update
This commit is contained in:
meusinfirmary
@ -30,8 +30,7 @@ class AuthController extends Controller
|
||||
$response = [
|
||||
"success" => false,
|
||||
"code" => 400,
|
||||
"msg" =>
|
||||
"Your account is inactive, please contact the Administrator.",
|
||||
"msg" => "Your account is inactive, please contact the Administrator.",
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@ -51,56 +51,72 @@ class LoginController extends Controller
|
||||
return "email";
|
||||
}
|
||||
|
||||
// public function login(Request $req)
|
||||
// {
|
||||
// $this->validateLogin($req);
|
||||
|
||||
// if (method_exists($this, "hasTooManyLoginAttempts") && $this->hasTooManyLoginAttempts($req)) {
|
||||
// $this->fireLockoutEvent($req);
|
||||
|
||||
// return $this->sendLockoutResponse($req);
|
||||
// }
|
||||
|
||||
// if ($this->guard()->validate($this->credentials($req))) {
|
||||
// $user = $this->guard()->getLastAttempted();
|
||||
|
||||
// if ($user->dlt != null) {
|
||||
// $this->incrementLoginAttempts($req);
|
||||
// throw ValidationException::withMessages([
|
||||
// $this->username() => [trans("auth.failed")],
|
||||
// ]);
|
||||
// }
|
||||
// if ($user->status != Users::STATUS_ACTIVE) {
|
||||
// $this->incrementLoginAttempts($req);
|
||||
|
||||
// throw ValidationException::withMessages([
|
||||
// $this->username() => __("Your account not active, please contact admin."),
|
||||
// ]);
|
||||
// }
|
||||
|
||||
// if ($this->attemptLogin($req)) {
|
||||
// return $this->sendLoginResponse($req);
|
||||
// }
|
||||
// }
|
||||
|
||||
// $this->incrementLoginAttempts($req);
|
||||
|
||||
// return $this->sendFailedLoginResponse($req);
|
||||
// }
|
||||
public function login(Request $req)
|
||||
{
|
||||
$this->validateLogin($req);
|
||||
|
||||
// If the class is using the ThrottlesLogins trait, we can automatically throttle
|
||||
// the login attempts for this application. We'll key this by the username and
|
||||
// the IP address of the client making these requests into this application.
|
||||
if (
|
||||
method_exists($this, "hasTooManyLoginAttempts") &&
|
||||
$this->hasTooManyLoginAttempts($req)
|
||||
) {
|
||||
if (method_exists($this, "hasTooManyLoginAttempts") && $this->hasTooManyLoginAttempts($req)) {
|
||||
$this->fireLockoutEvent($req);
|
||||
|
||||
return $this->sendLockoutResponse($req);
|
||||
}
|
||||
|
||||
if ($this->guard()->validate($this->credentials($req))) {
|
||||
$user = $this->guard()->getLastAttempted();
|
||||
if ($user->dlt != null) {
|
||||
$this->incrementLoginAttempts($req);
|
||||
throw ValidationException::withMessages([
|
||||
$this->username() => [trans("auth.failed")],
|
||||
]);
|
||||
}
|
||||
if ($user->status != Users::STATUS_ACTIVE) {
|
||||
// Increment the failed login attempts and redirect back to the
|
||||
// login form with an error message.
|
||||
$this->incrementLoginAttempts($req);
|
||||
// return redirect()
|
||||
// ->back()
|
||||
// ->withInput($req->only($this->username(), 'remember'))
|
||||
// ->withErrors(['active' => 'You must be active to login.']);
|
||||
throw ValidationException::withMessages([
|
||||
$this->username() => __(
|
||||
"Your account not active, please contact admin."
|
||||
),
|
||||
]);
|
||||
}
|
||||
// Cari user yang belum dihapus (dlt == null)
|
||||
$user = Users::where("email", $req->email)
|
||||
->whereNull("dlt")
|
||||
->first();
|
||||
|
||||
if ($this->attemptLogin($req)) {
|
||||
return $this->sendLoginResponse($req);
|
||||
}
|
||||
if (!$user || !\Hash::check($req->password, $user->password)) {
|
||||
$this->incrementLoginAttempts($req);
|
||||
return $this->sendFailedLoginResponse($req);
|
||||
}
|
||||
|
||||
// If the login attempt was unsuccessful we will increment the number of attempts
|
||||
// to login and redirect the user back to the login form. Of course, when this
|
||||
// user surpasses their maximum number of attempts they will get locked out.
|
||||
$this->incrementLoginAttempts($req);
|
||||
if ($user->status != Users::STATUS_ACTIVE) {
|
||||
$this->incrementLoginAttempts($req);
|
||||
throw ValidationException::withMessages([
|
||||
$this->username() => __("Your account not active, please contact admin."),
|
||||
]);
|
||||
}
|
||||
|
||||
return $this->sendFailedLoginResponse($req);
|
||||
// Login manual
|
||||
$this->guard()->login($user);
|
||||
|
||||
return $this->sendLoginResponse($req);
|
||||
}
|
||||
|
||||
protected function validateLogin(Request $req)
|
||||
@ -139,9 +155,7 @@ class LoginController extends Controller
|
||||
} elseif ($user->role == Users::ROLE_CHECKER) {
|
||||
return redirect(route("view_user_checker"));
|
||||
} elseif ($user->role == Users::ROLE_CLIENT_ADMIN) {
|
||||
return redirect(
|
||||
route("view_user_client_transaction_add") . "?rdl=1"
|
||||
);
|
||||
return redirect(route("view_user_client_transaction_add") . "?rdl=1");
|
||||
} elseif ($user->role == Users::ROLE_SPECIAL_TRACKING) {
|
||||
return redirect(route("view_dashboard"));
|
||||
} elseif ($user->role == Users::ROLE_FINANCE) {
|
||||
@ -166,9 +180,7 @@ class LoginController extends Controller
|
||||
if ($response = $this->loggedOut($req)) {
|
||||
return $response;
|
||||
}
|
||||
return $req->wantsJson()
|
||||
? new JsonResponse([], 204)
|
||||
: redirect(route("login_admin"));
|
||||
return $req->wantsJson() ? new JsonResponse([], 204) : redirect(route("login_admin"));
|
||||
} elseif ($user->role == Users::ROLE_FINANCE) {
|
||||
$this->guard()->logout();
|
||||
$req->session()->invalidate();
|
||||
@ -176,9 +188,7 @@ class LoginController extends Controller
|
||||
if ($response = $this->loggedOut($req)) {
|
||||
return $response;
|
||||
}
|
||||
return $req->wantsJson()
|
||||
? new JsonResponse([], 204)
|
||||
: redirect(route("login_admin"));
|
||||
return $req->wantsJson() ? new JsonResponse([], 204) : redirect(route("login_admin"));
|
||||
} elseif ($user->role == Users::ROLE_VENDOR) {
|
||||
$this->guard()->logout();
|
||||
$req->session()->invalidate();
|
||||
@ -186,9 +196,7 @@ class LoginController extends Controller
|
||||
if ($response = $this->loggedOut($req)) {
|
||||
return $response;
|
||||
}
|
||||
return $req->wantsJson()
|
||||
? new JsonResponse([], 204)
|
||||
: redirect(route("login_vendor"));
|
||||
return $req->wantsJson() ? new JsonResponse([], 204) : redirect(route("login_vendor"));
|
||||
} elseif ($user->role == Users::ROLE_CHECKER) {
|
||||
$this->guard()->logout();
|
||||
$req->session()->invalidate();
|
||||
@ -196,9 +204,7 @@ class LoginController extends Controller
|
||||
if ($response = $this->loggedOut($req)) {
|
||||
return $response;
|
||||
}
|
||||
return $req->wantsJson()
|
||||
? new JsonResponse([], 204)
|
||||
: redirect(route("login_checker"));
|
||||
return $req->wantsJson() ? new JsonResponse([], 204) : redirect(route("login_checker"));
|
||||
} elseif ($user->role == Users::ROLE_CLIENT_ADMIN) {
|
||||
$this->guard()->logout();
|
||||
$req->session()->invalidate();
|
||||
@ -206,9 +212,7 @@ class LoginController extends Controller
|
||||
if ($response = $this->loggedOut($req)) {
|
||||
return $response;
|
||||
}
|
||||
return $req->wantsJson()
|
||||
? new JsonResponse([], 204)
|
||||
: redirect(route("login_client"));
|
||||
return $req->wantsJson() ? new JsonResponse([], 204) : redirect(route("login_client"));
|
||||
} elseif ($user->role == Users::ROLE_SPECIAL_TRACKING) {
