geolba/tethys
6
0
Fork 0
Code Issues 2 Pull Requests Packages Projects 1 Releases Wiki Activity

- nur user kann sich selbst editieren

Browse Source 
- admin kann alles user editieren
This commit is contained in:
Arno Kaimbacher 2019-05-16 10:34:04 +02:00
parent aac9196650
commit abc0360835
5 changed files with 105 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Http/Controllers/Publish/IndexController.php
View File

@ -6,7 +6,6 @@ use App\Models\Dataset;
use App\Http\Controllers\Controller;
use App\Models\License;
use App\Models\File;
use App\Models\Person;
use App\Models\Project;
use App\Models\Title;
use App\Models\Description;

86
app/Http/Controllers/Settings/Access/UserController.php
View File

@ -5,6 +5,8 @@ use App\Http\Controllers\Controller;
use App\Models\Role;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Auth;
class UserController extends Controller
{
@ -105,14 +107,23 @@ class UserController extends Controller
public function edit($id)
{
$user = User::find($id);
$roles = Role::all('id', 'name');
if ($user == null) {
return abort(404, 'User not found.');
}
$roles = Role::all('id', 'name');
//$userRoles = $user->roles->pluck('name','name')->all();
$checkeds = $user->roles->pluck('id')->toArray();
return view('settings.access.user.edit', compact('user', 'roles', 'checkeds'));
}
private function validateUser($id, $current_password)
{
$user = User::findOrFail($id);
return Hash::check($current_password, $user->password);
}
/**
* Update the specified resource in storage.
*
@ -122,36 +133,69 @@ class UserController extends Controller
*/
public function update(Request $request, $id)
{
// if model state is valid
$this->validate(request(), [
'login' => 'required',
'email' => 'required|email|unique:accounts,email,' . $id,
'password' => 'required|min:6|confirmed',
'password' => 'nullable|min:6|confirmed',
//'current_password' => 'required_with:password'
]);
$valid = true;
$user = User::findOrFail($id);
// $input = $request->except('roles');
// $user->fill($input)->save();
$roles = Role::all('id', 'name');
$input = $request->all();
$flash_message = '';
$errors = new \Illuminate\Support\MessageBag();
$input = $request->only(['login', 'email', 'password']); //Retreive the name, email and password fields
//$input = $request->all();
$user->login = $input['login'];
$user->email = $input['email'];
$user->password = bcrypt($input['password']);
$user->save();
if (array_key_exists('current_password', $input)) {
// if user is not admin he must enter old_password if a new password is defined
if (!Auth::user()->hasRole('Administrator') && $input['current_password'] == null && $input['password'] != null) {
//ModelState.AddModelError("OldPassword", Resources.User_Edit_OldPasswordEmpty);
//$flash_message = 'Current password should not be empty.';
// add your error messages:
$errors->add('your_custom_error', 'Current password cannot not be empty, if you define a new password');
$valid = false;
}
$roles = $request['roles']; //Retreive all roles
if (isset($roles)) {
$user->roles()->sync($roles); //If one or more role is selected associate user to roles
} else {
$user->roles()->detach(); //If no role is selected remove exisiting role associated to a user
if ($input['current_password'] != null && $this->validateUser($user->id, $input['current_password']) == false) {
//$flash_message = 'Password does not match the current password.';
$errors->add('your_custom_error', 'Password does not match the current password.');
$valid = false;
}
}
//return back()->with('flash_message', 'user successfully updated.');
return redirect()
->route('access.user.index')
->with('flash_message', 'User successfully edited.');
//$input = $request->only(['login', 'email', 'password']); //Retreive the name, email and password fields
if ($valid == true) {
$user->login = $input['login'];
$user->email = $input['email'];
if ($input['password']) {
$user->password = Hash::make($input['password']);
}
$user->save();
$roles = $request['roles']; //Retreive all roles
if (array_key_exists('roles', $input)) {
if (isset($roles)) {
$user->roles()->sync($roles); //If one or more role is selected associate user to roles
} else {
$user->roles()->detach(); //If no role is selected remove exisiting role associated to a user
}
}
return back()->with('flash_message', 'user successfully updated.');
// return redirect()
// ->route('access.user.index')
// ->with('flash_message', 'User successfully edited.');
}
return back()
->withInput($input)
->withErrors($errors);
}
/**

