Skip to content

Commit

Permalink
Authorization overhaul
Browse files Browse the repository at this point in the history
  • Loading branch information
@jjdejong
jjdejong committed Aug 2, 2024
1 parent ede6c48 commit a4c4764
Show file tree
Hide file tree
Showing 19 changed files with 261 additions and 366 deletions.
15 changes: 8 additions & 7 deletions app/Http/Controllers/ActorController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,16 @@
use App\Actor;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Gate;

class ActorController extends Controller
{
public function index(Request $request)
{
$this->authorize('viewAny', Actor::class);
Gate::authorize('readonly');
$actor = new Actor;
if ($request->filled('Name')) {
$actor = $actor->where('name', 'like', $request->Name.'%');
$actor = $actor->where('name', 'like', $request->Name . '%');
}
switch ($request->selector) {
case 'phy_p':
Expand All @@ -34,7 +35,7 @@ public function index(Request $request)

public function create()
{
$this->authorize('create', Actor::class);
Gate::authorize('readwrite');
$table = new Actor;
//TODO getTableComments is the same as in Rule.php. To render common
$actorComments = $table->getTableComments('actor');
Expand All @@ -44,7 +45,7 @@ public function create()

public function store(Request $request)
{
$this->authorize('create', Actor::class);
Gate::authorize('readwrite');
$request->validate([
'name' => 'required|max:100',
'email' => 'email|nullable',
Expand All @@ -56,7 +57,7 @@ public function store(Request $request)

public function show(Actor $actor)
{
$this->authorize('view', $actor);
Gate::authorize('readonly');
$actorInfo = $actor->load(['company:id,name', 'parent:id,name', 'site:id,name', 'droleInfo', 'countryInfo:iso,name', 'country_mailingInfo:iso,name', 'country_billingInfo:iso,name', 'nationalityInfo:iso,name']);
$actorComments = $actor->getTableComments('actor');

Expand All @@ -70,7 +71,7 @@ public function edit(Actor $actor)

public function update(Request $request, Actor $actor)
{
$this->authorize('update', $actor);
Gate::authorize('readwrite');
$request->validate([
'email' => 'email|nullable',
'ren_discount' => 'numeric',
Expand All @@ -83,7 +84,7 @@ public function update(Request $request, Actor $actor)

public function destroy(Actor $actor)
{
$this->authorize('delete', $actor);
Gate::authorize('readwrite');
$actor->delete();

return $actor;
Expand Down
Loading

0 comments on commit a4c4764

Please sign in to comment.