Пример #1
0
 /**
  * Show the form for creating a new resource.
  *
  * @return \Illuminate\Http\Response
  */
 public function create()
 {
     if (Gate::denies('addClient', new Client())) {
         abort(403, 'Not allowed');
     }
     return View::make('client.create');
 }
Пример #2
0
 /**
  * @param $id
  * @return int
  */
 public function destroy($id)
 {
     if (Gate::denies('manage-users')) {
         abort(403, 'You dont have permissions!!');
     }
     return (int) $this->usersRepo->delete($this->usersRepo->byId($id));
 }
 /**
  * updates activity sector
  * @param                      $id
  * @param Request              $request
  * @param SectorRequestManager $sectorRequestManager
  * @return \Illuminate\Http\RedirectResponse
  */
 public function update($id, Request $request, SectorRequestManager $sectorRequestManager)
 {
     $activityData = $this->activityManager->getActivityData($id);
     if (Gate::denies('ownership', $activityData)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     $this->authorizeByRequestType($activityData, 'sector');
     $sectors = $request->all();
     foreach ($sectors['sector'] as &$sector) {
         if ($sector['sector_vocabulary'] == 1 || $sector['sector_vocabulary'] == '') {
             $sector['sector_vocabulary'] = 1;
             $sector['sector_category_code'] = '';
             $sector['sector_text'] = '';
         } elseif ($sector['sector_vocabulary'] == 2) {
             $sector['sector_code'] = '';
             $sector['sector_text'] = '';
         } else {
             $sector['sector_code'] = '';
             $sector['sector_category_code'] = '';
         }
     }
     if ($this->sectorManager->update($sectors, $activityData)) {
         $this->activityManager->resetActivityWorkflow($id);
         $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Sector']]];
         return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response);
     }
     $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Sector']]];
     return redirect()->back()->withInput()->withResponse($response);
 }
Пример #4
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (Gate::denies('contributor')) {
         abort(403);
     }
     return $next($request);
 }
Пример #5
0
 public function destroy($id)
 {
     if (Gate::denies('managerOnly')) {
         abort(403);
     }
     return Group::destroy($id);
 }
 /**
  * updates activity recipient region
  * @param                               $id
  * @param Request                       $request
  * @param RecipientRegionRequestManager $recipientRegionRequestManager
  * @return \Illuminate\Http\RedirectResponse
  */
 public function update($id, Request $request, RecipientRegionRequestManager $recipientRegionRequestManager)
 {
     $activityData = $this->activityManager->getActivityData($id);
     if (Gate::denies('ownership', $activityData)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     $this->authorizeByRequestType($activityData, 'recipient_region');
     $activityTransactions = $this->transactionManager->getTransactions($id);
     $count = 0;
     if ($activityTransactions) {
         foreach ($activityTransactions as $transactions) {
             $transactionDetail = $transactions->transaction;
             removeEmptyValues($transactionDetail);
             if (!empty($transactionDetail['recipient_country']) || !empty($transactionDetail['recipient_region'])) {
                 $count++;
             }
         }
     }
     if ($count > 0) {
         $response = ['type' => 'warning', 'code' => ['message', ['message' => 'You cannot save Recipient Region in activity level because you have already saved recipient country or region in transaction level.']]];
         return redirect()->back()->withInput()->withResponse($response);
     }
     $recipientRegions = $request->all();
     foreach ($recipientRegions['recipient_region'] as &$recipientRegion) {
         $recipientRegion['region_vocabulary'] != '' ?: ($recipientRegion['region_vocabulary'] = '1');
     }
     if ($this->recipientRegionManager->update($recipientRegions, $activityData)) {
         $this->activityManager->resetActivityWorkflow($id);
         $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Recipient Region']]];
         return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response);
     }
     $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Recipient Region']]];
     return redirect()->back()->withInput()->withResponse($response);
 }
Пример #7
0
 public function destroy($id)
 {
     if (Gate::denies('adminOnly')) {
         abort(403);
     }
     return Organization::destroy($id);
 }
Пример #8
0
 /**
  * Create a new controller instance.
  * @internal param ReflectionClass $reflect
  */
 public function __construct()
 {
     if (get_sparkplug_config('ACL')) {
         if (Gate::denies(get_module_class_name($this))) {
             abort('403', 'User has no privilages to access this page');
         }
     }
 }
Пример #9
0
 /**
  * Show Dashboard.