31
resources/views/settings/access/user/edit.blade.php
View File

@ -10,12 +10,12 @@
<div class="pure-g box-content">
<div class="pure-u-1 pure-u-md-2-3">
<div>
{{-- <div>
<a href="{{ route('access.user.index') }}" class="pure-button button-small">
<i class="fa fa-chevron-left"></i>
<span>BACK</span>
</a>
</div>
</div> --}}
@if (count($errors) > 0)
<div class="alert alert-danger">
@ -40,36 +40,45 @@
<div class="pure-control-group @if ($errors->has('email')) field-validation-error @endif">
<label>Email:</label>
{!! Form::text('email', null, array('placeholder' => 'Email','class' => 'form-control')) !!}
{!! Form::text('email', null, array('readonly', 'placeholder' => 'Email','class' => 'form-control')) !!}
<em>*</em>
</div>
@if (!Auth::user()->hasRole("administrator"))
<div class="pure-control-group">
{!! Form::label('current_password', 'Current Password:') !!}
{!! Form::password ('current_password', null, array('placeholder' => 'current password', 'id' => 'old_password', 'class' => 'form-control')) !!}
{{-- <em>*</em> --}}
</div>
@endif
<div class="pure-control-group @if ($errors->has('password')) field-validation-error @endif">
<label>Password:</label>
{!! Form::password('password', array('placeholder' => 'Password','class' => 'form-control')) !!}
<em>*</em>
<label>New Password:</label>
{!! Form::password('password', array('placeholder' => 'new password','class' => 'form-control')) !!}
</div>
<div class="pure-control-group @if ($errors->has('password')) field-validation-error @endif">
<label>Confirm Password:</label>
{!! Form::password('password_confirmation', array('placeholder' => 'Confirm Password','class' => 'form-control')) !!}
<em>*</em>
{!! Form::password('password_confirmation', array('placeholder' => 'confirm password','class' => 'form-control')) !!}
</div>
@if (Auth::user()->hasRole("administrator"))
<h5><b>Assign Roles</b></h5>
<div class="pure-control-group checkboxlist @if ($errors->has('roles')) field-validation-error @endif">
<!-- <label for="Roles">Assign Roles</label>-->
@foreach ($roles as $role)
<label for={{"role". $role->id }} class="pure-checkbox">
<input name="roles[]" value={{ $role->id }} {{ (in_array($role->id, $checkeds)) ? 'checked=checked' : '' }} type="checkbox" class="form-check-input">
{{ $role->name }}
</label>
</label>
@endforeach
<i class="fa fa-info-circle" title="Administrators have access to all datasets and are allowed to do all operations with datasets and users."></i>
</div>
@endif
<button type="submit" class="pure-button button-small">Save</button>

