odon
/
free-pmo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add user authorization on manage user actions 

Delete agency_workers record after user deletation
Restructure profile and agency edit page
pull/1/head
Nafies Luthfi 8 years ago
parent
7f8d91db29
commit
d1bfe2480d
6 changed files with 62 additions and 44 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      app/Entities/Users/UsersRepository.php
  2. 50
      app/Http/Controllers/Users/UsersController.php
  3. 10
      resources/views/users/agency/edit.blade.php
  4. 21
      resources/views/users/profile/edit.blade.php
  5. 2
      routes/web/users.php
  6. 19
      tests/Feature/Users/ManageUsersTest.php

2
app/Entities/Users/UsersRepository.php
View File

@ -57,6 +57,8 @@ class UsersRepository extends BaseRepository
{ {
$user = $this->requireById($userId); $user = $this->requireById($userId);
\DB::table('agency_workers')->where('worker_id', $userId)->delete();
return $user->delete(); return $user->delete();
} }
} }

50
app/Http/Controllers/Users/UsersController.php
View File

@ -2,9 +2,9 @@
namespace App\Http\Controllers\Users; namespace App\Http\Controllers\Users;
use App\Entities\Users\User;
use App\Entities\Users\UsersRepository; use App\Entities\Users\UsersRepository;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\Users\CreateRequest;
use App\Http\Requests\Users\DeleteRequest; use App\Http\Requests\Users\DeleteRequest;
use App\Http\Requests\Users\UpdateRequest; use App\Http\Requests\Users\UpdateRequest;
use Illuminate\Http\Request; use Illuminate\Http\Request;
@ -19,9 +19,9 @@ class UsersController extends Controller
$this->repo = $repo; $this->repo = $repo;
} }
public function index(Request $req)
public function index(Request $request)
{ {
$users = $this->repo->getUsers($req->get('q'));
$users = $this->repo->getUsers($request->get('q'));
return view('users.index', compact('users')); return view('users.index', compact('users'));
} }
@ -30,45 +30,59 @@ class UsersController extends Controller
return view('users.create'); return view('users.create');
} }
public function store(CreateRequest $req)
public function store(Request $request)
{ {
$userData = $req->except(['_token', 'password_confirmation']);
$userData = $request->validate([
'name' => 'required|min:5',
'email' => 'required|email|unique:users,email',
'password' => 'between:6,15|confirmed',
'password_confirmation' => 'required_with:password',
]);
$user = $this->repo->create($userData); $user = $this->repo->create($userData);
flash()->success(trans('user.created')); flash()->success(trans('user.created'));
return redirect()->route('users.index'); return redirect()->route('users.index');
} }
public function show($userId)
public function show(User $user)
{ {
$user = $this->repo->requireById($userId);
return view('users.show', compact('user')); return view('users.show', compact('user'));
} }
public function edit($userId)
public function edit(User $user)
{ {
$user = $this->repo->requireById($userId);
$this->authorize('update', $user);
return view('users.edit', compact('user')); return view('users.edit', compact('user'));
} }
public function update(UpdateRequest $req, $userId)
public function update(UpdateRequest $request, User $user)
{ {
$userData = $req->except(['_method', '_token', 'password_confirmation']);
$user = $this->repo->update($userData, $userId);
$this->authorize('update', $user);
$userData = $request->except(['_method', '_token', 'password_confirmation']);
$user->update($userData);
flash()->success(trans('user.updated')); flash()->success(trans('user.updated'));
return redirect()->route('users.edit', $userId);
return redirect()->route('users.edit', $user->id);
} }
public function delete($userId)
public function delete(User $user)
{ {
$user = $this->repo->requireById($userId);
$this->authorize('delete', $user);
return view('users.delete', compact('user')); return view('users.delete', compact('user'));
} }
public function destroy(DeleteRequest $req, $userId)
public function destroy(DeleteRequest $request, User $user)
{ {
if ($userId == $req->get('user_id')) {
$this->repo->delete($userId);
$this->authorize('delete', $user);
if ($request->get('user_id')) {
$this->repo->delete($user->id);
flash()->success(trans('user.deleted')); flash()->success(trans('user.deleted'));
} else { } else {
flash()->error(trans('user.undeleted')); flash()->error(trans('user.undeleted'));

10
resources/views/users/agency/edit.blade.php
View File

@ -1,9 +1,10 @@
@extends('layouts.app')
@extends('layouts.dashboard')
@section('content')
<h3 class="page-header">@lang('agency.edit')</h3>
@section('title', trans('agency.edit'))
@section('content-dashboard')
<div class="row"> <div class="row">
<div class="col-md-6">
<div class="col-md-6 col-lg-offset-2">
<?php $agency = auth()->user()->agency;?> <?php $agency = auth()->user()->agency;?>
{{ Form::model($agency, ['route' => 'users.agency.update', 'method' => 'patch']) }} {{ Form::model($agency, ['route' => 'users.agency.update', 'method' => 'patch']) }}
{!! FormField::text('name') !!} {!! FormField::text('name') !!}
@ -12,6 +13,7 @@
{!! FormField::textarea('address') !!} {!! FormField::textarea('address') !!}
{!! FormField::text('phone') !!} {!! FormField::text('phone') !!}
{{ Form::submit(trans('agency.update'), ['class' => 'btn btn-info']) }} {{ Form::submit(trans('agency.update'), ['class' => 'btn btn-info']) }}
{{ link_to_route('users.agency.show', trans('app.cancel'), [], ['class' => 'btn btn-default']) }}
{{ Form::close() }} {{ Form::close() }}
</div> </div>
</div> </div>

