1
0
forked from s421507/eOSP2

Dodanie poziomow dostepu. Poprawki dostepu i przekierowan w: Jednostka, Strażacy

This commit is contained in:
Krzysztof Strzelecki 2020-01-31 23:38:24 +01:00
parent 3f9424f6b5
commit 079343fe1d
5 changed files with 48 additions and 30 deletions

View File

@ -15,7 +15,8 @@ class fireFightersController extends Controller
{ {
public function create(){ public function create(){
if(auth()->user() != null && auth()->user()->fireStationID != null ){ if(auth()->user() != null && auth()->user()->accessLevel() >= 20) //prezes,naczelnik,sekretarz
{
// $users = user::where("fireStationID", auth()->user()->fireStationID)->get(); // $users = user::where("fireStationID", auth()->user()->fireStationID)->get();
// $users = DB::table('users')->where("fireStationID", '=', auth()->user()->fireStationID)->get(); // $users = DB::table('users')->where("fireStationID", '=', auth()->user()->fireStationID)->get();
$users = DB::table('users')->where("fireStationID", '=', auth()->user()->fireStationID) $users = DB::table('users')->where("fireStationID", '=', auth()->user()->fireStationID)
@ -24,38 +25,39 @@ class fireFightersController extends Controller
->select('users.id','users.name', 'users.surname', 'users.PESEL', 'users.email', 'users.statusID', 'ranks.rank', 'unitFunctions.unitFunction') ->select('users.id','users.name', 'users.surname', 'users.PESEL', 'users.email', 'users.statusID', 'ranks.rank', 'unitFunctions.unitFunction')
->paginate(10); ->paginate(10);
return view("fireFighters", ["users" => $users]); return view("fireFighters", ["users" => $users]);
} else{ }
return view('fireFighters'); else
{
return redirect()->to('/userprofile');
} }
} }
public function addForm(){ public function addForm(){
if(auth()->user() != null && auth()->user()->fireStationID != null ){ if(auth()->user() != null && auth()->user()->accessLevel() == 50 ){ //prezes,naczelnik
$fireStation = fireStation::find(auth()->user()->fireStationID); $fireStation = fireStation::find(auth()->user()->fireStationID);
if($fireStation-> creatorID == auth()->user()->id){ if($fireStation-> creatorID == auth()->user()->id){ //if do usunięcia w pzyszłości
//return view('fireFightersAdd');
$ranks = DB::table('ranks')->pluck("rank","id"); $ranks = DB::table('ranks')->pluck("rank","id");
$unitFunctions = DB::table('unitFunctions')->pluck("unitFunction","id"); $unitFunctions = DB::table('unitFunctions')->pluck("unitFunction","id");
return view('fireFightersAdd',compact('ranks'), compact('unitFunctions')); return view('fireFightersAdd',compact('ranks'), compact('unitFunctions'));
} else return fireFightersController::create(); } else return fireFightersController::create(); // ???
} else return view("unit"); } else return redirect()->to('/strazacy');
} }
public function editForm($id){ public function editForm($id){
if(auth()->user() != null && auth()->user()->fireStationID != null ){ if(auth()->user() != null && auth()->user()->accessLevel() == 50 ){ //prezes,naczelnik
$userFireStation = auth()->user()->fireStationID; $userFireStation = auth()->user()->fireStationID;
$fireFighterFireStation = DB::table('users')->where("id", $id)->value('fireStationID'); $fireFighterFireStation = DB::table('users')->where("id", $id)->value('fireStationID');
$fireStationCreatorId = DB::table('fireStations')->where("id", $userFireStation)->value('creatorID'); $fireStationCreatorId = DB::table('fireStations')->where("id", $userFireStation)->value('creatorID');
$fireFighter = DB::table('users')->where("id", $id)->first(); $fireFighter = DB::table('users')->where("id", $id)->first();
if($userFireStation == $fireFighterFireStation && auth()->user()->id == $fireStationCreatorId) { if($userFireStation == $fireFighterFireStation && auth()->user()->id == $fireStationCreatorId) { // if do usunięcia w pzyszłości
return view('fireFightersEdit', ["fireFighter" => $fireFighter]); return view('fireFightersEdit', ["fireFighter" => $fireFighter]);
} else{ } else{
return "Brak dostepu"; return "Brak dostepu";
} }
}else{ }else{
return view('unit'); return redirect()->to('/strazacy');
} }
} }

View File

@ -26,7 +26,7 @@ class fireStationController extends Controller
public function editForm() public function editForm()
{ {
if(auth()->user() != null && auth()->user()->fireStationID != null ) if(auth()->user() != null && auth()->user()->accessLevel() == 50) //prezes/naczelnik
{ {
$id = auth()->user()->fireStationID; $id = auth()->user()->fireStationID;
$fireStation = DB::table('fireStations')->where("id", $id)->first(); $fireStation = DB::table('fireStations')->where("id", $id)->first();
@ -34,7 +34,7 @@ class fireStationController extends Controller
return view('fireStationEdit', ["fireStation" => $fireStation], compact('voivodeships')); return view('fireStationEdit', ["fireStation" => $fireStation], compact('voivodeships'));
} }
else else
return "Brak dostępu"; return redirect()->to('/jednostka');
} }
public function store() public function store()

