id != Auth::user()->id && !Entrust::hasRole('admin')) { return redirect()->back()->withErrors(config('constants.INVALID_LINK')); } $belongs_to = $comment->belongs_to; $comment->delete(); $activity = 'Deleted a commented on a ' . ucfirst($belongs_to); Activity::log($activity); return redirect()->back()->withSuccess(config('constants.DELETED')); }
public function getInDebugModeAttribute() { //限管理員 if (!\Entrust::hasRole('admin')) { return false; } if (!$this->debug) { return false; } return true; }
public function postDestroy($id) { if (\Entrust::hasRole('Admin')) { $category = Category::find($id); if ($category) { $category->delete(); return redirect('admin/categories/view')->with('flash_message', 'Category deleted'); } } return redirect('admin/categories/view')->with('flash_message', 'You unable to delete categories due to Demo account'); }
/** * Login with the provided username & password in local first, if * failed, try login in center. * * @param Request * @return Json */ public function login(Request $request) { $username = $request->input('username'); $password = $request->input('password'); // if login failed if (!Auth::attempt(['username' => $username, 'password' => $password]) && self::loginCheckSSO($username, $password) === 'SUCCESS') { $user = User::where('username', '=', $username)->first(); Auth::login($user); } $response = ['is_student' => \Entrust::hasRole('student'), 'is_manager' => \Entrust::hasRole('manager'), 'status' => Auth::check()]; return response()->json($response); }
/** * Store a newly created payment in storage. * * @return Response */ public function store() { $data = Input::all(); $user_id = Auth::id(); $validator = Validator::make(Input::all(), array('amount' => 'required|numeric')); if ($validator->fails()) { return Redirect::back()->withErrors($validator)->withInput(); } /** * Payments are starting from "BK" numbers */ if ($x = Payment::find(Payment::max('id'))) { $y = (int) substr($x->reference_number, 2); $data['reference_number'] = 'BK' . ++$y; } else { $data['reference_number'] = 'BK10000000'; } $data['agent_id'] = User::getAgentOfUser(Auth::id()); if (Entrust::hasRole('Agent')) { $agent_id = $data['agent_id']->user_id; $name = User::where('id', $user_id)->first()->first_name . ' ' . User::where('id', $user_id)->first()->last_name; $email = User::where('id', $user_id)->first()->email; $phone = Agent::where('user_id', $user_id)->first()->phone; $amount = Input::get('amount'); $details = Input::get('details'); $data = array('details' => $name, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'amount' => $amount, 'payment_status' => 0, 'my_booking' => 2); $reserv_id = Payment::create($data); $data_tab_HSBC_payment = array('currency' => 'USD'); $tab_HSBC_payment_id = HsbcPayment::create($data_tab_HSBC_payment); $stamp = strtotime("now"); $payment_id = Payment::orderBy('created_at', 'desc')->first()->id; $orderid = "{$stamp}" . 'AP' . "{$payment_id}"; $last_res_resid = str_replace(".", "", $orderid); $hsbc_id = HsbcPayment::orderBy('created_at', 'desc')->first()->id; $hsbc_payment_id_pre = "{$stamp}" . 'HSBC' . "{$hsbc_id}"; $hsbc_payment_id = str_replace(".", "", $hsbc_payment_id_pre); if ($last_res_resid) { $payment = DB::table('payments')->where('id', $payment_id)->update(array('reference_number' => $last_res_resid, 'HSBC_payment_id' => $hsbc_payment_id)); $data_tab_HSBC_payment = DB::table('hsbc_payments')->where('id', $hsbc_id)->update(array('HSBC_payment_id' => $hsbc_payment_id)); $client = array('booking_name' => $name, 'email' => $email, 'phone' => $phone, 'remarks' => $details, 'val' => 0, 'payment_reference_number' => $last_res_resid); $client_payment_id = Booking::create($client); } $currency = 'USD'; $x = $amount * 1.037; $total_price_all_hsbc = round($x, 2) * 100; //dd($hsbc_payment_id . '/' . $currency . '/' . $total_price_all_hsbc . '/' . $last_res_resid); HsbcPayment::goto_hsbc_gateway($hsbc_payment_id, $currency, $total_price_all_hsbc, $last_res_resid); // return $this->storeAllDataAndSendEmails(); } //Payment::create($data); return Redirect::route('accounts.payments.index'); }
