Merge pull request #9 from stivenm0/main

Fix access control in menu and routes

Author: daniel-cintra

src/Console/InstallCommand.php

@@ -36,6 +36,6 @@ public function handle(): int
 
     protected function phpBinary(): string
     {
-        return (new PhpExecutableFinder())->find(false) ?: 'php';
+        return (new PhpExecutableFinder)->find(false) ?: 'php';
     }
 }

src/Console/PublishLaravelTranslationsCommand.php

@@ -32,7 +32,7 @@ public function handle(): int
 
     private function publishLang(string $lang): void
     {
-        $filesystem = new Filesystem();
+        $filesystem = new Filesystem;
 
         $filesystem->copyDirectory(
             __DIR__."/../../stubs/lang/{$lang}",

stubs/modules/Acl/Database/Seeders/AclPermissionSeeder.php

@@ -39,8 +39,8 @@ private function getPermissions(): array
             'Acl: Role - List',
 
             //User/UserIndex.vue
-            'Acl: User - Manage Roles',
-            'Acl: User - Manage Permissions',
+            'Acl: User: Role - Edit',
+            'Acl: User: Permission - Edit',
             'Acl: User - Create',
             'Acl: User - Edit',
             'Acl: User - Delete',
@@ -56,7 +56,7 @@ private function getPermissions(): array
             'Acl: Role - Delete',
 
             //AclRolePermission/RolePermissionForm.vue
-            'Acl: Role - Manage Permissions',
+            'Acl: Role: Permission - Edit',
         ];
 
     }

stubs/modules/Acl/routes/app.php

@@ -16,76 +16,94 @@
 //acl - permission
 Route::get('acl-permission', [
     PermissionController::class, 'index',
-])->name('aclPermission.index');
+])->name('aclPermission.index')
+    ->can('Acl: Permission - List');
 
 Route::get('acl-permission/create', [
     PermissionController::class, 'create',
-])->name('aclPermission.create');
+])->name('aclPermission.create')
+    ->can('Acl: permission - Create');
 
 Route::post('acl-permission', [
     PermissionController::class, 'store',
-])->name('aclPermission.store');
+])->name('aclPermission.store')
+    ->can('Acl: Permission - Create');
 
 Route::get('acl-permission/{id}/edit', [
     PermissionController::class, 'edit',
-])->name('aclPermission.edit');
+])->name('aclPermission.edit')
+    ->can('Acl: Permission - Edit');
 
 Route::put('acl-permission/{id}', [
     PermissionController::class, 'update',
-])->name('aclPermission.update');
+])->name('aclPermission.update')
+    ->can('Acl: Permission - Edit');
 
 Route::delete('acl-permission/{id}', [
     PermissionController::class, 'destroy',
-])->name('aclPermission.destroy');
+])->name('aclPermission.destroy')
+    ->can('Acl: Permission - Delete');
 
 //acl - role
 Route::get('acl-role', [
     RoleController::class, 'index',
-])->name('aclRole.index');
+])->name('aclRole.index')
+    ->can('Acl: Role - List');
 
 Route::get('acl-role/create', [
     RoleController::class, 'create',
-])->name('aclRole.create');
+])->name('aclRole.create')
+    ->can('Acl: Role - Create');
 
 Route::post('acl-role', [
     RoleController::class, 'store',
-])->name('aclRole.store');
+])->name('aclRole.store')
+    ->can('Acl: Role - Create');
 
 Route::get('acl-role/{id}/edit', [
     RoleController::class, 'edit',
-])->name('aclRole.edit');
+])->name('aclRole.edit')
+    ->can('Acl: Role - Edit');
 
 Route::put('acl-role/{id}', [
     RoleController::class, 'update',
-])->name('aclRole.update');
+])->name('aclRole.update')
+    ->can('Acl: Role - Edit');
 
 Route::delete('acl-role/{id}', [
     RoleController::class, 'destroy',
-])->name('aclRole.destroy');
+])->name('aclRole.destroy')
+    ->can('Acl: Role - Delete');
 
