dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #4043 from angelej/member-role-authorization

Browse Source 
Add new role enum and apply authorization
This commit is contained in:
Andras Bacsai
2024-10-28 21:02:45 +01:00
committed by GitHub
parent a421fdaee5 44f0458eb6
commit 4d779f8fbc
2 changed files with 54 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
app/Livewire/Team/Member.php
View File

@@ -2,6 +2,7 @@
namespace App\Livewire\Team;
use App\Enums\Role;
use App\Models\User;
use Illuminate\Support\Facades\Cache;
use Livewire\Component;
@@ -13,10 +14,11 @@ class Member extends Component
public function makeAdmin()
{
try {
if (! auth()->user()->isAdmin()) {
if (Role::from(auth()->user()->role())->lt(Role::ADMIN)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'admin']);
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => Role::ADMIN->value]);
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());
@@ -26,10 +28,11 @@ class Member extends Component
public function makeOwner()
{
try {
if (! auth()->user()->isOwner()) {
if (Role::from(auth()->user()->role())->lt(Role::OWNER)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'owner']);
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => Role::OWNER->value]);
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());
@@ -39,10 +42,11 @@ class Member extends Component
public function makeReadonly()
{
try {
if (! auth()->user()->isAdmin()) {
if (Role::from(auth()->user()->role())->lt(Role::ADMIN)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'member']);
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => Role::MEMBER->value]);
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());
@@ -52,7 +56,8 @@ class Member extends Component
public function remove()
{
try {
if (! auth()->user()->isAdmin()) {
if (Role::from(auth()->user()->role())->lt(Role::ADMIN)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->detach(currentTeam());
@@ -65,4 +70,9 @@ class Member extends Component
$this->dispatch('error', $e->getMessage());
}
}
private function getMemberRole()
{
return $this->member->teams()->where('teams.id', currentTeam()->id)->first()?->pivot?->role;
}
}