/** * Get the validation rules that apply to the request. * * @return array */ public function rules() { $rules = ['name' => 'required', 'email' => 'required|email|unique:users', 'role' => 'required', 'password' => 'required']; if ($this->isMethod('PATCH')) { if (!\Entrust::hasRole('admin')) { unset($rules['role']); } $rules['email'] = 'required|email|unique:users,email,' . $this->get('id'); if (empty($this->get('password'))) { unset($rules['password']); } } return $rules; }
public function destroy(Attachment $attachment) { if (!Helper::getMode()) { return redirect()->back()->withErrors(config('constants.DISABLE_MESSAGE')); } if ($attachment->user_id != Auth::user()->id && !Entrust::hasRole('admin')) { return redirect()->back()->withErrors(config('constants.INVALID_LINK')); } $belongs_to = $attachment->belongs_to; File::delete('uploads/attachment_files/' . $attachment->file); $attachment->delete($id); $activity = 'Deleted a file on a ' . $belongs_to; Activity::log($activity); return redirect()->back()->withSuccess(config('constants.DELETED')); }
public function update($id, $userData) { if (isset($userData['password']) && !empty(trim($userData['password']))) { $userData['password'] = bcrypt($userData['password']); } else { unset($userData['password']); } $user = $this->user->find($id); $user->update($userData); if (\Entrust::hasRole('admin')) { $role = $this->role->where('name', $userData['role'])->first(); $user->roles()->detach(); $user->attachRole($role); } }
public function index() { $subjects = collect(Subject::where('trash', '=', false)->get()->toArray())->groupBy('name')->count(); $partitions = Partition::where('trash', '=', false)->count(); $invites = Invite::count(); $questions = Question::where('trash', '=', false)->count(); $users = User::count(); $trash = ''; $testrooms = ''; if (\Entrust::hasRole('admin')) { $trash = Question::where('trash', '=', true)->count() + Subject::where('trash', '=', true)->count() + Partition::where('trash', '=', true)->count() + TestRoom::where('teacher_id', '=', \Auth::user()->id)->where('trash', '=', true)->count(); } elseif (\Entrust::hasRole('teacher')) { $testrooms = TestRoom::where('teacher_id', '=', \Auth::user()->id)->count(); } return view('admin.welcome', ['subjects' => $subjects, 'partitions' => $partitions, 'invites' => $invites, 'questions' => $questions, 'users' => $users, 'trash' => $trash, 'testrooms' => $testrooms]); }
public function getEntitati($tip_entitate) { $sql = "SELECT \n ent.id, \n ent.denumire, \n ent.cif,\n ent.adresa, \n ent.cod_postal, \n ent.telefon, \n ent.fax, \n ent.id_organizatie, \n ent.id_tip_entitate, \n judet.denumire AS judet, \n loc.denumire AS localitate\n FROM entitate ent\n LEFT OUTER JOIN judet ON ent.id_judet = judet.id_judet AND judet.logical_delete = 0 \n LEFT OUTER JOIN localitate loc ON ent.id_localitate = loc.id_localitate AND loc.logical_delete = 0"; $and = ""; if (\Entrust::hasRole("Administrator de grup")) { $and = " AND ent.id_organizatie = " . \Entrust::user()->id_org; } else { if (!\Entrust::can("administrare_platforma")) { $ids = self::getIDsDepartamente(\Confide::getDepartamenteUser()); $sql = $sql . " INNER JOIN departament d ON d.id_entitate = ent.id AND d.logical_delete = 0" . " AND d.id IN (" . $ids . ")"; } } $sql .= " WHERE ent.logical_delete = 0 "; $sql .= $and; if ($tip_entitate == 1) { $sql .= " AND ent.id_tip_entitate = 1 "; } else { $sql .= " AND ent.id_tip_entitate = 2 "; } $sql .= " GROUP BY ent.id"; $entitati = DB::select($sql); //dd($sql); return View::make('entitate::entitati_organizatie.list')->with('entitati', $entitati)->with('tip_entitate', $tip_entitate); }
<button class="btn btn-info no-print" onclick="window.print()"> <span class="glyphicon glyphicon-print"></span> Print </button> @endif <?php $cuser = Auth::User()->id; if (Entrust::hasRole('Administrator')) { if ($purchase->status != "Cancelled" && $purchase->status != "Closed") { ?> <a href="../edit/{{$purchase->id}}" class="btn btn-success no-print"> <span class="glyphicon glyphicon-edit no-print"></span> Edit </a> <?php } } else { if (Entrust::hasRole('Procurement Personnel')) { if ($purchase->created_by == $cuser) { if ($purchase->status != "Cancelled" && $purchase->status != "Closed") { ?> <a href="../edit/{{$purchase->id}}" class="btn btn-success no-print"> <span class="glyphicon glyphicon-edit no-print"></span> Edit </a> <?php } } } } ?>
