/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //get currrnt user $user = \Sentinel::getUser(); if ($user->inRole('coder')) { return $next($request); } else { return \Redirect::back()->with('message', 'You do not have the permission to access this page'); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!\Sentinel::check() || !\Sentinel::getUser()->inRole('admin')) { return redirect('/'); } return $next($request); }
/** * Set the resource's model and validator. * @param ResourceServiceModelContract $model Resource's model * @param InputValidatorContract $inputValidator Resource's input validator */ public function __construct(ResourceServiceModelContract $model, InputValidatorContract $inputValidator = null) { $this->model = $model; $this->inputValidator = $inputValidator; $this->user = new SentinelServiceUserAdapter(\Sentinel::getUser()); // TODO: extract out }
public function index() { $user = \Sentinel::getUser(); if (Sentinel::hasAccess('admin')) { return view('admin.index'); } }
public function logout() { $user = \Sentinel::getUser(); \Sentinel::logout($user); event(new Logout($user->getUserId())); return redirect('/'); }
public function doLogin(Request $request) { // dd($request); //get the users credentials $credentials = ['login' => $request->email]; //check if there is a match for the email and pword provided $user = \Sentinel::findByCredentials($credentials); //if there is no match redirect to login page ith input if (is_null($user)) { // dd($user); session()->flash('flash_message', 'Login failure.'); session()->flash('flash_message_important', true); return \Redirect::back()->withInput(); } //attempt to login $login = isset($request->remember_me) && $request->remember_me == 1 ? $user = \Sentinel::login($user) : ($user = \Sentinel::login($user)); // store user info in session $user = \Sentinel::getUser(); \Session::put('user', $user); //store user's role in session $roles = []; foreach ($user->roles as $role) { $roles[] = $role; } \Session::put('roles', $roles); //store session and term info in session $term_info = DB::table('current_term')->orderBy('created_at', 'desc')->first(); if (null !== $term_info) { \Session::put(['current_session' => $term_info->session, 'current_term' => $term_info->term]); } return \Redirect::intended(); }
/** * Log a user out * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector */ public function logout() { $user = \Sentinel::getUser(); \Sentinel::getUserRepository()->recordLogout($user); \Sentinel::logout(); return redirect('/'); }
public function getHome() { //widget Configurations $user = \Sentinel::getUser(); /* if($user->hasAccess('admin')){ } if($user->hasAccess('member')){ }*/ return view('admin.index', compact('user')); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //get currrnt user $user = \Sentinel::getUser(); if ($user->inRole('admin_dept_officer')) { return $next($request); } else { session()->flash('flash_message', 'You do not have the permission to access this page'); session()->flash('flash_message_important', true); return \Redirect::back(); } }
/** * Set created_by and updated_by to the current logged in user */ public static function boot() { parent::boot(); $user = Sentinel::getUser(); // Setup event bindings... static::creating(function ($model) use($user) { $model->created_by = $user->id; $model->updated_by = $user->id; }); static::updating(function ($model) use($user) { $model->updated_by = $user->id; }); }
/** * extending hieu-le/active function * * @param int $user_id * * @return bool */ function is_admin($user_id = null) { if ($user_id) { $user = Sentinel::findById($user_id); } else { if (Sentinel::check()) { $user = Sentinel::getUser(); } else { return false; } } $admin = Sentinel::findRoleByName('Administrator'); return $user && $user->inRole($admin); }
public function createOrUpdate(Product $product) { if ($product === null) { return null; } $product->save(); if (\Request::input('note')) { $note = new Note(); $note->note = \Request::input('note'); $note->user_id = \Sentinel::getUser()->id; $note->created_by = \Sentinel::getUser()->id; $note->reference_type = 'articles'; $note->reference_id = $product->id; $note->save(); } return $product; }
