Readded the permission checks

MasterZydra · Feb 21, 2024 · fc7307f · fc7307f
1 parent 98f5a00
commit fc7307f
Show file tree

Hide file tree

Showing 32 changed files with 281 additions and 163 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,8 @@ Types of changes: `Added`, `Changed`, `Deprecate`, `Removed`, `Fixed`, `Secruity
 
 ## [Unreleased]
 
+## v2.0.0 - 21.02.2024 - Same frontend with new backend
+
 ### Added
 - Added bioman CLI that can be extended with commands
 - Added `registerFn` to simplify registering global available functions

diff --git a/app/Http/Controllers/ActiveSuppliersController.php b/app/Http/Controllers/ActiveSuppliersController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers;
 
+use Framework\Authentication\Auth;
 use Framework\Facades\Http;
 use Framework\PDF\PDF;
 use Framework\Routing\BaseController;
@@ -11,6 +12,8 @@ class ActiveSuppliersController extends BaseController implements ControllerInte
 {
     public function execute(): void
     {
+        Auth::checkRole('Maintainer');
+
         if (Http::requestMethod() !== 'GET') {
             Http::redirect('/');
             return;

diff --git a/app/Http/Controllers/DeliveryNoteController.php b/app/Http/Controllers/DeliveryNoteController.php
@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;
 
 use App\Models\DeliveryNote;
+use Framework\Authentication\Auth;
 use Framework\Database\Query\SortOrder;
 use Framework\Facades\Http;
 use Framework\Routing\BaseController;
@@ -16,6 +17,8 @@ class DeliveryNoteController extends BaseController implements ModelControllerIn
      */
     public function index(): void
     {
+        Auth::checkRole('Maintainer');
+
         view(
             'entities.deliveryNote.index',
             ['deliveryNotes' => DeliveryNote::all(
@@ -32,6 +35,8 @@ public function index(): void
      */
     public function create(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.deliveryNote.create');
     }
 
@@ -41,6 +46,8 @@ public function create(): void
      */
     public function store(): void
     {
+        Auth::checkRole('Maintainer');
+
         (new DeliveryNote())
             ->setFromHttpParams(['year', 'productId', 'supplierId', 'recipientId'])
             ->setNr(DeliveryNote::nextDeliveryNoteNr(Http::param('year')))
@@ -59,6 +66,8 @@ public function store(): void
      */
     public function edit(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.deliveryNote.edit', ['deliveryNote' => DeliveryNote::findById(Http::param('id'))]);
     }
 
@@ -68,6 +77,8 @@ public function edit(): void
      */
     public function update(): void
     {
+        Auth::checkRole('Maintainer');
+
         DeliveryNote::findById(Http::param('id'))
             ->setFromHttpParams(['deliveryDate', 'amount', 'productId', 'supplierId', 'recipientId', 'isInvoiceReady'])
             ->save();
@@ -81,6 +92,8 @@ public function update(): void
      */
     public function destroy(): void
     {
+        Auth::checkRole('Maintainer');
+
         DeliveryNote::delete(Http::param('id'));
 
         Http::redirect('deliveryNote');

diff --git a/app/Http/Controllers/EditImprintSettingsController.php b/app/Http/Controllers/EditImprintSettingsController.php
@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;
 
 use App\Models\Setting;
+use Framework\Authentication\Auth;
 use Framework\Facades\Http;
 use Framework\Routing\BaseController;
 use Framework\Routing\ControllerInterface;
@@ -11,6 +12,8 @@ class EditImprintSettingsController extends BaseController implements Controller
 {
     public function execute(): void
     {
+        Auth::checkRole('Administrator');
+
         if (Http::requestMethod() === 'GET') {
             view('settings.editImprint');
             return;

diff --git a/app/Http/Controllers/EditInvoiceSettingsController.php b/app/Http/Controllers/EditInvoiceSettingsController.php
@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;
 
 use App\Models\Setting;
+use Framework\Authentication\Auth;
 use Framework\Facades\Http;
 use Framework\Routing\BaseController;
 use Framework\Routing\ControllerInterface;
@@ -11,6 +12,8 @@ class EditInvoiceSettingsController extends BaseController implements Controller
 {
     public function execute(): void
     {
+        Auth::checkRole('Administrator');
+
         if (Http::requestMethod() === 'GET') {
             view('settings.editInvoice');
             return;

diff --git a/app/Http/Controllers/EditVolumeDistributionController.php b/app/Http/Controllers/EditVolumeDistributionController.php
@@ -4,6 +4,7 @@
 
