Commit 447f5e82 authored by Jacob Priddy's avatar Jacob Priddy 👌
Browse files

Set Admin Override page permissions to Door Commander group

parent 59318547
Pipeline #12528 passed with stages
in 2 minutes and 37 seconds
......@@ -46,7 +46,7 @@ class OverridesController extends ApiController
*/
public function create(OverrideCreateUseCase $overrideCreate, ApiGuard $apiGuard): JsonResponse
{
$this->authorizer->protect(Permissions::MANAGE_GROUPS);
$this->authorizer->protect(Permissions::DOOR_COMMANDER);
$this->validate($this->request, [
'reason' => 'required|string|max:1024',
'door_id' => 'required|integer',
......@@ -87,7 +87,7 @@ class OverridesController extends ApiController
*/
public function update(string $overrideId, OverrideUpdateUseCase $overrideUpdate): JsonResponse
{
$this->authorizer->protect(Permissions::MANAGE_GROUPS);
$this->authorizer->protect(Permissions::DOOR_COMMANDER);
$this->validate($this->request, [
'reason' => 'string|max:1024',
'start' => 'date|required_with:end|before:end',
......@@ -96,7 +96,14 @@ class OverridesController extends ApiController
$presenter = new OverrideCreateApiPresenter();
$overrideUpdate->update($overrideId, $this->request->all(), $presenter);
$overrideUpdate->update(
$overrideId,
array_merge(
$this->request->all(),
['user_id' => $this->authorizer->getCurrentUserId()]
),
$presenter
);
$this->setStatusCode($presenter->getStatusCode());
return $this->respondWithData($presenter->getViewModel());
......@@ -118,7 +125,7 @@ class OverridesController extends ApiController
*/
public function get(string $overrideId, OverrideGetUseCase $overrideGet): JsonResponse
{
$this->authorizer->protect(Permissions::LOGS_READ);
$this->authorizer->protectOne([Permissions::LOGS_READ, Permissions::DOOR_COMMANDER]);
$presenter = new OverrideCreateApiPresenter();
......@@ -150,7 +157,7 @@ class OverridesController extends ApiController
*/
public function index(OverridesGetUseCase $overridesInDateRange): JsonResponse
{
$this->authorizer->protect(Permissions::LOGS_READ);
$this->authorizer->protectOne([Permissions::LOGS_READ, Permissions::DOOR_COMMANDER]);
$this->validate($this->request, [
'start' => 'nullable|date',
......
......@@ -144,7 +144,14 @@ class OverridesController extends Controller
$presenter = new OverrideUpdatePresenter();
$overrideUpdate->update($overrideId, $this->request->all(), $presenter);
$overrideUpdate->update(
$overrideId,
array_merge(
$this->request->all(),
['user_id' => $this->authorizer->getCurrentUserId()]
),
$presenter
);
if ($presenter->hasError()) {
throw ValidationException::withMessages($presenter->getViewModel());
......
......@@ -37,6 +37,7 @@ class AuthServiceProvider extends ServiceProvider
Permissions::MANAGE_DOORS,
Permissions::MANAGE_GROUPS,
Permissions::LOGS_READ,
Permissions::DOOR_COMMANDER,
]);
} catch (EntityNotFoundException $e) {
return false;
......
......@@ -54,7 +54,7 @@
<!-- Divider -->
<hr class="sidebar-divider">
@canany([\Source\Authorization\Permissions::MANAGE_USERS, \Source\Authorization\Permissions::MANAGE_GROUPS, \Source\Authorization\Permissions::MANAGE_DOORS])
@canany([\Source\Authorization\Permissions::MANAGE_USERS, \Source\Authorization\Permissions::MANAGE_GROUPS, \Source\Authorization\Permissions::MANAGE_DOORS, \Source\Authorization\Permissions::DOOR_COMMANDER])
<div class="sidebar-heading">
Manage
</div>
......@@ -104,7 +104,9 @@
<span>Schedules</span>
</a>
</li>
@endcan
@can(\Source\Authorization\Permissions::DOOR_COMMANDER)
<li class="nav-item {{ Nav::hasSegment('overrides', 2) }}">
<a class="nav-link" href="{{ route('web.admin.overrides.index') }}">
<i class="fas fa-fw fa-hand-rock"></i>
......
......@@ -143,7 +143,7 @@ Route::name('web.')->middleware(['auth:api'])->group(static function () {
Route::name('overrides.')
->prefix('overrides')
->middleware('can:' . Permissions::MANAGE_GROUPS)
->middleware('can:' . Permissions::DOOR_COMMANDER)
->group(static function () {
Route::get('/', [OverridesController::class, 'index'])->name('index');
Route::get('/create', [OverridesController::class, 'create'])->name('create');
......
......@@ -8,6 +8,9 @@ use Source\Authorization\Permissions;
class LocalGroupsRepository extends InMemoryGroupsRepository
{
/**
* @throws \Source\Exceptions\EntityExistsException
*/
public function __construct()
{
$this->create(static::getAdminGroup());
......
......@@ -45,7 +45,6 @@ class OverrideUpdate implements OverrideUpdateUseCase
throw new EntityNotFoundException('Override does not exist.');
}
$reason = $attributes['reason'] ?? $override->getReason();
$start = $attributes['start'] ?? null;
$end = $attributes['end'] ?? null;
......@@ -71,8 +70,8 @@ class OverrideUpdate implements OverrideUpdateUseCase
if (!$response->hasError()) {
$override = $this->overrides->updateOverride($overrideId, new Override(
$override->getId(),
$reason,
$override->getUserId(),
$attributes['reason'] ?? $override->getReason(),
$attributes['user_id'] ?? $override->getUserId(),
$override->getDoorId(),
$override->getType(),
$start,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment