- nur user kann sich selbst editieren
- admin kann alles user editieren
This commit is contained in:
parent
aac9196650
commit
abc0360835
|
@ -6,7 +6,6 @@ use App\Models\Dataset;
|
|||
use App\Http\Controllers\Controller;
|
||||
use App\Models\License;
|
||||
use App\Models\File;
|
||||
use App\Models\Person;
|
||||
use App\Models\Project;
|
||||
use App\Models\Title;
|
||||
use App\Models\Description;
|
||||
|
|
|
@ -5,6 +5,8 @@ use App\Http\Controllers\Controller;
|
|||
use App\Models\Role;
|
||||
use App\Models\User;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class UserController extends Controller
|
||||
{
|
||||
|
@ -105,14 +107,23 @@ class UserController extends Controller
|
|||
public function edit($id)
|
||||
{
|
||||
$user = User::find($id);
|
||||
$roles = Role::all('id', 'name');
|
||||
if ($user == null) {
|
||||
return abort(404, 'User not found.');
|
||||
}
|
||||
|
||||
$roles = Role::all('id', 'name');
|
||||
//$userRoles = $user->roles->pluck('name','name')->all();
|
||||
$checkeds = $user->roles->pluck('id')->toArray();
|
||||
|
||||
return view('settings.access.user.edit', compact('user', 'roles', 'checkeds'));
|
||||
}
|
||||
|
||||
private function validateUser($id, $current_password)
|
||||
{
|
||||
$user = User::findOrFail($id);
|
||||
return Hash::check($current_password, $user->password);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the specified resource in storage.
|
||||
*
|
||||
|
@ -122,36 +133,69 @@ class UserController extends Controller
|
|||
*/
|
||||
public function update(Request $request, $id)
|
||||
{
|
||||
|
||||
// if model state is valid
|
||||
$this->validate(request(), [
|
||||
'login' => 'required',
|
||||
'email' => 'required|email|unique:accounts,email,' . $id,
|
||||
'password' => 'required|min:6|confirmed',
|
||||
'password' => 'nullable|min:6|confirmed',
|
||||
//'current_password' => 'required_with:password'
|
||||
]);
|
||||
|
||||
$valid = true;
|
||||
$user = User::findOrFail($id);
|
||||
// $input = $request->except('roles');
|
||||
// $user->fill($input)->save();
|
||||
$roles = Role::all('id', 'name');
|
||||
$input = $request->all();
|
||||
$flash_message = '';
|
||||
$errors = new \Illuminate\Support\MessageBag();
|
||||
|
||||
$input = $request->only(['login', 'email', 'password']); //Retreive the name, email and password fields
|
||||
//$input = $request->all();
|
||||
if (array_key_exists('current_password', $input)) {
|
||||
// if user is not admin he must enter old_password if a new password is defined
|
||||
if (!Auth::user()->hasRole('Administrator') && $input['current_password'] == null && $input['password'] != null) {
|
||||
//ModelState.AddModelError("OldPassword", Resources.User_Edit_OldPasswordEmpty);
|
||||
//$flash_message = 'Current password should not be empty.';
|
||||
// add your error messages:
|
||||
$errors->add('your_custom_error', 'Current password cannot not be empty, if you define a new password');
|
||||
$valid = false;
|
||||
}
|
||||
|
||||
|
||||
if ($input['current_password'] != null && $this->validateUser($user->id, $input['current_password']) == false) {
|
||||
//$flash_message = 'Password does not match the current password.';
|
||||
$errors->add('your_custom_error', 'Password does not match the current password.');
|
||||
$valid = false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
//$input = $request->only(['login', 'email', 'password']); //Retreive the name, email and password fields
|
||||
if ($valid == true) {
|
||||
$user->login = $input['login'];
|
||||
$user->email = $input['email'];
|
||||
$user->password = bcrypt($input['password']);
|
||||
if ($input['password']) {
|
||||
$user->password = Hash::make($input['password']);
|
||||
}
|
||||
|
||||
$user->save();
|
||||
|
||||
$roles = $request['roles']; //Retreive all roles
|
||||
|
||||
if (array_key_exists('roles', $input)) {
|
||||
if (isset($roles)) {
|
||||
$user->roles()->sync($roles); //If one or more role is selected associate user to roles
|
||||
} else {
|
||||
$user->roles()->detach(); //If no role is selected remove exisiting role associated to a user