public function validateAndSave($post) { // create the validator $validator = Validator::make(Input::all(), Post::$rules); // attempt validation if ($validator->fails()) { Session::flash('errorMessage', 'Ohh no! Something went wrong...You should be seeing some errors down below...'); Log::info('Validator failed', Input::all()); // validation failed, redirect to the post create page with validation errors and old inputs return Redirect::back()->withInput()->withErrors($validator); } else { if (Input::hasFile('image')) { $file = Input::file('image'); $post->uploadImage($file); } $post->title = Input::get('title'); $post->body = Input::get('body'); $post->user_id = Auth::id(); $post->save(); if (Entrust::hasRole('guest')) { $guest = Role::where('name', 'guest')->firstOrFail(); Entrust::user()->detachRole($guest); } if (Request::wantsJson()) { return Response::json(array('Status' => 'Request Succeeded')); } else { Session::flash('successMessage', 'Your post has been successfully saved.'); return Redirect::action('PostsController@show', array($post->id)); } } }
/** * check the loan duration is bad or not. * * @param array $date_info * @param array $time_info * @param App\Affair\Timezone * @return bool */ public static function checkDuration($date_info, $time_info, $timezone) { if ($date_info[0] > $date_info[1] || $time_info[0] >= $time_info[1]) { return false; } // is student? if (\Entrust::hasRole('student')) { // is in special time? if ($timezone->date_began_at < $date_info[0]) { // is start/end date equal or the time duration bigger than 3 hours if ($date_info[0] != $date_info[1] || strtotime($time_info[1]) - strtotime($time_info[0]) > 3600 * 3) { return false; } } } return true; }
<?php /* |-------------------------------------------------------------------------- | Application Routes |-------------------------------------------------------------------------- | | Here is where you can register all of the routes for an application. | It's a breeze. Simply tell Laravel the URIs it should respond to | and give it the controller to call when that URI is requested. | */ Route::controllers(['auth' => 'Auth\\AuthController']); Route::resource('posts', 'PostController'); Route::resource('comments', 'CommentController'); Route::get('/', function () { return view('welcome'); }); Route::filter('manage_posts', function () { if (!Entrust::hasRole('admin')) { return Redirect::to('/posts'); } }); Route::when('posts*', 'manage_posts', array('post', 'put', 'delete')); Route::when('posts/create', 'manage_posts'); Route::when('posts/*/edit', 'manage_posts');
| | The CSRF filter is responsible for protecting your application against | cross-site request forgery attacks. If this special token in a user | session does not match the one given in this request, we'll bail. | */ Route::filter('csrf', function () { if (Session::token() != Input::get('_token')) { throw new Illuminate\Session\TokenMismatchException(); } }); /* Role/permission based Route filters */ /*If the user does not have the first role most likely administrator redirect to the home page */ Route::filter('admin', function () { if (!Entrust::hasRole(Role::find(1)->name)) { return Redirect::to('home'); } }); /** * A filter that receives a permission ($perms) as the parameter and checks if the user has * the said permissions or that the user is accessing only his own profile */ Route::filter('checkPerms', function ($route, $request, $perms) { if (!Entrust::can($perms) && Auth::id() != Request::segment(2)) { return Redirect::to('home'); } }); //Ensure form value is not zero Validator::extend('non_zero_key', function ($attribute, $value, $parameters) { return $value != 0 ? true : false;
