protected function checkPermission($permissionName)
{
if (!$this->currentUser || !$this->currentUser->can($permissionName)) {
+ dd($this->currentUser);
$this->showPermissionError();
}
--- /dev/null
+<?php
+
+namespace BookStack\Http\Controllers;
+
+use BookStack\Role;
+use BookStack\User;
+use Illuminate\Http\Request;
+
+use BookStack\Http\Requests;
+use BookStack\Http\Controllers\Controller;
+
+class PermissionController extends Controller
+{
+
+ protected $role;
+
+ /**
+ * PermissionController constructor.
+ * @param $role
+ * @param $user
+ */
+ public function __construct(Role $role)
+ {
+ $this->role = $role;
+ parent::__construct();
+ }
+
+ /**
+ * Show a listing of the roles in the system.
+ */
+ public function listRoles()
+ {
+ $this->checkPermission('settings-update');
+ $roles = $this->role->all();
+ return view('settings/roles/index', ['roles' => $roles]);
+ }
+
+ /**
+ * Show the form for editing a user role.
+ * @param $id
+ * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+ */
+ public function editRole($id)
+ {
+ $this->checkPermission('settings-update');
+ $role = $this->role->findOrFail($id);
+ return view('settings/roles/edit', ['role' => $role]);
+ }
+}
Route::group(['prefix' => 'settings'], function() {
Route::get('/', 'SettingController@index');
Route::post('/', 'SettingController@update');
+
// Users
Route::get('/users', 'UserController@index');
Route::get('/users/create', 'UserController@create');
Route::get('/users/{id}', 'UserController@edit');
Route::put('/users/{id}', 'UserController@update');
Route::delete('/users/{id}', 'UserController@destroy');
+
+ // Roles
+ Route::get('/roles', 'PermissionController@listRoles');
+ Route::get('/roles/{id}', 'PermissionController@editRole');
});
});
<div class="col-md-12 setting-nav">
<a href="/settings" @if($selected == 'settings') class="selected text-button" @endif><i class="zmdi zmdi-settings"></i>Settings</a>
<a href="/settings/users" @if($selected == 'users') class="selected text-button" @endif><i class="zmdi zmdi-accounts"></i>Users</a>
+ <a href="/settings/roles" @if($selected == 'roles') class="selected text-button" @endif><i class="zmdi zmdi-lock-open"></i>Roles</a>
</div>
</div>
</div>
--- /dev/null
+@extends('base')
+
+@section('content')
+
+ @include('settings/navbar', ['selected' => 'roles'])
+
+ <div class="container">
+ <h1>Edit Role <small> {{ $role->display_name }}</small></h1>
+
+ <form action="">
+ <div class="row">
+
+ <div class="col-md-6">
+ <table class="table">
+ <tr>
+ <th></th>
+ <th>Create</th>
+ <th>Edit</th>
+ <th>Delete</th>
+ </tr>
+ <tr>
+ <td>Books</td>
+ <td></td>
+ <td></td>
+ <td></td>
+ </tr>
+ <tr>
+ <td>Chapters</td>
+ <td></td>
+ <td></td>
+ <td></td>
+ </tr>
+ <tr>
+ <td>Pages</td>
+ <td></td>
+ <td></td>
+ <td></td>
+ </tr>
+ <tr>
+ <td>Images</td>
+ <td></td>
+ <td></td>
+ <td></td>
+ </tr>
+ </table>
+ </div>
+ <div class="col-md-6">
+ <div class="form-group">
+ <label for="">Can only edit own content</label>
+ <hr class="even">
+ <label for="">Manage users</label>
+ <hr class="even">
+ <label for="">Manage user roles</label>
+ <hr class="even">
+ <label for="">Manage app settings</label>
+ </div>
+ </div>
+
+ </div>
+ <button type="submit" class="button pos">Save Role</button>
+ </form>
+ </div>
+
+@stop
--- /dev/null
+@extends('base')
+
+@section('content')
+
+ @include('settings/navbar', ['selected' => 'roles'])
+
+ <div class="container">
+
+ <h1>User Roles</h1>
+ <table class="table">
+ <tr>
+ <th>Role Name</th>
+ <th></th>
+ <th class="text-right">Users</th>
+ </tr>
+ @foreach($roles as $role)
+ <tr>
+ <td><a href="/settings/roles/{{ $role->id }}">{{ $role->display_name }}</a></td>
+ <td>{{ $role->description }}</td>
+ <td class="text-right">{{ $role->users->count() }}</td>
+ </tr>
+ @endforeach
+ </table>
+ </div>
+
+@stop
projects / bookstack / commitdiff