View File

@ -43,4 +43,20 @@ class User extends Authenticatable
{ {
$this->attributes['password'] = bcrypt($password); $this->attributes['password'] = bcrypt($password);
} }
public function accessLevel()
{
if (auth()->user() != null && auth()->user()->fireStationID != null)
if ($this->functionID == 1 or $this->functionID == 5) //prezes lub naczelnik
return 50;
elseif ($this->functionID == 3) //skarbnik
return 30;
elseif($this->functionID == 4) //sekretarz
return 20;
else
return 0; //brak specjalnych uprawnień
else
return -1; //jednostka nie istnieje
}
} }

View File

@ -2,10 +2,16 @@
@section('left-menu') @section('left-menu')
@parent @parent
@if( auth()->check() )
@if( auth()->user()->fireStationID != NULL)
@if(auth()->user()->accessLevel() == 50)
<ul> <ul>
<a href="/strazacy/add"><li>Dodaj<img src="img/left_menu_icon/add.png"></li></a> <a href="/strazacy/add"><li>Dodaj<img src="img/left_menu_icon/add.png"></li></a>
<a href="/szkolenia"><li><font size="-2">Badania/Szkolenia</font><img src="/img/left_menu_icon/more.png"></li></a> <a href="/szkolenia"><li><font size="-2">Badania/Szkolenia</font><img src="/img/left_menu_icon/more.png"></li></a>
</ul> </ul>
@endif
@endif
@endif
@stop @stop
<head> <head>
@ -75,7 +81,9 @@
<th>Funkcja</th> <th>Funkcja</th>
<th>Stopień</th> <th>Stopień</th>
<th>Status</th> <th>Status</th>
@if(auth()->user()->accessLevel() == 50)
<th>Operacja</th> <th>Operacja</th>
@endif
</tr> </tr>
</thead> </thead>
@ -93,6 +101,7 @@
<td id="userFunction{{ $user->id }}"> {{$user->unitFunction}} </td> <td id="userFunction{{ $user->id }}"> {{$user->unitFunction}} </td>
<td id="userDegree{{ $user->id }}"> {{$user->rank}}</td> <td id="userDegree{{ $user->id }}"> {{$user->rank}}</td>
<td id="userStatus{{ $user->id }}">@if( $user->statusID == 0) Czynny @else Wyłączony @endif</td> <td id="userStatus{{ $user->id }}">@if( $user->statusID == 0) Czynny @else Wyłączony @endif</td>
@if(auth()->user()->accessLevel() == 50)
<td> <td>
<a href="{{ URL::asset('strazacy/edit/'.$user->id) }}" class="btn btn-secondary" role="button">Edytuj</a> <a href="{{ URL::asset('strazacy/edit/'.$user->id) }}" class="btn btn-secondary" role="button">Edytuj</a>
<a href="{{ URL::asset('strazacy/odznaczenia/'.$user->id) }}" class="btn btn-success" role="button">Odznaczenia</a> <a href="{{ URL::asset('strazacy/odznaczenia/'.$user->id) }}" class="btn btn-success" role="button">Odznaczenia</a>
@ -112,6 +121,7 @@
@endif @endif
@endif @endif
</td> </td>
@endif
</tr> </tr>
@php @php
$i++; $i++;

View File

@ -2,11 +2,15 @@
@section('left-menu') @section('left-menu')
@parent @parent
@if( auth()->check() )
@if( auth()->user()->fireStationID != NULL)
@if(auth()->user()->accessLevel() == 50)
<ul> <ul>
<a href="/jednostka/edit"><li>Edytuj<img src="img/left_menu_icon/edit.png"></li></a> <a href="/jednostka/edit"><li>Edytuj<img src="img/left_menu_icon/edit.png"></li></a>
</ul> </ul>
@endif
@endif
@endif
@stop @stop
@section('center-area') @section('center-area')
@ -67,21 +71,7 @@
<div> <div>
@endif @endif
@else @else
<div> Witamy na stronie eOSP! <a href="/login">Zaloguj się</a> lub <a href="/register">Zarejestruj nową jednostkę</a>.
<p><b>Nazwa:</b> Ochotnicza Straż Pożarna w Łuszczewie</p>
<p><b>Województwo:</b> Wielkopolskie</p>
<p><b>Powiat:</b> Koniński</p>
<p><b>Gmina i numer ewidencyjny:</b> Skulsk 3010092</p>
<p><b>Kod pocztowy, Miejscowość:</b> 62-560 Skulsk</p>
<p><b>Ulica i numer:</b> Łuszczewo 81</p>
<p><b>Szerokość i długość geograficzna:</b> 523113.08 | 182155.88</p>
<p><b>KRS:</b> 0000003716</p>
<p><b>NIP:</b> 665 524 497 69 </p>
<p><b>Telefon:</b> ??? - ??? - ???</p>
<p><b>E-mail:</b> twojanazwa@domena.com</p>
<hr>
<p><b>Liczba członków:</b> 40</p>
</div>
<div> <div>
@endif @endif
</div> </div>