/** * Register the application services. * * @return void */ public function register() { $this->app->register('ErenMustafaOzdal\\LaravelUserModule\\LaravelUserModuleComposerServiceProvider'); $this->app->register('ErenMustafaOzdal\\LaravelModulesBase\\LaravelModulesBaseServiceProvider'); $this->mergeConfigFrom(__DIR__ . '/../config/laravel-user-module.php', 'laravel-user-module'); // merge default configs with publish configs $this->mergeDefaultConfig(); $router = $this->app['router']; $router->middleware('guest', \ErenMustafaOzdal\LaravelUserModule\Http\Middleware\RedirectIfAuthenticated::class); $router->middleware('auth', \ErenMustafaOzdal\LaravelUserModule\Http\Middleware\Authenticate::class); // model binding $router->bind(config('laravel-user-module.url.user'), function ($id) { $user = \App\User::findOrFail($id); if (config('laravel-user-module.non_visibility.super_admin') && !\Sentinel::getUser()->is_super_admin && $user->is_super_admin) { abort(403); } return $user; }); $router->model(config('laravel-user-module.url.role'), 'App\\Role'); $router->model('role', 'App\\Role'); }
/** * Insert new Article into database * * @return Response Redirect */ public function postEdit($id, ProductRequest $request) { $product = $this->productRepository->findById($id); $product->fill($request->all()); if ($request->input('featured') == null) { $product->featured = false; } $product = $this->productRepository->createOrUpdate($product); $this->registerMediaLibraryProcessing($product); $tags = $product->tags->lists('name')->all(); if (implode(',', $tags) !== $request->get('tag')) { $product->tags()->detach(); $tagInputs = explode(',', $request->get('tag')); foreach ($tagInputs as $tagName) { $tag = $this->tagRepository->findByName($tagName); if ($tag === null) { $tag = new Tag(); $tag->name = $tagName; $tag->user_id = \Sentinel::getUser()->id; $tag = $this->tagRepository->createOrUpdate($tag, $request); } $product->tags()->attach($tag->id); } } event(new AuditHandlerEvent('Product', 'updated', $product->id)); \Cache::forget('home_widget_featured'); if ($request->get('submit') === 'save') { return redirect()->route('products.list')->with('success_msg', trans('notices.update_success_message')); } elseif ($request->get('submit') === 'apply') { return redirect()->route('products.edit', $id)->with('success_msg', trans('notices.update_success_message')); } }
/** * get operation buttons * * @param \Illuminate\Support\Collection $model * @param string $currentPage * @param boolean $isPublishable * @param \Illuminate\Support\Collection|null $relatedModel * @param string $modelRouteRegex * @return string */ function getOps($model, $currentPage, $isPublishable = false, $relatedModel = null, $modelRouteRegex = '') { $routeName = snake_case(class_basename($model)); $routeParams = ['id' => $model->id]; if (!is_null($relatedModel)) { $routeName = snake_case(class_basename($relatedModel)) . '.' . $routeName; $routeParams = ['id' => $relatedModel->id, $modelRouteRegex => $model->id]; } $ops = Form::open(['method' => 'DELETE', 'url' => lmbRoute("admin.{$routeName}.destroy", $routeParams), 'style' => 'margin:0', 'id' => "destroy_form_{$model->id}"]); // edit buton if ($currentPage !== 'edit') { $hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.show") ? "admin.{$routeName}.show#####" . $relatedModel->id : "admin.{$routeName}.edit"; if ($routeName === 'user' && $model->id === Sentinel::getUser()->id || hasPermission($hackedRoute)) { $ops .= '<a href="' . lmbRoute("admin.{$routeName}.edit", $routeParams) . '" class="btn btn-sm btn-outline yellow margin-right-10">'; $ops .= '<i class="fa fa-pencil"></i>'; $ops .= '<span class="hidden-xs">'; $ops .= trans('laravel-modules-core::admin.ops.edit'); $ops .= '</span>'; $ops .= '</a>'; } } // show buton if ($currentPage !== 'show') { $hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.show") ? "admin.{$routeName}.show#####" . $relatedModel->id : "admin.{$routeName}.show"; if ($routeName === 'user' && $model->id === Sentinel::getUser()->id || hasPermission($hackedRoute)) { $ops .= '<a href="' . lmbRoute("admin.{$routeName}.show", $routeParams) . '" class="btn btn-sm btn-outline green margin-right-10">'; $ops .= '<i class="fa fa-search"></i>'; $ops .= '<span class="hidden-xs">'; $ops .= trans('laravel-modules-core::admin.ops.show'); $ops .= '</span>'; $ops .= '</a>'; } } // silme butonu $hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.destroy") ? "admin.{$routeName}.destroy#####" . $relatedModel->id : "admin.