 //acl - role => permissions
 Route::get('acl-role-permission/{id}/edit', [
     RolePermissionController::class, 'edit',
-])->name('aclRolePermission.edit');
+])->name('aclRolePermission.edit')
+    ->can('Acl: Role: Permission - Edit');
 
 Route::put('acl-role-permission/{id}', [
     RolePermissionController::class, 'update',
-])->name('aclRolePermission.update');
+])->name('aclRolePermission.update')
+    ->can('Acl: Role: Permission - Edit');
 
 //acl - user role
 Route::get('acl-user-role/{id}/edit', [
     UserRoleController::class, 'edit',
-])->name('aclUserRole.edit');
+])->name('aclUserRole.edit')
+    ->can('Acl: User: Role - Edit');
 
 Route::put('acl-user-role/{id}', [
     UserRoleController::class, 'update',
-])->name('aclUserRole.update');
+])->name('aclUserRole.update')
+    ->can('Acl: User: Role - Edit');
 
 //acl - user => permissions
 Route::get('acl-user-permission/{id}/edit', [
     UserPermissionController::class, 'edit',
-])->name('aclUserPermission.edit');
+])->name('aclUserPermission.edit')
+    ->can('Acl: User: Permission - Edit');
 
 Route::put('acl-user-permission/{id}', [
     UserPermissionController::class, 'update',
-])->name('aclUserPermission.update');
+])->name('aclUserPermission.update')
+    ->can('Acl: User: Permission - Edit');

stubs/modules/AdminAuth/Notifications/ResetPassword.php

@@ -12,9 +12,7 @@ class ResetPassword extends Notification
      *
      * @param  string  $token
      */
-    public function __construct(public $token)
-    {
-    }
+    public function __construct(public $token) {}
 
     /**
      * Get the notification's delivery channels.

stubs/resources/js/Configs/menu.js

@@ -5,31 +5,30 @@ export default {
     items: [
         {
             label: 'Dashboard',
-            permission: 'Main Menu: Dashboard',
+            permission: 'Dashboard',
             icon: 'ri-dashboard-line',
             link: route('dashboard.index')
         },
 
         {
             label: 'Access Control List',
-            permission: 'Main Menu: Access Control List',
+            permission: 'Acl',
             children: [
                 {
                     label: 'Users',
-                    permission: 'Main Menu: Access Control List: Users - List',
+                    permission: 'Acl: User - List',
                     icon: 'ri-user-line',
                     link: route('user.index')
                 },
                 {
                     label: 'Permissions',
-                    permission:
-                        'Main Menu: Access Control List: Permissions - List',
+                    permission: 'Acl: Permission - List',
                     icon: 'ri-shield-keyhole-line',
                     link: route('aclPermission.index')
                 },
                 {
                     label: 'Roles',
-                    permission: 'Main Menu: Access Control List: Roles - List',
+                    permission: 'Acl: Role - List',
                     icon: 'ri-account-box-line',
                     link: route('aclRole.index')
                 }

stubs/resources/js/Pages/AclPermission/PermissionIndex.vue

@@ -2,6 +2,7 @@
     <AppSectionHeader :title="__('Permissions')" :bread-crumb="breadCrumb">
         <template #right>
             <AppButton
+                v-if="can('Acl: Permission - Create')"
                 class="btn btn-primary"
                 @click="$inertia.visit(route('aclPermission.create'))"
             >
@@ -33,7 +34,11 @@
 
                     <AppDataTableData>
                         <!-- edit permission -->
-                        <AppTooltip :text="__('Edit Permission')" class="mr-2">
+                        <AppTooltip
+                            v-if="can('Acl: Permission - Edit')"
+                            :text="__('Edit Permission')"
+                            class="mr-2"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-primary"
                                 @click="
@@ -47,7 +52,10 @@
                         </AppTooltip>
 
                         <!-- delete permission -->
-                        <AppTooltip :text="__('Delete Permission')">
+                        <AppTooltip
+                            v-if="can('Acl: Permission - Delete')"
+                            :text="__('Delete Permission')"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-destructive"
                                 @click="
@@ -79,6 +87,9 @@
 