|
||||
}
|
||||
}
|
||||
|
||||
//return back()->with('flash_message', 'user successfully updated.');
|
||||
return redirect()
|
||||
->route('access.user.index')
|
||||
->with('flash_message', 'User successfully edited.');
|
||||
return back()->with('flash_message', 'user successfully updated.');
|
||||
// return redirect()
|
||||
// ->route('access.user.index')
|
||||
// ->with('flash_message', 'User successfully edited.');
|
||||
}
|
||||
return back()
|
||||
->withInput($input)
|
||||
->withErrors($errors);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -10,12 +10,12 @@
|
|||
|
||||
<div class="pure-g box-content">
|
||||
<div class="pure-u-1 pure-u-md-2-3">
|
||||
<div>
|
||||
{{-- <div>
|
||||
<a href="{{ route('access.user.index') }}" class="pure-button button-small">
|
||||
<i class="fa fa-chevron-left"></i>
|
||||
<span>BACK</span>
|
||||
</a>
|
||||
</div>
|
||||
</div> --}}
|
||||
|
||||
@if (count($errors) > 0)
|
||||
<div class="alert alert-danger">
|
||||
|
@ -40,36 +40,45 @@
|
|||
|
||||
<div class="pure-control-group @if ($errors->has('email')) field-validation-error @endif">
|
||||
<label>Email:</label>
|
||||
{!! Form::text('email', null, array('placeholder' => 'Email','class' => 'form-control')) !!}
|
||||
{!! Form::text('email', null, array('readonly', 'placeholder' => 'Email','class' => 'form-control')) !!}
|
||||
<em>*</em>
|
||||
</div>
|
||||
|
||||
@if (!Auth::user()->hasRole("administrator"))
|
||||
<div class="pure-control-group">
|
||||
{!! Form::label('current_password', 'Current Password:') !!}
|
||||
{!! Form::password ('current_password', null, array('placeholder' => 'current password', 'id' => 'old_password', 'class' => 'form-control')) !!}
|
||||
{{-- <em>*</em> --}}
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div class="pure-control-group @if ($errors->has('password')) field-validation-error @endif">
|
||||
<label>Password:</label>
|
||||
{!! Form::password('password', array('placeholder' => 'Password','class' => 'form-control')) !!}
|
||||
<em>*</em>
|
||||
<label>New Password:</label>
|
||||
{!! Form::password('password', array('placeholder' => 'new password','class' => 'form-control')) !!}
|
||||
|
||||
</div>
|
||||
|
||||
<div class="pure-control-group @if ($errors->has('password')) field-validation-error @endif">
|
||||
<label>Confirm Password:</label>
|
||||
{!! Form::password('password_confirmation', array('placeholder' => 'Confirm Password','class' => 'form-control')) !!}
|
||||
<em>*</em>
|
||||
{!! Form::password('password_confirmation', array('placeholder' => 'confirm password','class' => 'form-control')) !!}
|
||||
|
||||
</div>
|
||||
|
||||
@if (Auth::user()->hasRole("administrator"))
|
||||
<h5><b>Assign Roles</b></h5>
|
||||
<div class="pure-control-group checkboxlist @if ($errors->has('roles')) field-validation-error @endif">
|
||||
<!-- <label for="Roles">Assign Roles</label>-->
|
||||
|
||||
|
||||
@foreach ($roles as $role)
|
||||
|
||||
<label for={{"role". $role->id }} class="pure-checkbox">
|
||||
<input name="roles[]" value={{ $role->id }} {{ (in_array($role->id, $checkeds)) ? 'checked=checked' : '' }} type="checkbox" class="form-check-input">
|
||||
{{ $role->name }}
|
||||
</label>
|
||||
|
||||
@endforeach
|
||||
<i class="fa fa-info-circle" title="Administrators have access to all datasets and are allowed to do all operations with datasets and users."></i>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<button type="submit" class="pure-button button-small">Save</button>
|
||||
|
||||
|
|
|
@ -147,17 +147,18 @@
|
|||
<a class="pure-menu-link" href="{{ route('login') }}">LOGIN</a>
|
||||
</li>
|
||||
@else
|
||||
<li class="pure-menu-item {{ Route::is('access.user.edit') ? 'active' : '' }}">
|
||||
<a class="pure-menu-link" href="{{ route('access.user.edit',['id'=>Auth::user()->id]) }}"><i class="fa fa-user"></i> EDIT</a>
|
||||
</li>
|
||||
@permission('settings')
|
||||
<li class="pure-menu-item {{ Route::is('access.user.*') ? 'active' : '' }}">
|
||||
<li class="pure-menu-item {{ Route::is('access.user.index') ? 'active' : '' }}">