{$routeName}.destroy"; if (hasPermission($hackedRoute)) { if ($routeName !== 'user' || $model->id !== Sentinel::getUser()->id) { $ops .= '<button type="submit" onclick="bootbox.confirm( \'' . trans('laravel-modules-core::admin.ops.destroy_confirmation') . '\', function(r){if(r) $(\'#destroy_form_' . $model->id . '\').submit();}); return false;" class="btn btn-sm red btn-outline margin-right-10">'; $ops .= '<i class="fa fa-trash"></i>'; $ops .= '<span class="hidden-xs">'; $ops .= trans('laravel-modules-core::admin.ops.destroy'); $ops .= '</span>'; $ops .= '</button>'; } } // yayınlama veya yayından kaldırma butonu if ($isPublishable) { // yayından kaldırma if ($model->is_publish) { $hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.notPublish") ? "admin.{$routeName}.notPublish#####" . $relatedModel->id : "admin.{$routeName}.notPublish"; if (hasPermission($hackedRoute)) { $ops .= '<a href="' . lmbRoute("admin.{$routeName}.notPublish", $routeParams) . '" class="btn btn-sm btn-outline purple margin-right-10">'; $ops .= '<i class="fa fa-times"></i>'; $ops .= '<span class="hidden-xs">'; $ops .= trans('laravel-modules-core::admin.ops.not_publish'); $ops .= '</span>'; $ops .= '</a>'; } } else { $hackedRoute = !is_null($relatedModel) && routeHackable("admin.{$routeName}.publish") ? "admin.{$routeName}.publish#####" . $relatedModel->id : "admin.{$routeName}.publish"; if (hasPermission($hackedRoute)) { $ops .= '<a href="' . lmbRoute("admin.{$routeName}.publish", $routeParams) . '" class="btn btn-sm btn-outline blue margin-right-10">'; $ops .= '<i class="fa fa-bullhorn"></i>'; $ops .= '<span class="hidden-xs">'; $ops .= trans('laravel-modules-core::admin.ops.publish'); $ops .= '</span>'; $ops .= '</a>'; } } } $ops .= Form::close(); return $ops; }
@extends('app') @section('container') <div class="vd_content-section clearfix"> <div class="row"> <div class="col-sm-3"> <div class="panel widget light-widget panel-bd-top"> <div class="panel-heading no-title"> </div> <div class="panel-body"> <div class="text-center vd_info-parent"> <img src="/images/blog/avatar3.png"> </div> <?php $user = \Sentinel::getUser(); ?> <h2 class="font-semibold mgbt-xs-5">{{ $user->first_name . $user->last_name }}</h2> <div class="mgtp-20"> <table class="table table-striped table-hover"> <tbody> <tr> <td style="width:60%;">Status</td> @if (Activation::completed($user)) <td><span class="label label-success">Active</span></td> @endif </tr> <tr> <td>Member Since</td> <td> {{ Carbon\Carbon::parse($user->created_at)->format('d-m-Y') }} </td> </tr>
public function getLoggedUser() { return \Sentinel::getUser(); }
public function __construct() { $this->beforeFilter('auth'); $this->user = Sentinel::getUser(); }
/** * Upload the image. * * @return Response */ public function upload(Request $request) { if (!$request->file('file')->isValid()) { abort(400, 'Invalid file!'); } $raw = $request->file('file'); // Create model $model = Image::createFromUpload($raw, Sentinel::getUser()->id); return; }
case 'CSV': $method = 'nd'; break; default: $method = 'nw'; break; } $url = str_replace(array('rss.pml.php'), array('rss.php'), $url) . '?f=' . urlencode($file_id) . '&l=' . urlencode(isset($_GET['l']) ? $_GET['l'] : $lang) . '&tz=' . urlencode($tz) . '&format=' . urlencode($format) . '&count=' . (isset($files[$file_id]['max']) ? urlencode($files[$file_id]['max']) : urlencode(LOGS_MAX)) . '&timeout=' . urlencode(MAX_SEARCH_LOG_TIME) . '&search=' . urlencode(@$_POST['search']); $current_user = Sentinel::attempt($files); // We authenticate the url if a user is logged in // -> if log is anonymous, the request will be authenticated and if an admin remove // the anonymous log, this user will always be able to get it // -> if the log file is protected, this user will be able to get ot according to its rights if (!is_null($current_user)) { $username = Sentinel::getCurrentUsername(); $user = Sentinel::getUser($username); $token = $user['at']; $hash = Sentinel::sign(array('f' => $_POST['file']), $username); $url = $url . '&t=' . urlencode($token) . '&h=' . urlencode($hash); } $u = parse_url($url); $ip = $u['host']; if (filter_var($ip, FILTER_VALIDATE_IP)) { $return['war'] = !is_not_local_ip($ip); } else { if ($ip === 'localhost') { $return['war'] = true; } else { $return['war'] = false; } }