 use App\Models\DeliveryNote;
 use App\Models\VolumeDistribution;
+use Framework\Authentication\Auth;
 use Framework\Facades\Http;
 use Framework\Message\Message;
 use Framework\Message\Type;
@@ -14,6 +15,8 @@ class EditVolumeDistributionController extends BaseController implements Control
 {
     public function execute(): void
     {
+        Auth::checkRole('Maintainer');
+
         if (Http::requestMethod() === 'GET') {
             view('entities.volumeDistribution.edit', [
                 'deliveryNote' => DeliveryNote::findById(Http::param('id')),

diff --git a/app/Http/Controllers/InvoiceController.php b/app/Http/Controllers/InvoiceController.php
@@ -4,6 +4,7 @@
 
 use App\Models\DeliveryNote;
 use App\Models\Invoice;
+use Framework\Authentication\Auth;
 use Framework\Database\Query\SortOrder;
 use Framework\Facades\Http;
 use Framework\PDF\PDF;
@@ -18,6 +19,8 @@ class InvoiceController extends BaseController implements ModelControllerInterfa
      */
     public function index(): void
     {
+        Auth::checkRole('Maintainer');
+
         view(
             'entities.invoice.index',
             ['invoices' => Invoice::all(
@@ -34,6 +37,8 @@ public function index(): void
      */
     public function show(): void
     {
+        Auth::checkRole('Maintainer');
+
         $invoice = Invoice::findById(Http::param('id'));
         (new PDF())
             ->createPDF(setting('invoiceAuthor'), $invoice->PdfInvoiceName(), $invoice->PdfInvoiceName(), render('pdf.invoice', ['invoice' => $invoice]))
@@ -46,6 +51,8 @@ public function show(): void
      */
     public function create(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.invoice.create');
     }
 
@@ -55,6 +62,8 @@ public function create(): void
      */
     public function store(): void
     {
+        Auth::checkRole('Maintainer');
+
         $year = Http::param('year');
         $nr = Invoice::nextInvoiceNr(Http::param('year'));
 
@@ -77,6 +86,8 @@ public function store(): void
      */
     public function edit(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.invoice.edit', ['invoice' => Invoice::findById(Http::param('id'))]);
     }
 
@@ -86,6 +97,8 @@ public function edit(): void
      */
     public function update(): void
     {
+        Auth::checkRole('Maintainer');
+
         $invoice = Invoice::findById(Http::param('id'))
             ->setFromHttpParams(['invoiceDate', 'recipientId', 'isPaid'])
             ->save();
@@ -106,6 +119,8 @@ public function update(): void
      */
     public function destroy(): void
     {
+        Auth::checkRole('Maintainer');
+
         Invoice::delete(Http::param('id'));
 
         Http::redirect('invoice');

diff --git a/app/Http/Controllers/PlotController.php b/app/Http/Controllers/PlotController.php
@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;
 
 use App\Models\Plot;
+use Framework\Authentication\Auth;
 use Framework\Facades\Http;
 use Framework\Routing\BaseController;
 use Framework\Routing\ModelControllerInterface;
@@ -15,6 +16,8 @@ class PlotController extends BaseController implements ModelControllerInterface
      */
     public function index(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.plot.index', ['plots' => Plot::all()]);
     }
 
@@ -24,6 +27,8 @@ public function index(): void
      */
     public function create(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.plot.create');
     }
 
@@ -33,6 +38,8 @@ public function create(): void
      */
     public function store(): void
     {
+        Auth::checkRole('Maintainer');
+
         (new Plot())
             ->setFromHttpParams(['nr', 'name', 'subdistrict', 'supplierId'])
             ->setIsLocked(false)
@@ -47,6 +54,8 @@ public function store(): void
      */
     public function edit(): void
     {
+        Auth::checkRole('Maintainer');
+
         view('entities.plot.edit', ['plot' => Plot::findById(Http::param('id'))]);
     }
 
@@ -56,6 +65,8 @@ public function edit(): void
      */
     public function update(): void
     {
+        Auth::checkRole('Maintainer');
+
         Plot::findById(Http::param('id'))
             ->setFromHttpParams(['nr', 'name', 'subdistrict', 'supplierId', 'isLocked'])
             ->save();
@@ -69,6 +80,8 @@ public function update(): void
      */
     public function destroy(): void
     {
+        Auth::checkRole('Maintainer');
+
         Plot::delete(Http::param('id'));
 
         Http::redirect('plot');