|
||||
$this->guard()->logout();
|
||||
$req->session()->invalidate();
|
||||
@ -216,9 +220,7 @@ class LoginController extends Controller
|
||||
if ($response = $this->loggedOut($req)) {
|
||||
return $response;
|
||||
}
|
||||
return $req->wantsJson()
|
||||
? new JsonResponse([], 204)
|
||||
: redirect(route("login_admin"));
|
||||
return $req->wantsJson() ? new JsonResponse([], 204) : redirect(route("login_admin"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,69 +13,69 @@ use App\Models\Users;
|
||||
|
||||
class AuthController extends Controller
|
||||
{
|
||||
// public function view_login(Request $req)
|
||||
// {
|
||||
// return 'Do login';
|
||||
// }
|
||||
public function view_login_admin(Request $req)
|
||||
{
|
||||
return view('auth.loginAdmin');
|
||||
}
|
||||
public function view_login_client(Request $req)
|
||||
{
|
||||
return view('auth.loginClient');
|
||||
}
|
||||
public function view_login_vendor(Request $req)
|
||||
{
|
||||
return view('auth.loginVendor');
|
||||
}
|
||||
public function view_login_checker(Request $req)
|
||||
{
|
||||
return view('auth.loginChecker');
|
||||
}
|
||||
// public function view_login(Request $req)
|
||||
// {
|
||||
// return 'Do login';
|
||||
// }
|
||||
public function view_login_admin(Request $req)
|
||||
{
|
||||
return view("auth.loginAdmin");
|
||||
}
|
||||
public function view_login_client(Request $req)
|
||||
{
|
||||
return view("auth.loginClient");
|
||||
}
|
||||
public function view_login_vendor(Request $req)
|
||||
{
|
||||
return view("auth.loginVendor");
|
||||
}
|
||||
public function view_login_checker(Request $req)
|
||||
{
|
||||
return view("auth.loginChecker");
|
||||
}
|
||||
|
||||
public function api_login(Request $req)
|
||||
{
|
||||
try {
|
||||
$now = time();
|
||||
public function api_login(Request $req)
|
||||
{
|
||||
try {
|
||||
$now = time();
|
||||
|
||||
$input = [
|
||||
'password' => $req->password,
|
||||
];
|
||||
$rulesInput = [
|
||||
'password' => 'required|string',
|
||||
];
|
||||
$input = [
|
||||
"password" => $req->password,
|
||||
];
|
||||
$rulesInput = [
|
||||
"password" => "required|string",
|
||||
];
|
||||
|
||||
if ($req->email) {
|
||||
$input['email'] = $req->email;
|
||||
$rulesInput['email'] = 'required|email';
|
||||
}
|
||||
if ($req->phone) {
|
||||
$input['phone'] = $req->phone;
|
||||
$rulesInput['phone'] = 'required|integer';
|
||||
}
|
||||
if ($req->email) {
|
||||
$input["email"] = $req->email;
|
||||
$rulesInput["email"] = "required|email";
|
||||
}
|
||||
if ($req->phone) {
|
||||
$input["phone"] = $req->phone;
|
||||
$rulesInput["phone"] = "required|integer";
|
||||
}
|
||||
|
||||
// validasi input
|
||||
$isValidInput = Validator::make($input, $rulesInput);
|
||||
if (!$isValidInput->passes()) {
|
||||
$apiResp = Responses::bad_input($isValidInput->messages()->first());
|
||||
return new Response($apiResp, $apiResp['meta']['code']);
|
||||
}
|
||||
// validasi input
|
||||
$isValidInput = Validator::make($input, $rulesInput);
|
||||
if (!$isValidInput->passes()) {
|
||||
$apiResp = Responses::bad_input($isValidInput->messages()->first());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
$getUser = Users::getUserByEmail($req->email);
|
||||
if (count($getUser) < 1) {
|
||||
$getUser = Users::getUserByPhone($req->phone);
|
||||
if (count($getUser) < 1) {
|
||||
$apiResp = Responses::not_found('akun tidak ditemukan');