public function fetchSheet(Request $request) { // dd($request->class); $class_id = $request->class; $data['title'] = 'Scoresheet'; $data['results_menu'] = 1; //data for selecting class $staff = Staff::find(\Session::get('user')->staff_id); if (\Sentinel::getUser()->inRole('principal') or \Sentinel::getUser()->inRole('coder')) { $data['classes'] = studentClass::lists('name', 'id')->prepend('Select a class'); } else { $classes = array('Please select a class'); foreach ($staff->classes as $class) { $classes[$class->id] = $class->name; } $data['classes'] = $classes; } // dd($request); if ($class_id == 0) { session()->flash('flash_message', 'Select a class'); // session()->flash('flash_message_important', true); return \Redirect::to('academics/results'); } $class = studentClass::where(['id' => $class_id])->first(); $subjects = \DB::table('class_subject')->where(['class_id' => $class_id])->get(); $students = Student::where(['class_id' => $class_id])->get(); //add students to class results table with initial values of zero foreach ($students as $student) { foreach ($class->subjects as $subject) { //ensure that at least a session variable has been set. If there is at least on session variable set, the system will run well else it'll throw an error if (CurrentTerm::all() !== null) { $table = 'class_results_' . \Session::get('current_session') . '_' . \Session::get('current_term'); $positions_table = 'class_positions_' . \Session::get('current_session') . '_' . \Session::get('current_term'); $subject_exemption_table = 'subject_ex_' . \Session::get('current_session') . '_' . \Session::get('current_term'); //initialize class results table try { \DB::table($table)->insert(['class_id' => $class->id, 'student_id' => $student->id, 'subject_id' => $subject->id, 'created_at' => date('Y-m-d H:i:s'), 'updated_at' => date('Y-m-d H:i:s')]); } catch (\Illuminate\Database\QueryException $e) { $errorCode = $e->errorInfo[1]; // if($errorCode == 1062){ // session()->flash('flash_message', 'Session and Term variables have alreaddy been created.'); // return \Redirect::back()->withInput($request->except('element_id', 'amount')); // } } //initialize class positions table try { \DB::table($positions_table)->insert(['class_id' => $class->id, 'student_id' => $student->id]); } catch (\Illuminate\Database\QueryException $e) { $errorCode = $e->errorInfo[1]; // if($errorCode == 1050){ // session()->flash('flash_message', 'Result table for chosen session and term already exists.'); // return \Redirect::back()->withInput(); // } } //initialize subject exemption table try { \DB::table($subject_exemption_table)->insert(['class_id' => $class->id, 'student_id' => $student->id, 'subject_id' => $subject->id]); } catch (\Illuminate\Database\QueryException $e) { $errorCode = $e->errorInfo[1]; if ($errorCode == 1050) { session()->flash('flash_message', 'Result table for chosen session and term already exists.'); return \Redirect::back()->withInput(); } } } else { session()->flash('flash_message', 'Please set session variables. Go to Settings>school settings'); return redirect()->back()->withInput(); } } } $data['class'] = $class; $data['subjects'] = $subjects; $data['students'] = $students; $data['selected_class'] = 1; return view('academics.results.index', $data); }
/** * Display a listing of the resource. * * @return Response */ public function __construct() { $this->user = \Sentinel::getUser(); }
<label for="name" class="control-label">Name</label> <div class="controls"> <input type="text" name="name" id="name" value="<?php echo Sentinel::check() ? Sentinel::getUser()->first_name . " " . Sentinel::getUser()->last_name : ""; ?> " class="form-control" /> </div> </div> </div> <div class="col-lg-6"> <div class="control-group"> <label for="email" class="control-label">Email</label> <div class="controls"> <input type="text" name="email" id="email" value="<?php echo Sentinel::check() ? Sentinel::getUser()->email : ""; ?> " class="form-control" /> </div> </div> </div> </div> <div class="row-fluid"> <div class="col-lg-6"> <div class="control-group"> <label for="subject" class="control-label">Subject</label> <div class="controls"> <input type="text" name="subject" id="subject" value="" class="form-control" /> </div> </div>
