diff --git a/app/Http/Controllers/fireFightersController.php b/app/Http/Controllers/fireFightersController.php index c7c1e55..c602836 100644 --- a/app/Http/Controllers/fireFightersController.php +++ b/app/Http/Controllers/fireFightersController.php @@ -15,7 +15,8 @@ class fireFightersController extends Controller { public function create(){ - if(auth()->user() != null && auth()->user()->fireStationID != null ){ + if(auth()->user() != null && auth()->user()->accessLevel() >= 20) //prezes,naczelnik,sekretarz + { // $users = user::where("fireStationID", auth()->user()->fireStationID)->get(); // $users = DB::table('users')->where("fireStationID", '=', auth()->user()->fireStationID)->get(); $users = DB::table('users')->where("fireStationID", '=', auth()->user()->fireStationID) @@ -24,38 +25,39 @@ class fireFightersController extends Controller ->select('users.id','users.name', 'users.surname', 'users.PESEL', 'users.email', 'users.statusID', 'ranks.rank', 'unitFunctions.unitFunction') ->paginate(10); return view("fireFighters", ["users" => $users]); - } else{ - return view('fireFighters'); + } + else + { + return redirect()->to('/userprofile'); } } public function addForm(){ - if(auth()->user() != null && auth()->user()->fireStationID != null ){ + if(auth()->user() != null && auth()->user()->accessLevel() == 50 ){ //prezes,naczelnik $fireStation = fireStation::find(auth()->user()->fireStationID); - if($fireStation-> creatorID == auth()->user()->id){ - //return view('fireFightersAdd'); + if($fireStation-> creatorID == auth()->user()->id){ //if do usunięcia w pzyszłości $ranks = DB::table('ranks')->pluck("rank","id"); $unitFunctions = DB::table('unitFunctions')->pluck("unitFunction","id"); return view('fireFightersAdd',compact('ranks'), compact('unitFunctions')); - } else return fireFightersController::create(); - } else return view("unit"); + } else return fireFightersController::create(); // ??? + } else return redirect()->to('/strazacy'); } public function editForm($id){ - if(auth()->user() != null && auth()->user()->fireStationID != null ){ + if(auth()->user() != null && auth()->user()->accessLevel() == 50 ){ //prezes,naczelnik $userFireStation = auth()->user()->fireStationID; $fireFighterFireStation = DB::table('users')->where("id", $id)->value('fireStationID'); $fireStationCreatorId = DB::table('fireStations')->where("id", $userFireStation)->value('creatorID'); $fireFighter = DB::table('users')->where("id", $id)->first(); - if($userFireStation == $fireFighterFireStation && auth()->user()->id == $fireStationCreatorId) { + if($userFireStation == $fireFighterFireStation && auth()->user()->id == $fireStationCreatorId) { // if do usunięcia w pzyszłości return view('fireFightersEdit', ["fireFighter" => $fireFighter]); } else{ return "Brak dostepu"; } }else{ - return view('unit'); + return redirect()->to('/strazacy'); } } diff --git a/app/Http/Controllers/fireStationController.php b/app/Http/Controllers/fireStationController.php index 4942067..5bd4e51 100644 --- a/app/Http/Controllers/fireStationController.php +++ b/app/Http/Controllers/fireStationController.php @@ -26,7 +26,7 @@ class fireStationController extends Controller public function editForm() { - if(auth()->user() != null && auth()->user()->fireStationID != null ) + if(auth()->user() != null && auth()->user()->accessLevel() == 50) //prezes/naczelnik { $id = auth()->user()->fireStationID; $fireStation = DB::table('fireStations')->where("id", $id)->first(); @@ -34,7 +34,7 @@ class fireStationController extends Controller return view('fireStationEdit', ["fireStation" => $fireStation], compact('voivodeships')); } else - return "Brak dostępu"; + return redirect()->to('/jednostka'); } public function store() diff --git a/app/User.php b/app/User.php index 9bf1995..2b62596 100644 --- a/app/User.php +++ b/app/User.php @@ -43,4 +43,20 @@ class User extends Authenticatable { $this->attributes['password'] = bcrypt($password); } + + public function accessLevel() + { + if (auth()->user() != null && auth()->user()->fireStationID != null) + if ($this->functionID == 1 or $this->functionID == 5) //prezes lub naczelnik + return 50; + elseif ($this->functionID == 3) //skarbnik + return 30; + elseif($this->functionID == 4) //sekretarz + return 20; + else + return 0; //brak specjalnych uprawnień + else + return -1; //jednostka nie istnieje + + } } diff --git a/resources/views/fireFighters.blade.php b/resources/views/fireFighters.blade.php index de7cbc9..8af8a56 100644 --- a/resources/views/fireFighters.blade.php +++ b/resources/views/fireFighters.blade.php @@ -2,10 +2,16 @@ @section('left-menu') @parent + @if( auth()->check() ) + @if( auth()->user()->fireStationID != NULL) + @if(auth()->user()->accessLevel() == 50)
Nazwa: Ochotnicza Straż Pożarna w Łuszczewie
-Województwo: Wielkopolskie
-Powiat: Koniński
-Gmina i numer ewidencyjny: Skulsk 3010092
-Kod pocztowy, Miejscowość: 62-560 Skulsk
-Ulica i numer: Łuszczewo 81
-Szerokość i długość geograficzna: 523113.08 | 182155.88
-KRS: 0000003716
-NIP: 665 524 497 69
-Telefon: ??? - ??? - ???
-E-mail: twojanazwa@domena.com
-Liczba członków: 40
-