From 18f34c39f98803345465889dbe62af1ac12d66de Mon Sep 17 00:00:00 2001 From: mfl4 Date: Wed, 13 Dec 2023 21:31:17 +0700 Subject: [PATCH] feat: 23. Authorization --- .../Controllers/AdminCategoryController.php | 68 +++++++++++++++++++ app/Http/Kernel.php | 3 +- app/Http/Middleware/IsAdmin.php | 23 +++++++ app/Providers/AppServiceProvider.php | 5 ++ composer.lock | 34 +++++----- ..._11_094651_add_is_admin_to_users_table.php | 28 ++++++++ resources/views/categories.blade.php | 4 +- .../dashboard/categories/index.blade.php | 47 +++++++++++++ resources/views/partials/navbar.blade.php | 11 +-- resources/views/partials/sidebar.blade.php | 21 +++++- routes/web.php | 7 +- 11 files changed, 220 insertions(+), 31 deletions(-) create mode 100644 app/Http/Controllers/AdminCategoryController.php create mode 100644 app/Http/Middleware/IsAdmin.php create mode 100644 database/migrations/2023_12_11_094651_add_is_admin_to_users_table.php create mode 100644 resources/views/dashboard/categories/index.blade.php diff --git a/app/Http/Controllers/AdminCategoryController.php b/app/Http/Controllers/AdminCategoryController.php new file mode 100644 index 0000000..9904dde --- /dev/null +++ b/app/Http/Controllers/AdminCategoryController.php @@ -0,0 +1,68 @@ +authorize('admin'); + return view('dashboard.categories.index', [ + 'categories' => Category::all(), + ]); + } + + /** + * Show the form for creating a new resource. + */ + public function create() + { + + } + + /** + * Store a newly created resource in storage. + */ + public function store(Request $request) + { + // + } + + /** + * Display the specified resource. + */ + public function show(Category $category) + { + // + } + + /** + * Show the form for editing the specified resource. + */ + public function edit(Category $category) + { + // + } + + /** + * Update the specified resource in storage. + */ + public function update(Request $request, Category $category) + { + // + } + + /** + * Remove the specified resource from storage. + */ + public function destroy(Category $category) + { + // + } +} diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 494c050..916c184 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -40,7 +40,7 @@ class Kernel extends HttpKernel 'api' => [ // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, - \Illuminate\Routing\Middleware\ThrottleRequests::class.':api', + \Illuminate\Routing\Middleware\ThrottleRequests::class . ':api', \Illuminate\Routing\Middleware\SubstituteBindings::class, ], ]; @@ -64,5 +64,6 @@ class Kernel extends HttpKernel 'signed' => \App\Http\Middleware\ValidateSignature::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, + 'admin' => \App\Http\Middleware\IsAdmin::class, ]; } diff --git a/app/Http/Middleware/IsAdmin.php b/app/Http/Middleware/IsAdmin.php new file mode 100644 index 0000000..8c120fd --- /dev/null +++ b/app/Http/Middleware/IsAdmin.php @@ -0,0 +1,23 @@ +check() || !auth()->user()->is_admin) { + abort(403); + } + return $next($request); + } +} diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 86b1719..7fa36d0 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -3,6 +3,7 @@ namespace App\Providers; use Illuminate\Pagination\Paginator; +use Illuminate\Support\Facades\Gate; use Illuminate\Support\ServiceProvider; class AppServiceProvider extends ServiceProvider @@ -21,5 +22,9 @@ public function register(): void public function boot(): void { Paginator::useBootstrapFive(); + + Gate::define('admin', function ($user) { + return $user->is_admin; + }); } } diff --git a/composer.lock b/composer.lock index c5ae4e5..ecb0a80 100644 --- a/composer.lock +++ b/composer.lock @@ -1261,16 +1261,16 @@ }, { "name": "laravel/framework", - "version": "v10.35.0", + "version": "v10.37.1", "source": { "type": "git", "url": "https://github.com/laravel/framework.git", - "reference": "91ec2d92d2f6007e9084fe06438b99c91845da69" + "reference": "b41612c58e358655cda1239e18d8851ff8736e8f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/framework/zipball/91ec2d92d2f6007e9084fe06438b99c91845da69", - "reference": "91ec2d92d2f6007e9084fe06438b99c91845da69", + "url": "https://api.github.com/repos/laravel/framework/zipball/b41612c58e358655cda1239e18d8851ff8736e8f", + "reference": "b41612c58e358655cda1239e18d8851ff8736e8f", "shasum": "" }, "require": { @@ -1459,7 +1459,7 @@ "issues": "https://github.com/laravel/framework/issues", "source": "https://github.com/laravel/framework" }, - "time": "2023-12-05T14:50:33+00:00" + "time": "2023-12-12T19:03:09+00:00" }, { "name": "laravel/prompts", @@ -6597,16 +6597,16 @@ }, { "name": "phpunit/php-code-coverage", - "version": "10.1.9", + "version": "10.1.10", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "a56a9ab2f680246adcf3db43f38ddf1765774735" + "reference": "599109c8ca6bae97b23482d557d2874c25a65e59" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/a56a9ab2f680246adcf3db43f38ddf1765774735", - "reference": "a56a9ab2f680246adcf3db43f38ddf1765774735", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/599109c8ca6bae97b23482d557d2874c25a65e59", + "reference": "599109c8ca6bae97b23482d557d2874c25a65e59", "shasum": "" }, "require": { @@ -6663,7 +6663,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", "security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy", - "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.9" + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.10" }, "funding": [ { @@ -6671,7 +6671,7 @@ "type": "github" } ], - "time": "2023-11-23T12:23:20+00:00" + "time": "2023-12-11T06:28:43+00:00" }, { "name": "phpunit/php-file-iterator", @@ -6918,16 +6918,16 @@ }, { "name": "phpunit/phpunit", - "version": "10.5.2", + "version": "10.5.3", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "5aedff46afba98dddecaa12349ec044d9103d4fe" + "reference": "6fce887c71076a73f32fd3e0774a6833fc5c7f19" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/5aedff46afba98dddecaa12349ec044d9103d4fe", - "reference": "5aedff46afba98dddecaa12349ec044d9103d4fe", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/6fce887c71076a73f32fd3e0774a6833fc5c7f19", + "reference": "6fce887c71076a73f32fd3e0774a6833fc5c7f19", "shasum": "" }, "require": { @@ -6999,7 +6999,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/10.5.2" + "source": "https://github.com/sebastianbergmann/phpunit/tree/10.5.3" }, "funding": [ { @@ -7015,7 +7015,7 @@ "type": "tidelift" } ], - "time": "2023-12-05T14:54:33+00:00" + "time": "2023-12-13T07:25:23+00:00" }, { "name": "sebastian/cli-parser", diff --git a/database/migrations/2023_12_11_094651_add_is_admin_to_users_table.php b/database/migrations/2023_12_11_094651_add_is_admin_to_users_table.php new file mode 100644 index 0000000..0b3c749 --- /dev/null +++ b/database/migrations/2023_12_11_094651_add_is_admin_to_users_table.php @@ -0,0 +1,28 @@ +boolean('is_admin')->default(false); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('users', function (Blueprint $table) { + $table->dropColumn('is_admin'); + }); + } +}; diff --git a/resources/views/categories.blade.php b/resources/views/categories.blade.php index da5d69e..4a24d4c 100644 --- a/resources/views/categories.blade.php +++ b/resources/views/categories.blade.php @@ -7,14 +7,14 @@
@foreach ($categories as $category) -
+
...
+ style="background-color: rgba(13, 110, 253, 0.6)"> {{ $category->name }}
diff --git a/resources/views/dashboard/categories/index.blade.php b/resources/views/dashboard/categories/index.blade.php new file mode 100644 index 0000000..620b70b --- /dev/null +++ b/resources/views/dashboard/categories/index.blade.php @@ -0,0 +1,47 @@ +@extends('dashboard.layouts.main') + +@section('container') +

Categories Management

+
+ + @if (session()->has('success')) + + @endif + +
+ Create New + Category + + + + + + + + + + @foreach ($categories as $category) + + + + + + @endforeach + +
NoCategory NameAction
{{ $loop->iteration }}{{ $category->name }} + + +
+ @method('delete') + @csrf + +
+
+
+@endsection diff --git a/resources/views/partials/navbar.blade.php b/resources/views/partials/navbar.blade.php index 4cef5ae..336701a 100644 --- a/resources/views/partials/navbar.blade.php +++ b/resources/views/partials/navbar.blade.php @@ -8,17 +8,18 @@ diff --git a/routes/web.php b/routes/web.php index 617b1a6..bac0ec6 100644 --- a/routes/web.php +++ b/routes/web.php @@ -1,5 +1,6 @@ "Home", - "active" => "home", ]); }); Route::get('/about', function () { return view('about', [ "title" => "About", - "active" => "about", "name" => "Mhd. Farhan Lubis", "email" => "farhan@gmail.com", "image" => "farhan.jpg", @@ -42,7 +41,6 @@ Route::get('/categories', function () { return view('categories', [ 'title' => 'Post Categories', - 'active' => 'categories', 'categories' => Category::all(), ]); }); @@ -73,9 +71,10 @@ Route::get('/dashboard', function () { return view('dashboard.index', [ 'title' => 'Dashboard', - 'active' => 'dashboard', ]); })->middleware('auth'); Route::get('/dashboard/posts/checkSlug', [DashboardPostController::class, 'checkSlug'])->middleware('auth'); Route::resource('/dashboard/posts', DashboardPostController::class)->middleware('auth'); + +Route::resource('/dashboard/categories', AdminCategoryController::class)->except('show')->middleware('admin');