|
||||
return (new Response($apiResp, $apiResp['meta']['code']));
|
||||
}
|
||||
}
|
||||
$getUser = Users::getUserByEmail($req->email);
|
||||
if (count($getUser) < 1) {
|
||||
$getUser = Users::getUserByPhone($req->phone);
|
||||
if (count($getUser) < 1) {
|
||||
$apiResp = Responses::not_found("akun tidak ditemukan");
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
|
||||
$apiResp = Responses::success('sukses login');
|
||||
return (new Response($apiResp, $apiResp['meta']['code']));
|
||||
} catch (\Exception $e) {
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return (new Response($apiResp, $apiResp['meta']['code']));
|
||||
}
|
||||
}
|
||||
$apiResp = Responses::success("sukses login");
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
287
app/Http/Controllers/RolesController.php
Executable file
287
app/Http/Controllers/RolesController.php
Executable file
@ -0,0 +1,287 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Validator;
|
||||
use App\Responses;
|
||||
use App\Helper;
|
||||
use App\Models\Users;
|
||||
use App\Models\Clients;
|
||||
use App\Models\Vehicles;
|
||||
use App\Models\Banks;
|
||||
use App\Models\UsersMenuPermissions;
|
||||
|
||||
class RolesController extends Controller
|
||||
{
|
||||
/**
|
||||
* Display a listing of the resource.
|
||||
*
|
||||
* @return \Illuminate\Http\Response
|
||||
*/
|
||||
public function view(Request $req)
|
||||
{
|
||||
$permissions = \Spatie\Permission\Models\Permission::all();
|
||||
|
||||
$data = [
|
||||
"roles" => Users::listRoles($req->auth->role),
|
||||
"pernus" => UsersMenuPermissions::listPermissionsMenus([
|
||||
"is_active" => UsersMenuPermissions::IS_ACTIVE,
|
||||
]),
|
||||
"vehicles" => Vehicles::getVehicles(),
|
||||
"banks" => Banks::listBanks(["is_active" => Banks::IS_ACTIVE]),
|
||||
"permission" => $permissions->groupBy(function ($perm) {
|
||||
return explode(".", $perm->name)[0]; // ambil modul: user, transaction, dst
|
||||
}),
|
||||
];
|
||||
|
||||
return view("menu_v1.roles", $data);
|
||||
}
|
||||
|
||||
/**
|
||||
* API
|
||||
*/
|
||||
|
||||
public function api_list(Request $req)
|
||||
{
|
||||
try {
|
||||
$list = DB::table("roles")->get();
|
||||
foreach ($list as $key => $row) {
|
||||
$list[$key]->DT_RowIndex = $key + 1;
|
||||
$list[$key]->count_trx = 0;
|
||||
$list[$key]->action = "-";
|
||||
}
|
||||
|
||||
$apiResp = Responses::success("success list users");
|
||||
$apiResp["data"] = $list;
|
||||
$apiResp["count"] = count($list);
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
|
||||
public function api_show(Request $req, $uid)
|
||||
{
|
||||
try {
|
||||
$now = time();
|
||||
|
||||
$input = [
|
||||
"uid" => $uid,
|
||||
];
|
||||
$rulesInput = [
|
||||
"uid" => "required|integer|not_in:0",
|
||||
];
|
||||
|
||||
// validasi input
|
||||
$isValidInput = Validator::make($input, $rulesInput);
|
||||
if (!$isValidInput->passes()) {
|
||||
$apiResp = Responses::bad_input($isValidInput->messages()->first());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
$role = DB::table("roles")
|
||||
->where("roles.id", $uid)
|
||||
->get();
|
||||
|
||||
if (count($role) < 1) {
|
||||
$apiResp = Responses::not_found("role not found");
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
$permissions = DB::table("role_has_permissions")
|
||||
->where("role_id", $uid)
|
||||
->pluck("permission_id") // ambil array [1, 6, ...]
