snipe-it/app/Http/Controllers/PredefinedFilterController.php at bf193f7bd4f90ba8217ba42bf3a5b7f9e529809f · imbus/snipe-it · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php

namespace App\Http\Controllers;

use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use App\Models\PredefinedFilter;
use Illuminate\Contracts\View\View;

class PredefinedFilterController extends Controller
{
    public function index()
    {
        $this->authorize('index', PredefinedFilter::class);

        $user = auth()->user();

        $filters = PredefinedFilter::with('permissionGroups')
            ->orderBy('name')
            ->get()
            ->filter(function ($filter) use ($user) {
                return $filter->userHasPermission($user, 'view');
            });

        return view('predefined-filters.index', compact('filters'));
    }


    /**
    * Show the given Predefined Filter.
    *
    * @param PredefinedFilter
    */
    public function view(PredefinedFilter $filter) : View|RedirectResponse
    {
        $user = auth()->user();

        $filter = PredefinedFilter::find($filter->id);

        if (!$filter) {
            return redirect()->back()->withErrors([
                'message' => trans('admin/predefinedFilters/message.does_not_exist'),
            ]);
        }

        if ($filter->userHasPermission($user, 'view')) {

            return view('predefined-filters.view', compact('filter'));
        }

        return redirect()->route('predefined-filters.index')
            ->with('error', trans('admin/predefinedFilters/message.show.not_allowed'));
    }

    /**
    * Delete the given Predefined Filter.
    *
    * @param  int $id
    */
    public function destroy($id) : RedirectResponse
    {
        $user = auth()->user();

        $filter = PredefinedFilter::find($id);

        if (!$filter) {
            return redirect()->route('predefined-filters.index')
                ->with('error', trans('admin/predefinedFilters/message.does_not_exist'));
        }

        if ($filter->userHasPermission($user, 'delete')) {
            $filter->delete();
            return redirect()->route('predefined-filters.index')
                ->with('success', trans('admin/predefinedFilters/message.delete.success'));
        }

        // It's public, so check permission logic
        if ($filter->is_public) {
            if (!$filter->userHasPermission($user, 'delete')) {
                return redirect()->route('predefined-filters.index')
                    ->with('error', trans('general.insufficient_permissions'));
            }

            $filter->delete();
                return redirect()->route('predefined-filters.index')
                    ->with('success', trans('admin/predefinedFilters/message.delete.success'));
        }

        return redirect()->route('predefined-filters.index')
            ->with('error', trans('general.insufficient_permissions'));
    }
}