From eac17f08f5580fc7916b1a269cf08cef6ecd9e51 Mon Sep 17 00:00:00 2001 From: Jaco Date: Tue, 23 Apr 2024 14:07:57 +0200 Subject: [PATCH 1/4] Basic admin authorization --- app/Http/Controllers/HomeController.php | 14 +++--- app/Http/Controllers/UserController.php | 9 +++- app/Http/Kernel.php | 1 + app/Http/Middleware/AdminMiddleware.php | 26 ++++++++++ .../components/Admin/AdminSettingsLayout.vue | 13 ++++- .../js/components/Admin/AdminUserSettings.vue | 16 +++---- resources/js/components/Layout.vue | 47 ++++++++++--------- resources/views/home.blade.php | 2 +- routes/web.php | 26 +++++----- 9 files changed, 104 insertions(+), 50 deletions(-) create mode 100644 app/Http/Middleware/AdminMiddleware.php diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php index 9d666ccd..8ed7ffde 100755 --- a/app/Http/Controllers/HomeController.php +++ b/app/Http/Controllers/HomeController.php @@ -14,7 +14,7 @@ use App\Http\Requests\Home\GetConfigRequest; class HomeController extends Controller { - + private $statisticsService; private $goalService; @@ -29,12 +29,14 @@ public function index() { $selectedLanguage = Auth::user()->selected_language; $userCount = User::count(); $userName = Auth::user()->name; + $isAdmin = Auth::user()->is_admin; $theme = $_COOKIE['theme'] ?? 'light'; - + return view('home', [ 'language' => $selectedLanguage, 'userCount' => $userCount, 'userName' => $userName, + 'isAdmin' => $isAdmin, 'theme' => $theme ]); } @@ -78,7 +80,7 @@ public function getConfig($configPath, GetConfigRequest $request) { public function getUserManualTree() { $manualTree = []; - + $path = public_path('./../manual/'); $files = scandir($path); @@ -108,7 +110,7 @@ public function getUserManualTree() { $subPageName = str_replace("\r\n", '', $subPageName); $subPageName = str_replace("\n", '', $subPageName); $subPageName = str_replace("\n", '', $subPageName); - + $subPage = new \stdClass(); $subPage->id = $index; $subPage->name = $subPageName; @@ -118,10 +120,10 @@ public function getUserManualTree() { $index ++; } } - + fclose($handle); } - + if (count($subPages)) { $page->children = $subPages; } diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index 8d4caef6..5caaa1d3 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -22,6 +22,11 @@ public function __construct(UserService $userService) { } + public function isAdmin() { + $isAdmin = Auth::user()->is_admin; + return response($isAdmin, 200); + } + public function isUserPasswordChanged() { $passwordChanged = Auth::user()->password_changed; return response($passwordChanged, 200); @@ -40,13 +45,13 @@ public function getUsers() { public function updatePassword(UpdatePasswordRequest $request) { $user = Auth::user(); $password = $request->post('password'); - + try { $this->userService->updatePassword($user, $password); } catch(\Exception $e) { abort(500, $e->getMessage()); } - + return response()->json('Password has been updated successfully.', 200); } diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 30020a50..db5f5031 100755 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -53,6 +53,7 @@ class Kernel extends HttpKernel * @var array */ protected $routeMiddleware = [ + 'admin' => \App\Http\Middleware\AdminMiddleware::class, 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, diff --git a/app/Http/Middleware/AdminMiddleware.php b/app/Http/Middleware/AdminMiddleware.php new file mode 100644 index 00000000..bdb8c25f --- /dev/null +++ b/app/Http/Middleware/AdminMiddleware.php @@ -0,0 +1,26 @@ +is_admin) { + // If the user is not logged in or not an admin, redirect or handle as necessary + return response()->json(['error' => 'You do not have permission to access this resource.'], 403); + } + return $next($request); + } +} diff --git a/resources/js/components/Admin/AdminSettingsLayout.vue b/resources/js/components/Admin/AdminSettingsLayout.vue index 16cd6265..18f0b751 100644 --- a/resources/js/components/Admin/AdminSettingsLayout.vue +++ b/resources/js/components/Admin/AdminSettingsLayout.vue @@ -1,5 +1,5 @@