|
||||
->toArray();
|
||||
$role[0]->permissions = $permissions;
|
||||
|
||||
$apiResp = Responses::success("success get detail role");
|
||||
$apiResp["data"] = $role[0];
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
|
||||
public function api_add(Request $req)
|
||||
{
|
||||
try {
|
||||
DB::beginTransaction();
|
||||
// Users::addUser($data);
|
||||
|
||||
$role_id = DB::table("roles")->insertGetId([
|
||||
"name" => $req->name,
|
||||
"guard_name" => "web",
|
||||
"created_at" => date("Y-m-d H:i:s"),
|
||||
"updated_at" => date("Y-m-d H:i:s"),
|
||||
]);
|
||||
|
||||
$role_has_permissions = [];
|
||||
foreach ($req->permissions as $_permission) {
|
||||
array_push($role_has_permissions, ["permission_id" => $_permission, "role_id" => $role_id]);
|
||||
}
|
||||
|
||||
DB::table("role_has_permissions")->insert($role_has_permissions);
|
||||
|
||||
$apiResp = Responses::created("success add new role");
|
||||
DB::commit();
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
DB::rollBack();
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
|
||||
public function api_edit(Request $req)
|
||||
{
|
||||
try {
|
||||
DB::beginTransaction();
|
||||
|
||||
DB::table("roles")
|
||||
->where("id", $req->uid)
|
||||
->update([
|
||||
"name" => $req->name, // ganti sesuai field yang mau diubah
|
||||
"updated_at" => now(),
|
||||
]);
|
||||
|
||||
DB::table("role_has_permissions")
|
||||
->where("role_id", $req->uid)
|
||||
->delete();
|
||||
|
||||
$role_has_permissions = [];
|
||||
foreach ($req->permissions as $pid) {
|
||||
$role_has_permissions[] = [
|
||||
"role_id" => $req->uid,
|
||||
"permission_id" => $pid,
|
||||
];
|
||||
}
|
||||
DB::table("role_has_permissions")->insert($role_has_permissions);
|
||||
|
||||
$apiResp = Responses::created("success update role");
|
||||
|
||||
DB::commit();
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
DB::rollBack();
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
|
||||
public function api_del(Request $req)
|
||||
{
|
||||
try {
|
||||
$now = time();
|
||||
|
||||
$input = [
|
||||
"uid" => $req->uid,
|
||||
];
|
||||
$rulesInput = [
|
||||
"uid" => "required|integer|not_in:0",
|
||||
];
|
||||
$data = [
|
||||
"id" => $req->uid,
|
||||
];
|
||||
|
||||
// validasi input
|
||||
$isValidInput = Validator::make($input, $rulesInput);
|
||||
if (!$isValidInput->passes()) {
|
||||
$apiResp = Responses::bad_input($isValidInput->messages()->first());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
$role = DB::table("roles")
|
||||
->where("id", $req->uid)
|
||||
->get();
|
||||
if (count($role) < 1) {
|
||||
$apiResp = Responses::not_found("user not found");
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
DB::beginTransaction();
|
||||
|
||||
DB::table("role_has_permissions")
|
||||
->where("role_id", $req->uid)
|
||||
->delete();
|
||||
|
||||
DB::table("roles")
|
||||
->where("id", $req->uid)
|
||||
->delete();
|
||||
|
||||
$apiResp = Responses::created("success delete role");
|
||||
|
||||
DB::commit();
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
DB::rollBack();
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
|
||||
public function api_search(Request $req)
|
||||
{
|
||||
try {
|
||||
$now = time();
|
||||
$roles = Users::arrRoles();
|
||||
$statuses = Users::arrStatus();
|
||||
|
||||
$input = [
|
||||
"name" => $req->name,
|
||||
"roles" => $req->roles,
|
||||
];
|
||||
$rulesInput = [
|
||||
"name" => "required|string|max:125",
|
||||
"roles" => "nullable|integer|not_in:0",
|
||||
];
|
||||
|
||||
// validasi input