  *
  * @return mixed
  */
 public function show()
 {
     $content = Content::newPostInstance();
     if (Gate::denies('create', $content)) {
         return view('orchestra/story::admin.home');
     }
     return $this->writePost($content);
 }
Пример #10
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (Gate::denies('authorization', $request->route()[1]['uses'])) {
         abort(403);
     } else {
         return $next($request);
     }
 }
Пример #11
0
 public function managerIndex()
 {
     if (Gate::denies('managerOnly')) {
         abort(403);
     }
     // Retrieve all the users defined for the organization of the currently authenticated manager
     return Auth::user()->organization->users;
 }
Пример #12
0
 /**
  * Display the specified resource.
  *
  * @param  int  $id
  * @return \Illuminate\Http\Response
  */
 public function show($id)
 {
     $post = Post::findOrFail($id);
     if (Gate::denies('update', $post)) {
         abort(403, 'no f*****g way bitch');
     }
     return $post->title;
 }
 public function coverStore(Request $request, $id)
 {
     $book = Book::find($id);
     if (Gate::denies('manageBook', $book)) {
         abort(403, 'voce não é o dono desse livro');
     }
     $bookService = app()->make(BookService::class);
     $bookService->storeCover($book, $request->file('file'));
 }
Пример #14
0
 /**
  * @param $todoId
  */
 public function activate($todoId)
 {
     $todoApplicationService = new TodoApplicationService();
     $todo = $this->todoRepository->byId($todoId);
     if (Gate::denies('delete-todo', $todo)) {
         abort(403);
     }
     $todoApplicationService->reActivateTodo($todoId);
 }
 public function destroy($id, $chapter_id)
 {
     $chapter = Chapter::find($chapter_id);
     if (Gate::denies('manage', $chapter)) {
         abort(403, "you do not own this book/chapter");
     }
     $chapter->delete();
     return redirect()->route('admin.books.chapters.index', ['id' => $id]);
 }
Пример #16
0
 /**
  * @param $todoListId
  * @return mixed
  */
 public function todoCollection($todoListId)
 {
     $todoList = $this->todolistRepository->byId($todoListId);
     $todoListCollection = $this->todolistRepository->todoCollection($todoListId);
     if (Gate::denies('add-todo', $todoList)) {
         abort(403);
     }
     return $todoListCollection;
 }
 public function edit($id)
 {
     $post = Post::findOrFail($id);
     if (Gate::denies('update', $post)) {
         Alert::danger('No tienes permisos para editar este post');
         return redirect('posts');
     }
     return $post->title;
 }
Пример #18
0
 public function __construct()
 {
     $this->middleware('auth');
     if (auth()->check()) {
         $this->university = auth()->user()->university;
     }
     if (Gate::denies('is-student')) {
         abort(403);
     }
 }
 public function delete($id)
 {
     $profile = Profile::findOrFail($id);
     if (Gate::denies('manage-profile', $profile)) {
         return abort(403);
     }
     $profile->delete();
     $this->flasher->success('Profile Deleted', 'The profile has been deleted.');
     return redirect('admin');
 }
Пример #20
0
 /**
  * returns the activity title edit form
  * @param $id
  * @return \Illuminate\View\View
  */
 public function index($id)
 {
     $activityData = $this->activityManager->getActivityData($id);
     if (Gate::denies('ownership', $activityData)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     $activityTitle = $this->titleManager->getTitleData($id);
     $form = $this->title->editForm($activityTitle, $id);
     return view('Activity.title.title', compact('form', 'id', 'activityData'));
 }
 public function __construct()
 {
     $this->middleware('auth');
     if (Gate::denies('manage-university')) {
         abort(403);
     }
     if (Auth::check()) {
         $this->university = Auth::user()->university;
     }
 }
 public function delete($id)
 {
     $article = Article::findOrFail($id);
     if (Gate::denies('manage-article', $article)) {
         return abort('403');
     }
     $article->delete();
     $this->flasher->success('Post Deleted', 'That post has been permanently removed');
     return redirect('admin/blog');
 }
Пример #23
0
 /**
  * Show a board's tasks
  *
  * @param $identifier
  * @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Illuminate\View\View
  */
 public function boardTasks($identifier)
 {
     $board = Board::where('identifier', $identifier)->first();
     if (Gate::denies('see', $board)) {
         return redirect('/boards');
     }
     if (is_null($board)) {
         return redirect('/boards');
     }
     return view('task_home', compact('board'));
 }
 /**
  * @param                     $id
  * @param OrganizationManager $organizationManager
  * @return \Illuminate\View\View
  */
 public function index($id, OrganizationManager $organizationManager)
 {
     $activity = Activity::find($id);
     if (Gate::denies('ownership', $activity)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     if ($activity) {
         $reportingOrganization = $organizationManager->getOrganization(Session::get('org_id'))->reporting_org;
         return view('Activity.ReportingOrganization.edit', compact('reportingOrganization', 'id'));
     }
     return redirect()->route('activity.index')->withResponse(['messages' => ['Activity with id' . $id . ' not found.'], 'type' => 'danger']);
 }
Пример #25
0
 public function create(Request $request)
 {
     if (Gate::denies('add', new Tag())) {
         abort(403);
     }
     $validator = Validator::make($request->all(), ['name' => 'required|unique:tags,name']);
     if ($validator->fails()) {
         return redirect()->back()->withErrors($validator)->withInput();
     }
     $tag = Tag::create(['name' => $request->input('name')]);
     Session::flash('flash_message', 'Tag added.');
     return redirect()->back();
 }
 /**
  * Update the specified resource in storage.