|-------------------------------------------------------------------------- | CSRF Protection Filter |-------------------------------------------------------------------------- | | The CSRF filter is responsible for protecting your application against | cross-site request forgery attacks. If this special token in a user | session does not match the one given in this request, we'll bail. | */ Route::filter('csrf', function () { if (Session::token() != Input::get('_token')) { throw new Illuminate\Session\TokenMismatchException(); } }); Route::filter('admin', function () { if (!Entrust::hasRole(Config::get('customConfig.roles.admin'))) { return Redirect::to('/'); } }); Route::filter('oauth', function () { $token = Input::get('access_token'); if (isset($token)) { $access_token = AccessToken::whereAccessToken($token)->first(); if (!$access_token) { return Response::json(['error' => 'Unauthorized', 'status' => 401]); } $date = Carbon::parse($access_token->updated_at); if ($date->diffInMinutes() >= $access_token->expire_time) { return Response::json(['error' => 'Expire', 'status' => 400]); } } else {
<?php Route::filter('auth', function () { if (Auth::guest()) { return Redirect::guest('login')->withPesan('Anda harus login dulu'); } }); Route::filter('guest', function () { if (Auth::check()) { return Redirect::to('admin'); } }); Route::filter('user', function () { if (!Entrust::hasRole('User')) { return Redirect::back()->withPesan('Hanya user yang diizinkan mengakses fitur tersebut!'); } });
/** * Store a newly created booking in storage. * This includes Clients, FlightDetails * * @return Response */ public function store() { if (Auth::check()) { $user = Auth::user(); if (Entrust::hasRole('Agent')) { $rules = Booking::$agentRules; } } else { $rules = Booking::$guestRules; } $data = Input::all(); if (Auth::check()) { $data['user_id'] = Auth::id(); } $validator = Validator::make($data, $rules); if ($validator->fails()) { //dd($validator->errors()); return Redirect::back()->withErrors($validator)->withInput(); } $data['val'] = 1; if ($x = Booking::find(Booking::max('id'))) { $data['reference_number'] = ++$x->reference_number; } else { $data['reference_number'] = 10000000; } Session::put('MyBookingData', $data); $clients = null; $newBooking = $this->storeAllData(); $booking_name = $newBooking->booking_name; $booking_amount = Booking::getTotalBookingAmount($newBooking); $data = array('details' => $booking_name, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'amount' => $booking_amount, 'payment_status' => 0, 'my_booking' => 2); $reserv_id = Payment::create($data); $data_tab_HSBC_payment = array('currency' => 'USD'); $tab_HSBC_payment_id = HsbcPayment::create($data_tab_HSBC_payment); $stamp = strtotime("now"); $payment_id = Payment::orderBy('created_at', 'desc')->first()->id; $orderid = "{$stamp}" . 'A' . "{$payment_id}"; $last_res_resid = str_replace(".", "", $orderid); $hsbc_id = HsbcPayment::orderBy('created_at', 'desc')->first()->id; $hsbc_payment_id_pre = "{$stamp}" . 'HSBC' . "{$hsbc_id}"; $hsbc_payment_id = str_replace(".", "", $hsbc_payment_id_pre); if ($last_res_resid) { $payment = DB::table('payments')->where('id', $payment_id)->update(array('reference_number' => $last_res_resid, 'HSBC_payment_id' => $hsbc_payment_id)); $data_tab_HSBC_payment = DB::table('hsbc_payments')->where('id', $hsbc_id)->update(array('HSBC_payment_id' => $hsbc_payment_id)); } $currency = 'USD'; //$x = Booking::getTotalBookingAmount($newBooking) * 100 * 1.037; // $x = 2 * 100 * 1.037; //$total_price_all_hsbc = round($x, 2); $total_price_all_hsbc = $booking_amount * 100; dd($total_price_all_hsbc); // dd($hsbc_payment_id . '/' . $currency . '/' . $total_price_all_hsbc . '/' . $last_res_resid); HsbcPayment::goto_hsbc_gateway($hsbc_payment_id, $currency, $total_price_all_hsbc, $last_res_resid); }
