/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, \Closure $next) { if (\Gate::allows("admin")) { return $next($request); } die(view("unauthorized")); }
public function getUpload(Request $request) { $role = $this->cekRole(); $actifity = ''; $view = ''; $unit_id = $request->input('unit'); $sap_log = Saplog::where('status', 'A')->firstOrFail(); $array = ['asal_surat', 'actifity', 'jenis_dokumen', 'kode_jra', 'pr', 'po', 'cd', 'gr', 'file_pdf', 'unit_tujuan', 'lokasi_file', 'visibility']; if (\Gate::allows('upload-cek', 'admin')) { if ($request->input('unit') != null) { $unit = unit::where('id', $unit_id)->where('id', '!=', '1')->get(); } else { $unit = unit::where('id', '!=', '1')->get(); } $actifity = Actifity::all(); $unit_tujuan = unit::all(); $visibility = Visibility::all(); } else { $unit = unit::where('id', Auth::user()->personil->unit->id)->get(); $unit_tujuan = unit::all(); $actifity = Actifity::where('unit_id', Auth::user()->personil->unit->id)->get(); $visibility = Visibility::all(); } return view('dokumen/upload', compact('array', 'unit', 'visibility', 'actifity', 'unit_tujuan', 'sap_log')); }
/** * Check if the logged in user can become a follower to the specified user. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $user = $request->route('users'); if (\Gate::allows('is-following', $user)) { if ($request->ajax()) { return response()->json(['message' => 'Забранет пристап'], 401); } else { return redirect(route('users.show', $user->slug))->withErrors(['error' => 'Забранет пристап']); } } return $next($request); }
/** * Check if the logged in user can add a dislike to the specified course. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $course = $request->route('courses'); if (\Gate::allows('add-course-dislike', $course)) { if ($request->ajax()) { return response()->json(['message' => 'Забранет пристап'], 401); } else { return redirect(route('courses.show', $course->slug))->withErrors(['error' => 'Забранет пристап']); } } return $next($request); }
public function index() { if (\Gate::allows('admin-check')) { $matches = $this->getMatches('A'); $matches16 = $this->getMatches('B'); $matches8 = $this->getMatches('C'); $matches4 = $this->getMatches('D'); $matches2 = $this->getMatches('E'); $countrydropdown = $this->CountryDropdown(); return view('Admin.index', ['matches' => $matches, 'matches16' => $matches16, 'matches8' => $matches8, 'matches4' => $matches4, 'matches2' => $matches2, 'countrydropdown' => $countrydropdown]); } else { return Redirect::action('HomeController@index'); } }
public function index() { if (!\Gate::allows('admin-check')) { $matches = $this->getMatches('A'); $matches16 = $this->getMatches('B'); $matches8 = $this->getMatches('C'); $matches4 = $this->getMatches('D'); $matches2 = $this->getMatches('E'); $ownscore = new ScoreClass(); $totalscore = $ownscore->Scores(Auth::user()->id); return view('Game.index', ['matches' => $matches, 'matches16' => $matches16, 'matches8' => $matches8, 'matches4' => $matches4, 'matches2' => $matches2, 'totalscore' => $totalscore]); } else { return Redirect::action('AdminController@index'); } }
/** * Retrieve roles for authed user's user-role. * * @author Casper Rasmussen <*****@*****.**> * * @return array */ public function getListUserLevel() { // Retrieve full list $list = $this->getList(); // If user is developer, give the full list if (\Gate::allows('backend-developer')) { return $list; } // This means user is not developer, let's unset that option unset($list['developer']); if (\Gate::allows('backend-super-admin')) { return $list; } // This means user is not super-admin, let's unset that option unset($list['super-admin']); // If user is admin, we return the list if (\Gate::allows('backend-admin')) { return $list; } // If user is not even admin, that option should not be possible either unset($list['admin']); return $list; }
