Skip to content

Commit 595f8c6

Browse files
t3rminalVt3rminalV
committed
Manager Role
Added a lower-privileged manager role which has access to limited administrative functionality. Users are still able to perform all the usual self-actions that any user can perform in addition to the following: Manager role permissions: * View admin dashboard * Users * Can * View user list and user details * Cannot * See email addresses * See full names (truncated to first-names only) * See external entity IDs * Create/edit/update/delete * Clans * Can * View clan list and clan details * Cannot * See invite codes * Create/edit/update/delete * Events * Can * View event list and basic event details (top container only) * Manage event seating (view seatmap and place/unplace seats) * Cannot * See seating plans * See ticket types * See ticket mappings * Create/edit/update/delete * Tickets * No access * Settings * No access Requires a db:seed Hopefully addresses #26 and #31
1 parent c4327ad commit 595f8c6

File tree

13 files changed

+539
-456
lines changed

13 files changed

+539
-456
lines changed

app/Http/Controllers/SeatingPlanController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ class SeatingPlanController extends Controller
1212
public function index(Request $request)
1313
{
1414
$query = Event::query();
15-
if (!$request->user()->hasRole('admin')) {
15+
if (!$request->user()->hasAnyRole(['admin','manager'])) {
1616
$query = $query->whereDraft(false);
1717
}
1818
$events = $query->orderBy('starts_at', 'DESC')->with('seatingPlans')->paginate();

app/Models/User.php

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,18 @@ public function hasRole(string|Role $role): bool
6060
return (bool)$this->roles()->whereCode($role)->count();
6161
}
6262

63+
public function hasAnyRole(array $roles): bool
64+
{
65+
foreach ($roles as $role) {
66+
if ($role instanceof Role) {
67+
$role = $role->code;
68+
}
69+
if ($this->roles()->whereCode($role)->count())
70+
return true;
71+
}
72+
return false;
73+
}
74+
6375
public function roles(): BelongsToMany
6476
{
6577
return $this->belongsToMany(Role::class);

app/Policies/EventPolicy.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,6 @@ public function see(User $user, Event $event): bool
1313
if (!$event->draft) {
1414
return true;
1515
}
16-
return $user->hasRole('admin');
16+
return $user->hasAnyRole(['admin', 'manager']);
1717
}
1818
}

app/Providers/AuthServiceProvider.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,5 +28,11 @@ public function boot(): void
2828
Gate::define('viewPulse', function (User $user) {
2929
return $user->hasRole('admin');
3030
});
31+
Gate::define('manager', function (User $user) {
32+
return $user->hasRole('manager');
33+
});
34+
Gate::define('anyPrivilegedRole', function (User $user) {
35+
return $user->hasRole('manager') || $user->hasRole('admin');
36+
});
3137
}
3238
}

database/seeders/RolesSeeder.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ public function run(): void
1515
{
1616
$roles = [
1717
'admin' => 'Admin',
18+
'manager' => 'Manager'
1819
];
1920

2021
foreach ($roles as $code => $name) {

resources/views/admin/clans/index.blade.php

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -32,11 +32,12 @@
3232
'name' => 'Code',
3333
'property' => 'code',
3434
])
35-
@include('partials._searchtextfield', [
36-
'name' => 'Invite Code',
37-
'property' => 'invite_code',
38-
])
39-
35+
@can('admin')
36+
@include('partials._searchtextfield', [
37+
'name' => 'Invite Code',
38+
'property' => 'invite_code',
39+
])
40+
@endcan
4041
</div>
4142
<div class="card-footer d-flex">
4243
<button class="btn btn-primary ms-auto" type="submit">Search</button>
@@ -74,12 +75,14 @@
7475
'field' => 'members_count',
7576
])
7677
</th>
77-
<th>
78-
@include('partials._sortheader', [
79-
'title' => 'Invitation Code',
80-
'field' => 'invite_code',
81-
])
82-
</th>
78+
@can('admin')
79+
<th>
80+
@include('partials._sortheader', [
81+
'title' => 'Invitation Code',
82+
'field' => 'invite_code',
83+
])
84+
</th>
85+
@endcan
8386
<th>
8487
@include('partials._sortheader', [
8588
'title' => 'Created',
@@ -100,7 +103,9 @@
100103
</td>
101104
<td>{{ $clan->code }}</td>
102105
<td>{{ $clan->members_count }}</td>
103-
<td><span class="user-select-all">{{ $clan->invite_code }}</span></td>
106+
@can('admin')
107+
<td><span class="user-select-all">{{ $clan->invite_code }}</span></td>
108+
@endcan
104109
<td>
105110
<span title="{{ $clan->created_at->format('Y-m-d H:i:s') }}">
106111
{{ $clan->created_at->diffForHumans() }}