|
||||
<a class="pure-menu-link" href="{{route('access.user.index') }}"><i class="fa fa-users"></i> User Management</a>
|
||||
</li>
|
||||
<li class="pure-menu-item {{ Route::is('access.role.*') ? 'active' : '' }}">
|
||||
<a class="pure-menu-link" href="{{route('access.role.index') }}"><i class="fa fa-key"></i> Role Management</a>
|
||||
</li>
|
||||
<li class="pure-menu-item">
|
||||
<a class="pure-menu-link" href="{{ route('access.user.edit',['id'=>Auth::user()->id]) }}"><i class="fa fa-user"></i> EDIT</a>
|
||||
</li>
|
||||
@endpermission
|
||||
|
||||
{{-- <li class="pure-menu-item">
|
||||
<a class="pure-menu-link" href="{{ route('logout') }}"><i class="fas fa-sign-out-alt"></i> Logout</a>
|
||||
</li> --}}
|
||||
|
@ -187,7 +188,9 @@
|
|||
<div class="pure-u-1-2 text-right">
|
||||
<section class="user-info">
|
||||
@if(Auth::user())
|
||||
<i class="fa fa-user"></i> <a href="#" rel="User">{{ Auth::user()->login }}</a>
|
||||
{{-- <i class="fa fa-user"></i>
|
||||
<a href="#" rel="User">{{ Auth::user()->login }}</a> --}}
|
||||
<a href="{{ route('access.user.edit',['id'=>Auth::user()->id]) }}"><i class="fa fa-user"></i> {{ Auth::user()->login }}</a>
|
||||
<span class="divider"></span>
|
||||
<i class="fas fa-sign-out-alt"></i><a href="{{ route('logout') }}">Logout</a>
|
||||
{{-- <span class="divider"></span> --}}
|
||||
|
|
|
@ -140,46 +140,45 @@ Route::group(
|
|||
Route::group(
|
||||
[
|
||||
'namespace' => 'Settings\Access',
|
||||
'middleware' => ['permission:settings'],
|
||||
'prefix' => 'settings/access',
|
||||
'as' => 'access.',
|
||||
],
|
||||
function () {
|
||||
//Route::resource('users','UserController');
|
||||
Route::get('user', [
|
||||
'as' => 'user.index', 'uses' => 'UserController@index',
|
||||
'as' => 'user.index', 'uses' => 'UserController@index', 'middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::get('user/create', [
|
||||
'as' => 'user.create', 'uses' => 'UserController@create',
|
||||
'as' => 'user.create', 'uses' => 'UserController@create', 'middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::post('user/store', [
|
||||
'as' => 'user.store', 'uses' => 'UserController@store',
|
||||
'as' => 'user.store', 'uses' => 'UserController@store','middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::get('user/edit/{id}', [
|
||||
'as' => 'user.edit', 'uses' => 'UserController@edit',
|
||||
'as' => 'user.edit', 'uses' => 'UserController@edit', 'middleware' => ['auth']
|
||||
]);
|
||||
Route::patch('user/update/{id}', [
|
||||
'as' => 'user.update', 'uses' => 'UserController@update',
|
||||
'as' => 'user.update', 'uses' => 'UserController@update', 'middleware' => ['auth']
|
||||
]);
|
||||
Route::get('user/destroy/{id}', [
|
||||
'as' => 'user.destroy', 'uses' => 'UserController@destroy',
|
||||
'as' => 'user.destroy', 'uses' => 'UserController@destroy','middleware' => ['permission:settings'],
|
||||
]);
|
||||
|
||||
//Route::resource('users','RoleController');
|
||||
Route::get('role', [
|
||||
'as' => 'role.index', 'uses' => 'RoleController@index',
|
||||
'as' => 'role.index', 'uses' => 'RoleController@index', 'middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::get('role/create', [
|
||||
'as' => 'role.create', 'uses' => 'RoleController@create',
|
||||
'as' => 'role.create', 'uses' => 'RoleController@create','middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::post('role/store', [
|
||||
'as' => 'role.store', 'uses' => 'RoleController@store',
|
||||
'as' => 'role.store', 'uses' => 'RoleController@store','middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::get('role/edit/{id}', [
|
||||
'as' => 'role.edit', 'uses' => 'RoleController@edit',
|
||||
'as' => 'role.edit', 'uses' => 'RoleController@edit','middleware' => ['permission:settings'],
|
||||
]);
|
||||
Route::patch('role/update/{id}', [
|
||||
'as' => 'role.update', 'uses' => 'RoleController@update',
|
||||
'as' => 'role.update', 'uses' => 'RoleController@update','middleware' => ['permission:settings'],
|
||||
]);
|
||||
}
|
||||
);
|
||||
|
|
Loading…
Reference in New Issue
Block a user