| and give it the controller to call when that URI is requested. | */ Route::get('/', function () { return view('welcome'); }); /* |-------------------------------------------------------------------------- | Application Routes |-------------------------------------------------------------------------- | | This route group applies the "web" middleware group to every route | it contains. The "web" middleware group is defined in your HTTP | kernel and includes session state, CSRF protection, and more. | */ Route::group(['middleware' => ['web']], function () { // }); Route::group(['middleware' => 'web'], function () { Route::auth(); Route::get('/home', 'HomeController@index'); }); Route::group(['namespace' => 'Posts'], function () { Route::pattern('posts', '[0-9]+'); Route::resource('posts', 'PostsController'); }); Route::get('edit-post/{id}', function ($id) { // Let's just pretend we are logged in as the user with ID 1 Auth::loginUsingId(1); // Now let's try to find a post
/** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { return \Gate::allows('create_building'); }
/** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { return \Gate::allows('create_role'); }
<script type="text/javascript"> //<![CDATA[ $(document).ready(function () { window.BoomCMS.init({ user: '******' }); $('body').pageEditor({ page: new window.BoomCMS.Page(<?php echo $page->toJson(); ?> ), editable: <?php echo (int) ($editor->isEnabled() && Gate::allows('edit', $page)); ?> }); }); //]]> </script> </body> </html>
if (Gate::allows('edit', $page)) { ?> <button id="b-page-version-status" class="b-button" data-status="<?php echo $page->getCurrentVersion()->status(); ?> "> <?php echo $page->getCurrentVersion()->status(); ?> </button> <?php } ?> <?php if (Gate::allows('delete', $page)) { ?> <?php if ($page->canBeDeleted()) { ?> <?php echo $button('trash-o', 'toolbar.delete', ['id' => 'b-page-delete']); ?> <?php } else { ?> <?php echo $button('trash-o', 'toolbar.nodelete', ['id' => 'b-page-delete', 'disabled' => 'disabled']); ?> <?php }
public function authorize() { return \Gate::allows('create', 'person'); }
/** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { return \Gate::allows('edit_permissions'); }
// composer global require "laravel/lumen-installer" // lumen new project_name // .env APP_ENV APP_DEBUG DB_* // bootstrap/app.php AuthServiceProvider, $app->withFacades(), $app->routeMiddleware(), $app->withEloquent() // ExampleEvent ExampleListener EventServiceProvider // ExampleTest.php phpunit // database/factories/ModelFactory.php Gate::define('update-post', function ($user, $post) { return $user->id === $post->user_id; }); $this->app['auth']->viaRequest('api', function ($request) { $user = Auth::user(); // Return User or null... }); if (Gate::allows('update-post', $post)) { // } if (Gate::denies('update-post', $post)) { abort(403); } $app->group(['middleware' => 'role:editor', 'namespace' => 'App\\Http\\Controllers\\Admin', 'prefix' => 'admin'], function () use($app) { $app->get('/', ['middleware' => 'auth', 'uses' => 'UserController@showProfile']); }); function update(Request $request, $id) { $this->validate($request, ['name' => 'required', 'email' => 'required|email|unique:users']); event(new ExampleEvent()); $name = $request->input('name', 'default_val'); $uri = $request->path(); $uri = $request->has('name');
</label> <label> <p><?php echo trans('boomcms::settings.search.keywords'); ?> </p> <textarea name="keywords" rows="5"><?php echo $page->getKeywords(); ?> </textarea> </label> </section> <?php if (Gate::allows('editSearchAdvanced', $page)) { ?> <section id="advanced"> <h2><?php echo trans('boomcms::settings.advanced'); ?> </h2> <label> <p><?php echo trans('boomcms::settings.search.external'); ?> </p> <select name="external_indexing" id="external_indexing"> <option value="1"<?php if ($page->allowsExternalIndexing()) {