|
||||
$isValidInput = Validator::make($input, $rulesInput);
|
||||
if (!$isValidInput->passes()) {
|
||||
$apiResp = Responses::bad_input($isValidInput->messages()->first());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
if ($req->roles) {
|
||||
if (in_array($req->roles, $roles)) {
|
||||
} else {
|
||||
$apiResp = Responses::bad_request("role not valid");
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
$users = Users::likeName($req->name, $req->roles);
|
||||
} else {
|
||||
$users = Users::likeName($req->name);
|
||||
}
|
||||
|
||||
if (count($users) < 1) {
|
||||
$apiResp = Responses::not_found("user not found");
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
|
||||
foreach ($users as $k => $v) {
|
||||
// remove from array but no reindex array
|
||||
// unset($users[$k]);
|
||||
// remove from array and reindex array
|
||||
// array_splice($users, $k, 1);
|
||||
unset($users[$k]->password);
|
||||
}
|
||||
|
||||
$apiResp = Responses::success("success search user by name");
|
||||
$apiResp["data"] = $users;
|
||||
|
||||
DB::commit();
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
} catch (\Exception $e) {
|
||||
DB::rollBack();
|
||||
$apiResp = Responses::error($e->getMessage());
|
||||
return new Response($apiResp, $apiResp["meta"]["code"]);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -25,8 +25,16 @@ class UsersController extends Controller
|
||||
*/
|
||||
public function view_users(Request $req)
|
||||
{
|
||||
if (
|
||||
!auth()
|
||||
->user()
|
||||
->can("user.view")
|
||||
) {
|
||||
abort(403, "Unauthorized");
|
||||
}
|
||||
$data = [
|
||||
"roles" => Users::listRoles($req->auth->role),
|
||||
// "roles" => Users::listRoles($req->auth->role),
|
||||
"roles" => DB::table("roles")->get(),
|
||||
"pernus" => UsersMenuPermissions::listPermissionsMenus([
|
||||
"is_active" => UsersMenuPermissions::IS_ACTIVE,
|
||||
]),
|
||||
@ -48,7 +56,7 @@ class UsersController extends Controller
|
||||
public function view_profile(Request $req)
|
||||
{
|
||||
$data = [
|
||||
"roles" => Users::listRoles($req->auth->role),
|
||||
"roles" => DB::table("roles")->get(),
|
||||
"pernus" => UsersMenuPermissions::listPermissionsMenus([
|
||||
"is_active" => UsersMenuPermissions::IS_ACTIVE,
|
||||
]),
|
||||
@ -304,7 +312,15 @@ class UsersController extends Controller
|
||||
|
||||
DB::beginTransaction();
|
||||
|
||||
Users::addUser($data);
|
||||
$user_id = Users::addUser($data);
|
||||
|
||||
if ($req->roles) {
|
||||
DB::table("model_has_roles")->insert([
|
||||
"role_id" => $req->roles,
|
||||
"model_type" => "App\\User", // atau 'App\User' tergantung struktur kamu
|
||||
"model_id" => $user_id, // ID user-nya
|
||||
]);
|
||||
}
|
||||
|
||||
$apiResp = Responses::created("success add new user");
|
||||
|
||||
@ -529,10 +545,24 @@ class UsersController extends Controller
|
||||
$data["updt"] = $now;
|
||||
$data["updt_by"] = $req->auth->uid;
|
||||
|
||||
$data["role"] = 2;
|
||||
|
||||
DB::beginTransaction();
|
||||
|
||||
Users::updateUser($req->uid, $data);
|
||||
|
||||
DB::table("model_has_roles")
|
||||
->where("model_id", $req->uid)
|
||||
->delete();
|
||||
|
||||
if ($req->roles) {
|
||||
DB::table("model_has_roles")->insert([
|
||||
"role_id" => $req->roles,
|
||||
"model_type" => "App\\User", // atau 'App\User' tergantung struktur kamu
|
||||
"model_id" => $req->uid, // ID user-nya
|
||||
]);
|
||||
}
|
||||
|
||||
$apiResp = Responses::created("success update user");
|
||||
|
||||
DB::commit();
|
||||
|
||||
Reference in New Issue
Block a user