15
resources/views/settings/layouts/app.blade.php
View File

@ -147,17 +147,18 @@
<a class="pure-menu-link" href="{{ route('login') }}">LOGIN</a>
</li>
@else
<li class="pure-menu-item {{ Route::is('access.user.edit') ? 'active' : '' }}">
<a class="pure-menu-link" href="{{ route('access.user.edit',['id'=>Auth::user()->id]) }}"><i class="fa fa-user"></i> EDIT</a>
</li>
@permission('settings')
<li class="pure-menu-item {{ Route::is('access.user.*') ? 'active' : '' }}">
<li class="pure-menu-item {{ Route::is('access.user.index') ? 'active' : '' }}">
<a class="pure-menu-link" href="{{route('access.user.index') }}"><i class="fa fa-users"></i> User Management</a>
</li>
<li class="pure-menu-item {{ Route::is('access.role.*') ? 'active' : '' }}">
<a class="pure-menu-link" href="{{route('access.role.index') }}"><i class="fa fa-key"></i> Role Management</a>
</li>
<li class="pure-menu-item">
<a class="pure-menu-link" href="{{ route('access.user.edit',['id'=>Auth::user()->id]) }}"><i class="fa fa-user"></i> EDIT</a>
</li>
</li>
@endpermission
{{-- <li class="pure-menu-item">
<a class="pure-menu-link" href="{{ route('logout') }}"><i class="fas fa-sign-out-alt"></i> Logout</a>
</li> --}}
@ -187,7 +188,9 @@
<div class="pure-u-1-2 text-right">
<section class="user-info">
@if(Auth::user())
<i class="fa fa-user"></i> <a href="#" rel="User">{{ Auth::user()->login }}</a>
{{-- <i class="fa fa-user"></i>
<a href="#" rel="User">{{ Auth::user()->login }}</a> --}}
<a href="{{ route('access.user.edit',['id'=>Auth::user()->id]) }}"><i class="fa fa-user"></i> {{ Auth::user()->login }}</a>
<span class="divider"></span>
<i class="fas fa-sign-out-alt"></i><a href="{{ route('logout') }}">Logout</a>
{{-- <span class="divider"></span> --}}

23
routes/web.php
View File

@ -140,46 +140,45 @@ Route::group(
Route::group(
[
'namespace' => 'Settings\Access',
'middleware' => ['permission:settings'],
'prefix' => 'settings/access',
'as' => 'access.',
],
function () {
//Route::resource('users','UserController');
Route::get('user', [
'as' => 'user.index', 'uses' => 'UserController@index',
'as' => 'user.index', 'uses' => 'UserController@index', 'middleware' => ['permission:settings'],
]);
Route::get('user/create', [
'as' => 'user.create', 'uses' => 'UserController@create',
'as' => 'user.create', 'uses' => 'UserController@create', 'middleware' => ['permission:settings'],
]);
Route::post('user/store', [
'as' => 'user.store', 'uses' => 'UserController@store',
'as' => 'user.store', 'uses' => 'UserController@store','middleware' => ['permission:settings'],
]);
Route::get('user/edit/{id}', [
'as' => 'user.edit', 'uses' => 'UserController@edit',
'as' => 'user.edit', 'uses' => 'UserController@edit', 'middleware' => ['auth']
]);
Route::patch('user/update/{id}', [
'as' => 'user.update', 'uses' => 'UserController@update',
'as' => 'user.update', 'uses' => 'UserController@update', 'middleware' => ['auth']
]);
Route::get('user/destroy/{id}', [
'as' => 'user.destroy', 'uses' => 'UserController@destroy',
'as' => 'user.destroy', 'uses' => 'UserController@destroy','middleware' => ['permission:settings'],
]);
//Route::resource('users','RoleController');
Route::get('role', [
'as' => 'role.index', 'uses' => 'RoleController@index',
'as' => 'role.index', 'uses' => 'RoleController@index', 'middleware' => ['permission:settings'],
]);
Route::get('role/create', [
'as' => 'role.create', 'uses' => 'RoleController@create',
'as' => 'role.create', 'uses' => 'RoleController@create','middleware' => ['permission:settings'],
]);
Route::post('role/store', [
'as' => 'role.store', 'uses' => 'RoleController@store',
'as' => 'role.store', 'uses' => 'RoleController@store','middleware' => ['permission:settings'],
]);
Route::get('role/edit/{id}', [
'as' => 'role.edit', 'uses' => 'RoleController@edit',
'as' => 'role.edit', 'uses' => 'RoleController@edit','middleware' => ['permission:settings'],
]);
Route::patch('role/update/{id}', [
'as' => 'role.update', 'uses' => 'RoleController@update',
'as' => 'role.update', 'uses' => 'RoleController@update','middleware' => ['permission:settings'],
]);
}
);