public function searchCancelled() { $pageName = "List of Cancelled Purchase Requests"; $searchBy = Input::get('searchBy'); $date_today = date('Y-m-d H:i:s'); // return $searchBy; if (Entrust::hasRole('Requisitioner')) { if ($searchBy == '0') { $requests = DB::table('purchase_request')->where('office', '=', Auth::user()->office_id)->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName)->with('link', 'completeTable/cancelled'); } else { if ($searchBy == 'all') { return App::make('PurchaseRequestController')->viewCancelled(); } else { if ($searchBy == 'dateReceived') { $start = Input::get('start'); $end = Input::get('end'); if ($start == $end) { $starty = (new \DateTime($start))->format('Y'); $startm = (new \DateTime($start))->format('m'); $startd = (new \DateTime($start))->format('d'); $requests = DB::table('purchase_request')->where('office', '=', Auth::user()->office_id)->where(DB::raw('YEAR(dateRequested)'), '=', $starty)->where(DB::raw('MONTH(dateRequested)'), '=', $startm)->where(DB::raw('DAY(dateRequested)'), '=', $startd)->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); } else { $requests = DB::table('purchase_request')->where('office', '=', Auth::user()->office_id)->whereBetween('dateRequested', array($start, $end))->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); } return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { if ($searchBy == 'controlNo' || $searchBy == 'projectPurpose' || $searchBy == 'amount') { $searchTerm = trim(Input::get('searchTerm')); if ($searchBy == 'controlNo') { $searchTerm = str_replace(' ', '', $searchTerm); } if ($searchBy == 'amount' && is_numeric($searchTerm)) { $stringSamples = array(' ', ',', ' '); $searchTerm = str_replace($stringSamples, '', $searchTerm); $searchTerm = number_format($searchTerm); $searchTerm .= ".00"; } $requests = DB::table('purchase_request')->where('office', '=', Auth::user()->office_id)->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->where($searchBy, 'LIKE', "%{$searchTerm}%")->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { if ($searchBy == 'Shopping') { $searchTerm = trim(Input::get('searchTerm')); $requests = DB::table('purchase_request')->where('office', '=', Auth::user()->office_id)->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->where('projectPurpose', 'LIKE', "%{$searchTerm}%")->where('otherType', '=', $searchBy)->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { $searchTerm = trim(Input::get('searchTerm')); $requests = DB::table('purchase_request')->join('document', 'purchase_request.id', '=', 'document.pr_id')->where('office', '=', Auth::user()->office_id)->where('document.work_id', '=', $searchBy)->where('projectPurpose', 'LIKE', "%{$searchTerm}%")->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } } } } } } else { if ($searchBy == '0') { $requests = DB::table('purchase_request')->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC')->paginate(10); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { if ($searchBy == 'all') { return App::make('PurchaseRequestController')->viewCancelled(); } else { if ($searchBy == 'dateReceived') { $start = Input::get('start'); $end = Input::get('end'); if ($start == $end) { $starty = (new \DateTime($start))->format('Y'); $startm = (new \DateTime($start))->format('m'); $startd = (new \DateTime($start))->format('d'); $requests = DB::table('purchase_request')->where(DB::raw('YEAR(dateRequested)'), '=', $starty)->where(DB::raw('MONTH(dateRequested)'), '=', $startm)->where(DB::raw('DAY(dateRequested)'), '=', $startd)->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); } else { $requests = DB::table('purchase_request')->whereBetween('dateRequested', array($start, $end))->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); } return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { if ($searchBy == 'controlNo' || $searchBy == 'projectPurpose' || $searchBy == 'amount') { $searchTerm = trim(Input::get('searchTerm')); if ($searchBy == 'controlNo') { $searchTerm = str_replace(' ', '', $searchTerm); } if ($searchBy == 'amount' && is_numeric($searchTerm)) { $stringSamples = array(' ', ',', ' '); $searchTerm = str_replace($stringSamples, '', $searchTerm); $searchTerm = number_format($searchTerm); $searchTerm .