  *
  * @param  int                                $organizationId
  * @param CreateOrgReportingOrgRequestManager $createOrgReportingOrgRequestManager
  * @param Request                             $request
  * @return Response
  */
 public function update($organizationId, CreateOrgReportingOrgRequestManager $createOrgReportingOrgRequestManager, Request $request)
 {
     $organization = $this->organizationManager->getOrganization($organizationId);
     if (Gate::denies('belongsToOrganization', $organization)) {
         return redirect()->route('activity.index')->withResponse($this->getNoPrivilegesMessage());
     }
     $this->authorize('edit_activity', $organization);
     $input = $request->all();
     $this->orgReportingOrgManager->update($input, $organization);
     $this->organizationManager->resetStatus($organizationId);
     $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Reporting Organization']]];
     return redirect()->route("organization.show", $organizationId)->withResponse($response);
 }
 /**
  * @param                      $id
  * @param Request              $request
  * @param BudgetRequestManager $budgetRequestManager
  * @return mixed
  */
 public function update($id, Request $request, BudgetRequestManager $budgetRequestManager)
 {
     $activityData = $this->activityManager->getActivityData($id);
     if (Gate::denies('ownership', $activityData)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     $this->authorizeByRequestType($activityData, 'budget');
     $budget = $request->all();
     if ($this->budgetManager->update($budget, $activityData)) {
         $this->activityManager->resetActivityWorkflow($id);
         $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Budget']]];
         return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response);
     }
     $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Budget']]];
     return redirect()->back()->withInput()->withResponse($response);
 }
 public function update($id, Request $request, ConditionRequestManager $conditionRequestManager)
 {
     $activityData = $this->activityManager->getActivityData($id);
     if (Gate::denies('ownership', $activityData)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     $this->authorizeByRequestType($activityData, 'conditions');
     $condition = $request->except(['_token', '_method']);
     if ($this->conditionManager->update($condition, $activityData)) {
         $this->activityManager->resetActivityWorkflow($id);
         $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Conditions']]];
         return redirect()->to(sprintf('/activity/%s', $id))->withResponse($response);
     }
     $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Related Activity']]];
     return redirect()->back()->withInput()->withResponse($response);
 }
 /**
  * write brief description
  * @param                                                   $orgId
  * @param CreateOrgRecipientOrgBudgetRequestManager         $request
  * @param CreateOrgRecipientOrgBudgetRequestManager|Request $request
  * @return mixed
  */
 public function update($orgId, CreateOrgRecipientOrgBudgetRequestManager $request, Request $request)
 {
     $organization = $this->organizationManager->getOrganization($orgId);
     if (Gate::denies('belongsToOrganization', $organization)) {
         return redirect()->back()->withResponse($this->getNoPrivilegesMessage());
     }
     $organizationData = $this->recipientOrgBudgetManager->getOrganizationData($orgId);
     $this->authorizeByRequestType($organizationData, 'recipient_organization_budget');
     $input = $request->all();
     if ($this->recipientOrgBudgetManager->update($input, $organizationData)) {
         $this->organizationManager->resetStatus($orgId);
         $response = ['type' => 'success', 'code' => ['updated', ['name' => 'Organization Recipient Organization Budget']]];
         return redirect()->to(sprintf('/organization/%s', $orgId))->withResponse($response);
     }
     $response = ['type' => 'danger', 'code' => ['update_failed', ['name' => 'Organization Recipient Organization Budget']]];
     return redirect()->back()->withInput()->withResponse($response);
 }
 public function index()
 {
     $selectedGroup = null;
     if ($groupId = Input::get('group')) {
         $selectedGroup = Group::find($groupId);
     }
     if ($selectedGroup) {
         if (Gate::denies('show', $selectedGroup)) {
             return Redirect::back()->with(['error_message' => "You do not have permission."]);
         }
         $passwords = $selectedGroup->passwords()->paginate(10);
     } else {
         $passwords = Auth::user()->passwords()->paginate(10);
     }
     $groups = Auth::user()->groups()->get();
     return view('password.index', ['passwords' => $passwords, 'groups' => $groups, 'selectedGroup' => $selectedGroup]);
 }