public function logout() { // we get the current user $user = \Sentinel::getUser(); // we logout the user try { Sentinel::logout(); Modal::alert([trans('auth.message.logout.success', ['name' => $user->first_name . ' ' . $user->last_name])], 'success'); return redirect(route('home')); } catch (Exception $e) { // we log the error CustomLog::error($e); // we notify the current user Modal::alert([trans('auth.message.logout.failure', ['name' => $user->first_name . ' ' . $user->last_name]), trans('global.message.global.failure.contact.support', ['email' => config('settings.support_email')])], 'error'); return redirect()->back(); } }
/** * @param $id * @return mixed */ public function destroy($id) { // we get the image try { $image = $this->repository->find($id); } catch (Exception $e) { // we notify the current user Modal::alert([trans('libraries.images.message.find.failure', ['id' => $id]), trans('global.message.global.failure.contact.support', ['email' => config('settings.support_email')])], 'error'); return redirect()->back(); } // we check the current user permission if (!Permission::hasPermission('libraries.images.delete')) { // we redirect the current user to the images list if he has the required permission if (Sentinel::getUser()->hasAccess('libraries.images.page.view')) { return redirect()->route('libraries.images.page.edit'); } else { // or we redirect the current user to the home page return redirect()->route('backoffice.index'); } } try { // we remove the news image if ($image->src) { ImageManager::remove($image->src, $image->storagePath(), $image->availableSizes('image')); } // we delete the role $image->delete(); Modal::alert([trans('libraries.images.message.delete.success', ['image' => $image->src])], 'success'); return redirect()->route('libraries.images.index'); } catch (Exception $e) { // we log the error CustomLog::error($e); // we notify the current user Modal::alert([trans('libraries.images.message.delete.failure', ['image' => $image->src]), trans('global.message.global.failure.contact.support', ['email' => config('settings.support_email')])], 'error'); return redirect()->route('libraries.images.index'); } }
public function __construct() { parent::__construct(); $this->user = Sentinel::getUser(); $this->isLoggedIn = Sentinel::check(); }
Sentinel::save(); break; /* |-------------------------------------------------------------------------- | Profile get |-------------------------------------------------------------------------- | */ /* |-------------------------------------------------------------------------- | Profile get |-------------------------------------------------------------------------- | */ case 'profile_get': $user = Sentinel::getUser($current_user); $accesstoken = $user['at']; $hashpresalt = $user['hp']; $r = ''; $r .= '<div class="form-group">'; $r .= '<label for="" class="col-sm-3 control-label">' . __('Access token') . '</label>'; $r .= '<div class="col-sm-5">'; $r .= '<div class="input-group">'; $r .= '<span class="input-group-addon"><span class="glyphicon glyphicon-certificate"></span></span>'; $r .= '<input type="text" id="prat" class="form-control" value="' . h($accesstoken) . '" disabled="disabled"/>'; $r .= '</div>'; $r .= '</div>'; $r .= '<div class="col-sm-4">'; $r .= '<a class="btn btn-xs btn-primary clipboardat">' . __('Copy to clipboard') . '</a>'; $r .= '</div>'; $r .= '</div>';
/** * Display a listing of the resource. * * @return Response */ public function index() { $allpayments = Payments::paginate(15); return view('settings.payments.index', array('user' => \Sentinel::getUser(), 'payments' => $allpayments)); }
/** * Return current active user id * * @return int */ protected function getUserId() { try { if (class_exists('\\Auth') && ($userId = \Auth::id())) { return $userId; } } catch (\Exception $e) { } try { if (class_exists('\\Sentinel') && ($user = \Sentinel::getUser())) { return $user->id; } } catch (\Exception $e) { } try { if (class_exists('\\Sentry') && ($user = \Sentry::getUser())) { return $user->id; } } catch (\Exception $e) { } }
<body> <div id="wrapper"> <!-- Navigation --> <nav class="navbar navbar-default navbar-static-top" role="navigation" style="margin-bottom: 0"> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <?php $admin = \Sentinel::getUser(); ?> <a class="navbar-brand" href="index">{{ $admin->first_name }}</a> </div> <!-- /.navbar-header --> <ul class="nav navbar-top-links navbar-right"> <li class="dropdown"> <a href="/"> <i class="fa fa-home"></i> Home </a> </li> <!-- /.dropdown -->