</select> <?php if ($page->hasChildren()) { ?> <?php echo $button('', 'reorder', ['id' => 'b-page-settings-children-reorder', 'class' => 'b-button-textonly']); ?> <?php } ?> </label> </section> <?php if (Gate::allows('editChildrenAdvanced', $page)) { ?> <section id="advanced"> <h2><?php echo trans('boomcms::settings.advanced'); ?> </h2> <label> <p><?php echo trans('boomcms::settings.children.nav'); ?> </p> <select name="children_visible_in_nav" id="children_visible_in_nav"> <option value="1"<?php
echo $compare->getIcon(); ?> "></span> <?php } ?> <p> <?php echo $compare; ?> </p> </div> <?php if ($i > 0 && Gate::allows('publish', $page)) { ?> <a href="#" data-restore="<?php echo $version->getId(); ?> "> <span class="fa fa-undo"></span> <span><?php echo trans('boomcms::settings.history.restore'); ?> </span> </a> <?php } else { ?> <div data-restore=""> </div>
} ?> >Yes</option> <option value=""<?php if (!$page->isVisibleInCmsNav()) { ?> selected="selected"<?php } ?> >No</option> </select> </label> </section> <?php if (Gate::allows('editNavAdvanced', $page)) { ?> <section id='advanced'> <h2><?php echo trans('boomcms::settings.navigation.parent'); ?> </h2> <?php if ($parent = $page->getParent()) { ?> <p> <span class="title"><?php echo $page->getParent()->getTitle(); ?> </span>
protected function notifyUsingKey($key, $locale = null) { if (!$this->suspendUsageLogging) { list($namespace, $group, $item) = $this->parseKey($key); if ($this->manager && $group && $item && !$this->manager->excludedPageEditGroup($group)) { $this->manager->usingKey($namespace, $group, $item, $locale, !\Gate::allows(Manager::ABILITY_BYPASS_LOTTERY)); } } }
?> </div> </div> <div id="b-assets-filters"> <?php echo view('boomcms::assets.search'); ?> <?php echo view('boomcms::assets.search.sort'); ?> </div> <div id="b-assets-content"> <?php if (Gate::allows('uploadAssets', Router::getActiveSite())) { ?> <?php echo view('boomcms::assets.upload'); ?> <?php } ?> <?php echo view('boomcms::assets.thumbs'); ?> </div> </div> <script type="text/template" id="b-assets-view-template">
<?php Event::listen('build.menu', function (Plans\Events\menuRequested $event) { $event->add('buildings', 'Buildings', 'javascript:void(0);', 100, 'building'); $event->add('buildings.index', 'Buildings', URL::route('buildings.index'), 101, 'angle-right'); if (Gate::allows('create_building')) { $event->add('buildings.create', 'New', URL::route('buildings.create'), 102, 'angle-right'); } $event->add('floors', 'Floors', URL::route('floor.index'), 202, 'angle-right'); $event->add('types', 'Types', URL::route('type.index'), 302, 'angle-right'); if (Gate::allows('edit_users')) { $event->add('users', 'Users', 'javascript:void(0);', 500, 'users'); $event->add('users.current', 'Current', URL::route('users.index'), 501, 'angle-right'); $event->add('users.create', 'New', URL::route('users.create'), 502, 'angle-right'); $event->add('users.roles', 'Roles', URL::route('roles.index'), 503, 'angle-right'); $event->add('users.permissions', 'Permissions', URL::route('permissions.index'), 504, 'angle-right'); } });
Route::get('/curOrders', 'BossController@getCurrents'); Route::get('/pastOrders', 'BossController@pastOrders'); //Route::get('/pastOrdersDetails', 'UserController@pastOrdersDetails'); Route::get('/newOrders', 'BossController@getNewOrders'); Route::get('/newOrder/{id}', 'BossController@getNewOrder'); // get new order details Route::post('/approveOrder', 'BossController@postApproveOrder'); Route::get('/users', 'BossController@getUsers'); Route::post('/user', 'BossController@postNewUser'); }); // accounting Route::group(['prefix' => 'accounting'], function () { Route::get('/', 'AccountingController@getProcessOrders'); Route::get('/processOrders', 'AccountingController@getProcessOrders'); //Route::get('/processOrderDetails', 'AccountingController@getProcessOrderDetails'); //Route::post('/orderApprove', 'AccountingController@orderApprove'); Route::get('/pastOrders', 'AccountingController@pastOrders'); //Route::get('/pastOrdersDetails', 'UserController@pastOrdersDetails'); }); Route::get('/', function () { if (Gate::allows('isBoss')) { return redirect('/boss/curOrders'); } elseif (Gate::allows('isAcc')) { return redirect('/accounting/processOrders'); } elseif (Gate::allows('isUser')) { return redirect('/user/curOrder'); } else { return redirect()->action('HomeController@index'); } }); });
/** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { $postId = $this->route('article'); return Gate::allows('update', Post::findOrFail($postId)); // return true; }
$event->add('index', 'Dashboard', URL::route('home'), 1, 'dashboard'); if (Gate::allows('edit_fieldtrips')) { $event->add('fieldtrip', 'Field Trips', 'javascript:void(0);', 5, 'desktop'); $event->add('fieldtrip.current', 'Current', URL::route('fieldtrips.index'), 2, 'angle-right'); $event->add('fieldtrip.create', 'New', URL::route('fieldtrips.create'), 3, 'angle-right'); } $event->add('zone', 'Zones', URL::route('zones.index'), 20, 'pie-chart'); $event->add('route', 'Routes', 'javascript:void(0);', 30, 'bus'); $event->add('route.current', 'Current', URL::route('routes.index'), 31, 'angle-right'); if (Gate::allows('create_routes')) { $event->add('route.create', 'New', URL::route('routes.create'), 32, 'angle-right'); } if (Gate::allows('edit_users')) { $event->add('users', 'Users', 'javascript:void(0);', 500, 'users'); $event->add('users.current', 'Current', URL::route('users.index'), 501, 'angle-right'); $event->add('users.create', 'New', URL::route('users.create'), 502, 'angle-right'); $event->add('users.roles', 'Roles', URL::route('roles.index'), 503, 'angle-right'); $event->add('users.permissions', 'Permissions', URL::route('permissions.index'), 504, 'angle-right'); } if (Gate::allows('edit_adjustments')) { $event->add('actuals', 'Adjustments', 'javascript:void(0);', 600, 'unsorted'); $event->add('actuals.dates', 'Dates', URL::route('actuals.index'), 601, 'angle-right'); $event->add('actuals.hours', 'Hours', URL::route('adjustments.index'), 602, 'angle-right'); } if (Gate::allows('manage_reports')) { $event->add('reports', 'Reports', 'javascript:void(0);', 700, 'bug'); $event->add('reports.overtime', 'OT Offered', URL::route('overtime'), 701, 'angle-right'); $event->add('reports.calendar', 'Calendar', URL::route('calendar'), 702, 'angle-right'); } $event->add('contacts', 'Contacts', URL::route('contacts'), 800, 'phone'); });
/** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { return \Gate::allows('edit_users'); }
public function authorize() { return \Gate::allows('create', 'user'); }
/** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { return \Gate::allows('add_file'); }
<h3><?php echo trans('boomcms::people-manager.groups-heading'); ?> </h3> <p><?php echo trans('boomcms::people-manager.groups'); ?> </p> <?php echo view('boomcms::people-manager.group-select'); ?> </section> <?php if (Gate::allows('manageSites', Router::getActiveSite())) { ?> <section> <h3><?php echo trans('boomcms::people-manager.sites-heading'); ?> </h3> <p><?php echo trans('boomcms::people-manager.sites'); ?> </p> <select name="sites" multiple> <% for (var i in sites.models) { %> <option value="<%= sites.models[i].getId() %>"<%= person.sites.get(sites.models[i].getId()) ? ' selected' : '' %>><%= sites.models[i].getName() %></option> <% } %>
public function postUndelete($group, $key) { if (\Gate::allows(Manager::ABILITY_ADMIN_TRANSLATIONS)) { $key = decodeKey($key); $ltm_translations = $this->manager->getTranslationsTableName(); if (!in_array($group, $this->manager->config(Manager::EXCLUDE_GROUPS_KEY)) && $this->manager->config('admin_enabled')) { //$this->getTranslation()->where('group', $group)->where('key', $key)->delete(); $result = $this->getConnection()->update(<<<SQL UPDATE {$ltm_translations} SET is_deleted = 0 WHERE is_deleted = 1 AND `group` = ? AND `key` = ? SQL , [$group, $key]); } } return array('status' => 'ok'); }