Merge branch 'development'

Author: rappasoft

CHANGELOG.md

@@ -3,6 +3,35 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+## 7.2.0 - 2020-07-25
+
+## Added
+
+- Added gravatar to frontend navbar
+- Added breadcrumbs on the frontend on pages that it would benefit on. Added a config item to be able to turn it off. If there are no breadcrumbs for a page the bar won't show.
+- Added SuperAdminCheck, AdminCheck and UserCheck middleware
+- Added scopes for user types
+- Added GET form component
+- Added back ARCANEDEV/LogViewer
+- Add container to all frontend views
+- Publish laravel error pages
+
+## Changed
+
+- Update to Laravel commit: 791c87a80d1c5eebd75e1bf499f86899d6b2b26f
+- Change alpine.js @click and @change methods to use x-on/x-change to not interfere with Vue
+- Default old request for user edit page
+- Wrapped backend breadcrumbs in conditional so if there are no breadcrumbs for that page the just don't show.
+- Allow UserTypeCheck to accept multiple types
+- Full width frontend messages partial
+- Prefix all admin permissions with admin. and refactor.
+- Italian language updates
+
+## Removed
+
+- Removed an un-needed redirect from LoginController
+- Remove container from frontend master view
+
 ## [7.1.1] - 2020-07-12
 
 ## Added

app/Domains/Auth/Http/Controllers/Backend/User/DeactivatedUserController.php

@@ -48,7 +48,7 @@ public function update(Request $request, User $user, $status)
         $this->userService->mark($user, (int) $status);
 
         return redirect()->route(
-            (int) $status === 1 || ! $request->user()->can('access.user.reactivate') ?
+            (int) $status === 1 || ! $request->user()->can('admin.access.user.reactivate') ?
                 'admin.auth.user.index' :
                 'admin.auth.user.deactivated'
         )->withFlashSuccess(__('The user was successfully updated.'));

app/Domains/Auth/Http/Controllers/Frontend/Auth/LoginController.php

@@ -95,7 +95,7 @@ protected function attemptLogin(Request $request)
      * @param  Request  $request
      * @param $user
      *
-     * @return \Illuminate\Http\RedirectResponse
+     * @return mixed
      */
     protected function authenticated(Request $request, $user)
     {
@@ -110,7 +110,5 @@ protected function authenticated(Request $request, $user)
         if (config('boilerplate.access.user.single_login')) {
             auth()->logoutOtherDevices($request->password);
         }
-
-        return redirect()->intended($this->redirectPath());
     }
 }

app/Domains/Auth/Http/Middleware/AdminCheck.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Domains\Auth\Http\Middleware;
+
+use App\Domains\Auth\Models\User;
+use Closure;
+
+/**
+ * Class AdminCheck.
+ */
+class AdminCheck
+{
+    /**
+     * @param $request
+     * @param  Closure  $next
+     *
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if ($request->user() && $request->user()->isType(User::TYPE_ADMIN)) {
+            return $next($request);
+        }
+
+        return redirect()->route('frontend.index')->withFlashDanger(__('You do not have access to do that.'));
+    }
+}

app/Domains/Auth/Http/Middleware/SuperAdminCheck.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Domains\Auth\Http\Middleware;
+
+use Closure;
+
+/**
+ * Class SuperAdminCheck.
+ */
+class SuperAdminCheck
+{
+    /**
+     * @param $request
+     * @param  Closure  $next
+     *
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if ($request->user() && $request->user()->hasAllAccess()) {
+            return $next($request);
+        }
+
+        return redirect()->route('frontend.index')->withFlashDanger(__('You do not have access to do that.'));
+    }
+}

app/Domains/Auth/Http/Middleware/UserCheck.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Domains\Auth\Http\Middleware;
+
+use App\Domains\Auth\Models\User;
+use Closure;
+
+/**
+ * Class UserCheck.
+ */
+class UserCheck
+{
+    /**
+     * @param $request
+     * @param  Closure  $next
+     *
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if ($request->user() && $request->user()->isType(User::TYPE_USER)) {
+            return $next($request);
+        }
+
+        return redirect()->route('frontend.index')->withFlashDanger(__('You do not have access to do that.'));
+    }
+}

app/Domains/Auth/Http/Middleware/UserTypeCheck.php

@@ -18,8 +18,18 @@ class UserTypeCheck
      */
     public function handle($request, Closure $next, $type)
     {
-        if ($request->user() && $request->user()->isType($type)) {
-            return $next($request);
+        if ($request->user()) {
+            if (strpos($type, '|') !== false) {
+                $types = explode('|', $type);
+
+                foreach ($types as $t) {
+                    if ($request->user()->isType($t)) {
+                        return $next($request);
+                    }
+                }
+            } elseif ($request->user()->isType($type)) {
+                return $next($request);
+            }
         }
 
         return redirect()->route('frontend.index')->withFlashDanger(__('You do not have access to do that.'));

app/Domains/Auth/Models/Traits/Scope/UserScope.php

@@ -37,4 +37,36 @@ public function scopeByType($query, $type)
     {
         return $query->where('type', $type);
     }
+
+    /**
+     * @param $query
+     *
+     * @return mixed
+     */
+    public function scopeAllAccess($query)
+    {
+        return $query->whereHas('roles', function ($query) {
+            $query->where('name', config('boilerplate.access.role.admin'));
+        });
+    }
+
+    /**
+     * @param $query
+     *
+     * @return mixed
+     */
+    public function scopeAdmins($query)
+    {
+        return $query->where('type', $this::TYPE_ADMIN);
+    }
+
+    /**
+     * @param $query
+     *
+     * @return mixed
+     */
+    public function scopeUsers($query)
+    {
+        return $query->where('type', $this::TYPE_USER);
+    }
 }

app/Domains/Auth/Models/User.php

@@ -131,7 +131,7 @@ public function sendEmailVerificationNotification(): void
      */
     public function canImpersonate(): bool
     {
-        return $this->can('access.user.impersonate');
+        return $this->can('admin.access.user.impersonate');
     }
 
     /**

app/Http/Kernel.php

@@ -56,7 +56,7 @@ class Kernel extends HttpKernel
             '2fa:enabled',
             'auth',
             'password.expires',
-            'type:'.User::TYPE_ADMIN,
+            'is_admin',
         ],
     ];
 
@@ -75,6 +75,9 @@ class Kernel extends HttpKernel
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can' => \Illuminate\Auth\Middleware\Authorize::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        'is_admin' => \App\Domains\Auth\Http\Middleware\AdminCheck::class,
+        'is_super_admin' => \App\Domains\Auth\Http\Middleware\SuperAdminCheck::class,
+        'is_user' => \App\Domains\Auth\Http\Middleware\UserCheck::class,
         'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
         'password.expires' => \App\Domains\Auth\Http\Middleware\PasswordExpires::class,
         'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,