 <script setup>
 import { ref } from 'vue'
+import useAuthCan from '@/Composables/useAuthCan'
+
+const { can } = useAuthCan()
 
 const props = defineProps({
     permissions: {

stubs/resources/js/Pages/AclRole/RoleIndex.vue

@@ -2,6 +2,7 @@
     <AppSectionHeader :title="__('Roles')" :bread-crumb="breadCrumb">
         <template #right>
             <AppButton
+                v-if="can('Acl: Role - Create')"
                 class="btn btn-primary"
                 @click="$inertia.visit(route('aclRole.create'))"
             >
@@ -30,7 +31,11 @@
 
                     <AppDataTableData>
                         <!-- role permissions -->
-                        <AppTooltip :text="__('Role Permissions')" class="mr-2">
+                        <AppTooltip
+                            v-if="can('Acl: Role: Permission - Edit')"
+                            :text="__('Role Permissions')"
+                            class="mr-2"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-primary"
                                 @click="
@@ -44,7 +49,11 @@
                         </AppTooltip>
 
                         <!-- edit role -->
-                        <AppTooltip :text="__('Edit Role')" class="mr-2">
+                        <AppTooltip
+                            v-if="can('Acl: Role - Edit')"
+                            :text="__('Edit Role')"
+                            class="mr-2"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-primary"
                                 @click="
@@ -58,7 +67,10 @@
                         </AppTooltip>
 
                         <!-- delete role -->
-                        <AppTooltip :text="__('Delete Role')">
+                        <AppTooltip
+                            v-if="can('Acl: Role - Delete')"
+                            :text="__('Delete Role')"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-destructive"
                                 @click="
@@ -90,6 +102,9 @@
 
 <script setup>
 import { ref } from 'vue'
+import useAuthCan from '@/Composables/useAuthCan'
+
+const { can } = useAuthCan()
 
 const props = defineProps({
     roles: {

stubs/resources/js/Pages/User/UserIndex.vue

@@ -2,6 +2,7 @@
     <AppSectionHeader :title="__('Users')" :bread-crumb="breadCrumb">
         <template #right>
             <AppButton
+                v-if="can('Acl: User - Create')"
                 class="btn btn-primary"
                 @click="$inertia.visit(route('user.create'))"
             >
@@ -34,7 +35,11 @@
 
                     <AppDataTableData>
                         <!-- edit user roles -->
-                        <AppTooltip :text="__('User Roles')" class="mr-2">
+                        <AppTooltip
+                            v-if="can('Acl: User: Role - Edit')"
+                            :text="__('User Roles')"
+                            class="mr-2"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-primary"
                                 @click="
@@ -48,7 +53,11 @@
                         </AppTooltip>
 
                         <!-- edit user permissions -->
-                        <AppTooltip :text="__('User Permissions')" class="mr-2">
+                        <AppTooltip
+                            v-if="can('Acl: User: Permission - Edit')"
+                            :text="__('User Permissions')"
+                            class="mr-2"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-primary"
                                 @click="
@@ -62,7 +71,11 @@
                         </AppTooltip>
 
                         <!-- edit user -->
-                        <AppTooltip :text="__('Edit User')" class="mr-2">
+                        <AppTooltip
+                            v-if="can('Acl: User - Edit')"
+                            :text="__('Edit User')"
+                            class="mr-2"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-primary"
                                 @click="
@@ -74,7 +87,10 @@
                         </AppTooltip>
 
                         <!-- delete user -->
-                        <AppTooltip :text="__('Delete User')">
+                        <AppTooltip
+                            v-if="can('Acl: User - Delete')"
+                            :text="__('Delete User')"
+                        >
                             <AppButton
                                 class="btn btn-icon btn-destructive"
                                 @click="
@@ -106,6 +122,9 @@
 
 <script setup>
 import { ref } from 'vue'
+import useAuthCan from '@/Composables/useAuthCan'
+
+const { can } = useAuthCan()
 
 const props = defineProps({
     users: {

stubs/site/modules/Index/Models/Index.php

@@ -4,6 +4,4 @@
 
 use Modules\Support\Models\SiteModel;
 
-class Index extends SiteModel
-{
-}
+class Index extends SiteModel {}