= ".00"; } $requests = DB::table('purchase_request')->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->where($searchBy, 'LIKE', "%{$searchTerm}%")->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { if ($searchBy == 'Shopping') { $searchTerm = trim(Input::get('searchTerm')); $requests = DB::table('purchase_request')->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->where('projectPurpose', 'LIKE', "%{$searchTerm}%")->where('otherType', '=', $searchBy)->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } else { $searchTerm = trim(Input::get('searchTerm')); $requests = DB::table('purchase_request')->join('document', 'purchase_request.id', '=', 'document.pr_id')->where('document.work_id', '=', $searchBy)->where('projectPurpose', 'LIKE', "%{$searchTerm}%")->where('dueDate', '>', $date_today)->where('status', '=', 'Cancelled')->orderBy('dateReceived', 'DESC'); $pageCounter = $requests->count(); $requests = $requests->get(); return View::make('pr_view')->with('link', 'completeTable/cancelled')->with('requests', $requests)->with('searchBy', $searchBy)->with('pageCounter', $pageCounter)->with('pageName', $pageName); } } } } } } }
/** * Update the specified resource in storage. * * @param int $id * @param UserRequest $request * * @return RedirectResponse|\Illuminate\Routing\Redirector */ public function update($id, UserRequest $request) { if (!\Entrust::hasRole('admin')) { $id = auth()->user()->id; } $this->user->update($id, $request->all()); return redirect()->back()->with('success', 'user successfully updated!'); }
| Here is where you can register all of the routes for an application. | It's a breeze. Simply tell Laravel the URIs it should respond to | and give it the Closure to execute when that URI is requested. | */ //HOME Page Route::get('/', array('as' => 'home', function () { // Return about us page return View::make('default.home'); })); // Principal page Route::get('principal', array('as' => 'principal', 'before' => ['auth', 'principal'], function () { if (Entrust::hasRole('User')) { return View::make('site.users.index'); } else { if (Entrust::hasRole('Admin')) { $users = User::paginate(2); return View::make('admin.users.index')->with('users', $users); } else { Auth::logout(); return Redirect::action('home')->with('flash_notice', 'You don\'t have access!'); } } return App::abort(403); })); // Confide routes users Route::get('/users/create', array('as' => 'create', 'uses' => 'UsersController@create')); Route::post('users', array('as' => 'store', 'uses' => 'UsersController@store')); Route::get('users/forgot_password', array('as' => 'forgot_pass', 'uses' => 'UsersController@forgotPassword')); Route::post('users/forgot_password', array('as' => 'forgot_password', 'uses' => 'UsersController@doForgotPassword')); Route::get('users/reset_password/{token}', array('as' => 'reset.pass', 'uses' => 'UsersController@resetPassword'));
$doccount = Document::where('pr_id', $cpurchases->id)->count(); if ($doccount == 0) { $count = 0; } else { $doc = Document::where('pr_id', $cpurchases->id)->first(); $count = DB::table('count')->where('doc_id', $doc->id)->where('user_id', $cuser)->count(); } if ($count == 0) { } else { if (Entrust::hasRole('Administrator')) { $result = $result + 1; } else { if (Entrust::hasRole('Procurement Personnel')) { $result = $result + 1; } else { if (Entrust::hasRole('Requisitioner')) { $useroffice = Auth::user()->office_id; $req = User::find($cpurchases->requisitioner); if ($useroffice == $req->office_id) { $result = $result + 1; } } } } } } echo $result; ?> </span> </a> </li>
} if (!Entrust::hasRole('Owner') && !Entrust::hasRole('SuperAdmin') && !Entrust::hasRole('AdminKantor') && !Entrust::hasRole('AdminGudang')) { if (!Entrust::hasRole('AdminOutlet')) { return Redirect::to('store')->with('message', 'Anda berhasil log in'); } return Redirect::to('outlet'); } }); Route::filter('superUser', function () { if (!Entrust::hasRole('Owner') && !Entrust::hasRole('SuperAdmin')) { return Redirect::to('admin'); } }); Route::filter('outlet', function () { if (!Entrust::hasRole('AdminOutlet')) { if (!Entrust::hasRole('SuperAdmin')) { return Redirect::to('store'); } // return Redirect::to('admin/outlet'); } }); /* |-------------------------------------------------------------------------- | Guest Filter |-------------------------------------------------------------------------- | | The "guest" filter is the counterpart of the authentication filters as | it simply checks that the current user is not logged in. A redirect | response will be issued if they are, which you may freely change. | */