21
resources/views/users/profile/edit.blade.php
View File

@ -1,24 +1,15 @@
@extends('layouts.app')
@extends('layouts.dashboard')
@section('content')
<h3 class="page-header">@lang('auth.profile_edit')</h3>
@section('title', trans('auth.profile_edit'))
@section('content-dashboard')
<div class="row"> <div class="row">
<div class="col-md-6">
<div class="col-md-6 col-lg-offset-2">
{{ Form::model(auth()->user(), ['route' => 'users.profile.update', 'method' => 'patch']) }} {{ Form::model(auth()->user(), ['route' => 'users.profile.update', 'method' => 'patch']) }}
{!! FormField::text('name') !!} {!! FormField::text('name') !!}
{!! FormField::email('email') !!} {!! FormField::email('email') !!}
{{ Form::submit(trans('auth.update_profile'), ['class' => 'btn btn-info']) }} {{ Form::submit(trans('auth.update_profile'), ['class' => 'btn btn-info']) }}
{{ Form::close() }}
</div>
<div class="col-md-6">
<?php $agency = auth()->user()->agency;?>
{{ Form::model($agency, ['route' => 'users.agency.update', 'method' => 'patch']) }}
{!! FormField::text('name') !!}
{!! FormField::email('email') !!}
{!! FormField::text('website') !!}
{!! FormField::textarea('address') !!}
{!! FormField::text('phone') !!}
{{ Form::submit(trans('agency.update'), ['class' => 'btn btn-info']) }}
{{ link_to_route('users.profile.show', trans('app.cancel'), [], ['class' => 'btn btn-default']) }}
{{ Form::close() }} {{ Form::close() }}
</div> </div>
</div> </div>

2
routes/web/users.php
View File

@ -4,6 +4,6 @@ Route::group(['middleware' => ['web', 'auth'], 'namespace' => 'Users'], function
/** /**
* Users Routes * Users Routes
*/ */
Route::get('users/{id}/delete', ['as' => 'users.delete', 'uses' => 'UsersController@delete']);
Route::get('users/{user}/delete', ['as' => 'users.delete', 'uses' => 'UsersController@delete']);
Route::resource('users', 'UsersController'); Route::resource('users', 'UsersController');
}); });

19
tests/Feature/Users/ManageUsersTest.php
View File

@ -10,8 +10,8 @@ class ManageUsersTest extends TestCase
/** @test */ /** @test */
public function user_can_see_user_list_from_dashboard_tab() public function user_can_see_user_list_from_dashboard_tab()
{ {
$user = $this->adminUserSigningIn();
$agency = $user->agency;
$admin = $this->adminUserSigningIn();
$agency = $admin->agency;
$user1 = factory(User::class)->create(); $user1 = factory(User::class)->create();
$user2 = factory(User::class)->create(); $user2 = factory(User::class)->create();
@ -27,7 +27,7 @@ class ManageUsersTest extends TestCase
/** @test */ /** @test */
public function admin_can_insert_new_user() public function admin_can_insert_new_user()
{ {
$user = $this->adminUserSigningIn();
$admin = $this->adminUserSigningIn();
$this->visit(route('users.index')); $this->visit(route('users.index'));
$this->click(trans('user.create')); $this->click(trans('user.create'));
@ -53,8 +53,9 @@ class ManageUsersTest extends TestCase
/** @test */ /** @test */
public function admin_can_edit_user_data() public function admin_can_edit_user_data()
{ {
$user = $this->adminUserSigningIn();
$admin = $this->adminUserSigningIn();
$user2 = factory(User::class)->create(); $user2 = factory(User::class)->create();
$admin->agency->addWorker($user2);
$this->visit(route('users.edit', $user2->id)); $this->visit(route('users.edit', $user2->id));
$this->type('Ganti nama User', 'name'); $this->type('Ganti nama User', 'name');
@ -62,9 +63,11 @@ class ManageUsersTest extends TestCase
$this->press(trans('user.update')); $this->press(trans('user.update'));
$this->seePageIs(route('users.edit', $user2->id)); $this->seePageIs(route('users.edit', $user2->id));
$this->see(trans('user.updated')); $this->see(trans('user.updated'));
$this->see('Ganti nama User'); $this->see('Ganti nama User');
$this->see('member@mail.dev'); $this->see('member@mail.dev');
$this->seeInDatabase('users', [ $this->seeInDatabase('users', [
'id' => $user2->id, 'id' => $user2->id,
'name' => 'Ganti nama User', 'name' => 'Ganti nama User',
@ -75,8 +78,9 @@ class ManageUsersTest extends TestCase
/** @test */ /** @test */
public function admin_can_deleta_a_user() public function admin_can_deleta_a_user()
{ {
$user = $this->adminUserSigningIn();
$admin = $this->adminUserSigningIn();
$user2 = factory(User::class)->create(); $user2 = factory(User::class)->create();
$admin->agency->addWorker($user2);
$this->visit(route('users.edit', $user2->id)); $this->visit(route('users.edit', $user2->id));
@ -99,5 +103,10 @@ class ManageUsersTest extends TestCase
'username' => $user2->username, 'username' => $user2->username,
'email' => $user2->email, 'email' => $user2->email,
]); ]);
$this->notSeeInDatabase('agency_workers', [
'agency_id' => $admin->agency->id,
'worker_id' => $user2->id,
]);
} }
} }
Write Preview
Loading…
Cancel
Save