resources/views/admin/clans/show.blade.php

Lines changed: 37 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -30,11 +30,13 @@
3030
<div class="datagrid-title">Code</div>
3131
<div class="datagrid-content">{{ $clan->code }}</div>
3232
</div>
33-
<div class="datagrid-item">
34-
<div class="datagrid-title">Invite Code</div>
35-
<div class="datagrid-content"><span class="user-select-all">{{ $clan->invite_code }}</span>
33+
@can('admin')
34+
<div class="datagrid-item">
35+
<div class="datagrid-title">Invite Code</div>
36+
<div class="datagrid-content"><span class="user-select-all">{{ $clan->invite_code }}</span>
37+
</div>
3638
</div>
37-
</div>
39+
@endcan
3840
<div class="datagrid-item">
3941
<div class="datagrid-title">Created</div>
4042
<div class="datagrid-content">
@@ -45,21 +47,23 @@
4547
</div>
4648
</div>
4749
</div>
48-
<div class="card-footer align-content-end d-flex btn-list">
49-
<a href="{{ route('admin.clans.delete', $clan->code) }}" class="btn btn-outline-danger">
50-
<i class="icon ti ti-trash"></i>
51-
Delete
52-
</a>
53-
<a href="{{ route('admin.clans.regenerate', $clan->code) }}"
54-
class="btn btn-primary-outline ms-auto">
55-
<i class="icon ti ti-refresh"></i>
56-
Generate New Invite Code
57-
</a>
58-
<a href="{{ route('admin.clans.edit', $clan->code) }}" class="btn btn-primary">
59-
<i class="icon ti ti-edit"></i>
60-
Edit
61-
</a>
62-
</div>
50+
@can('admin')
51+
<div class="card-footer align-content-end d-flex btn-list">
52+
<a href="{{ route('admin.clans.delete', $clan->code) }}" class="btn btn-outline-danger">
53+
<i class="icon ti ti-trash"></i>
54+
Delete
55+
</a>
56+
<a href="{{ route('admin.clans.regenerate', $clan->code) }}"
57+
class="btn btn-primary-outline ms-auto">
58+
<i class="icon ti ti-refresh"></i>
59+
Generate New Invite Code
60+
</a>
61+
<a href="{{ route('admin.clans.edit', $clan->code) }}" class="btn btn-primary">
62+
<i class="icon ti ti-edit"></i>
63+
Edit
64+
</a>
65+
</div>
66+
@endcan
6367
</div>
6468
</div>
6569
</div>
@@ -113,18 +117,20 @@ class="btn btn-primary-outline ms-auto">
113117
{{ $member->created_at->diffForHumans() }}
114118
</span>
115119
</td>
116-
<td class="btn-list">
117-
<a class="btn btn-outline-primary ms-auto"
118-
href="{{ route('admin.clans.members.edit', [$clan->code, $member->id]) }}">
119-
<i class="icon ti ti-edit"></i>
120-
Edit
121-
</a>
122-
<a class="btn btn-outline-danger @if(!$member->canDelete()) disabled @endif"
123-
@if ($member->canDelete()) href="{{ route('admin.clans.members.delete', [$clan->code, $member->id]) }}" @endif>
124-
<i class="icon ti ti-trash"></i>
125-
Remove
126-
</a>
127-
</td>
120+
@can('admin')
121+
<td class="btn-list">
122+
<a class="btn btn-outline-primary ms-auto"
123+
href="{{ route('admin.clans.members.edit', [$clan->code, $member->id]) }}">
124+
<i class="icon ti ti-edit"></i>
125+
Edit
126+
</a>
127+
<a class="btn btn-outline-danger @if(!$member->canDelete()) disabled @endif"
128+
@if ($member->canDelete()) href="{{ route('admin.clans.members.delete', [$clan->code, $member->id]) }}" @endif>
129+
<i class="icon ti ti-trash"></i>
130+
Remove
131+
</a>
132+
</td>
133+
@endcan
128134
</tr>
129135

130136
@empty

resources/views/admin/events/index.blade.php

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -13,14 +13,16 @@
1313
<div class="col page-header mt-2">
1414
<h1>Events</h1>
1515
</div>
16-
<div class="col-auto ms-auto d-print-none">
17-
<div class="btn-list">
18-
<a href="{{ route('admin.events.create') }}" class="btn btn-primary d-inline-block">
19-
<i class="icon ti ti-plus"></i>
20-
Create Event
21-
</a>
16+
@can('admin')
17+
<div class="col-auto ms-auto d-print-none">
18+
<div class="btn-list">
19+
<a href="{{ route('admin.events.create') }}" class="btn btn-primary d-inline-block">
20+
<i class="icon ti ti-plus"></i>
21+
Create Event
22+
</a>
23+
</div>
2224
</div>
23-
</div>
25+
@endcan
2426
</div>
2527
<div class="row">
2628
<div class="col-md-12 col-lg-3 mb-4">

0 commit comments

Comments
 (0)