Исправлены права доступа

KodiComponents · May 27, 2016 · 593e49b · 593e49b
1 parent 407914a
commit 593e49b
Show file tree

Hide file tree

Showing 11 changed files with 76 additions and 26 deletions.
diff --git a/src/Providers/EventsServiceProvider.php b/src/Providers/EventsServiceProvider.php
@@ -45,8 +45,8 @@ public function boot(DispatcherContract $events)
         });
 
         $events->listen('view.page.edit', function ($page) {
-            if (acl_check('widgets.index') and $page->hasLayout()) {
-                echo view('widgets::widgets.page.iframe')->with('page', $page)->render();
+            if (acl_check('widgets::list') and $page->hasLayout()) {
+                echo view('widgets::widgets.page.iframe', compact('page'))->render();
             }
         });
 
@@ -58,7 +58,7 @@ public function boot(DispatcherContract $events)
                 echo view('widgets::widgets.partials.renderable', compact('widget', 'commentKeys', 'snippets'))->render();
             }
 
-            if ($widget->isCacheable() and acl_check('widgets.cache')) {
+            if ($widget->isCacheable() and acl_check('widget_settings::cache')) {
                 echo view('widgets::widgets.partials.cacheable', compact('widget'))->render();
             }
         });
@@ -71,7 +71,7 @@ public function boot(DispatcherContract $events)
                 echo view('widgets::widgets.partials.renderable_buttons', compact('widget', 'commentKeys', 'snippets', 'assetsPackages', 'widgetList'))->render();
             }
 
-            if (acl_check('widgets.roles') and ! $widget->isHandler()) {
+            if (acl_check('widget_settings::roles') and ! $widget->isHandler()) {
                 $usersRoles = Role::pluck('name', 'id')->all();
                 echo view('widgets::widgets.partials.permissions', compact('widget', 'usersRoles'))->render();
             }

diff --git a/src/Providers/ModuleServiceProvider.php b/src/Providers/ModuleServiceProvider.php
@@ -3,6 +3,7 @@
 namespace KodiCMS\Widgets\Providers;
 
 use KodiCMS\Support\ServiceProvider;
+use KodiCMS\Users\Model\Permission;
 use KodiCMS\Widgets\Contracts\WidgetManager;
 use KodiCMS\Widgets\Manager\WidgetManagerDatabase;
 
@@ -15,7 +16,6 @@ public function boot()
         });
 
         $this->app->alias('widget.manager', WidgetManager::class);
-
         $this->app['view']->addNamespace('snippets', snippets_path());
     }
 
@@ -25,6 +25,27 @@ public function register()
             BladeServiceProvider::class,
             EventsServiceProvider::class,
         ]);
+
+        Permission::register('widgets', 'widget', [
+            'list',
+            'add',
+            'delete',
+            'edit',
+        ]);
+
+        Permission::register('widgets', 'widget_settings', [
+            'cache',
+            'roles',
+            'location',
+        ]);
+
+        Permission::register('widgets', 'snippet', [
+            'add',
+            'edit',
+            'list',
+            'view',
+            'delete'
+        ]);
     }
 
     public function contextBackend()
@@ -35,15 +56,15 @@ public function contextBackend()
                     'id' => 'snippets',
                     'title' => 'widgets::snippet.title.list',
                     'url' => route('backend.snippet.list'),
-                    'permissions' => 'snippet.index',
+                    'permissions' => 'snippet::list',
                     'priority' => 200,
                     'icon' => 'cutlery',
                 ],
                 [
                     'id' => 'widgets',
                     'title' => 'widgets::core.title.list',
                     'url' => route('backend.widget.list'),
-                    'permissions' => 'widgets.index',
+                    'permissions' => 'widget::list',
                     'priority' => 300,
                     'icon' => 'cubes',
                 ],

diff --git a/src/resources/lang/ru/permissions.php b/src/resources/lang/ru/permissions.php
@@ -0,0 +1,28 @@
+<?php
+
+return [
+    'title' => [
+        'module' => 'Виджеты',
+        'widget' => '',
+        'snippet' => 'Сниппеты',
+        'widget_settings' => 'Настройки виджета',
+    ],
+    'widget' => [
+        'list' => 'Просмотр списка',
+        'add' => 'Создание',
+        'delete' => 'Удаление',
+        'edit' => 'Редактирование',
+    ],
+    'snippet' => [
+        'list' => 'Просмотр списка',
+        'add' => 'Создание',
+        'delete' => 'Удаление',
+        'edit' => 'Редактирование',
+        'view' => 'Просмотр кода',
+    ],
+    'widget_settings' => [
+        'cache' => 'Кеш',
+        'roles' => 'Роли',
+        'location' => 'Размещение',
+    ],
+];
diff --git a/src/resources/views/snippet/form.blade.php b/src/resources/views/snippet/form.blade.php
@@ -11,7 +11,7 @@
 		</div>
 	</div>
 </div>
-@if (!$snippet->isReadOnly() or $snippet->isNew())
+@if ((!$snippet->isReadOnly() or $snippet->isNew()) and acl_check('snippet::edit'))
 <div class="panel-toggler text-center panel-heading" data-target-spoiler=".spoiler-settings">
 	{!! UI::icon('chevron-down panel-toggler-icon') !!} <span class="muted">@lang('widgets::snippet.label.settings')</span>
 </div>
@@ -61,7 +61,7 @@
 	<div class="panel-default alert alert-danger alert-dark no-margin-b">
 		@lang('widgets::snippet.messages.snippet_not_writeable')
 	</div>
-@elseif (acl_check('snippet.edit'))
+@elseif (acl_check('snippet::edit'))
 	<div class="form-actions panel-footer">
 		@include('cms::app.partials.actionButtons', ['route' => 'backend.snippet.list'])
 	</div>

diff --git a/src/resources/views/snippet/list.blade.php b/src/resources/views/snippet/list.blade.php
@@ -1,7 +1,7 @@
 <div class="panel">
 	@if (!$collection->isReadOnly())
 		<div class="panel-heading">
-			@if (acl_check('snippet.add'))
+			@if (acl_check('snippet::add'))
 				{!! link_to_route('backend.snippet.create', trans('widgets::snippet.button.add'), [], [
 				'class' => 'btn btn-default btn-labeled', 'data-icon' => 'plus', 'data-hotkeys' => 'ctrl+a'
 				]) !!}
@@ -40,11 +40,12 @@
 					<span class="label label-warning">@lang('widgets::snippet.label.readonly')</span>
 				@endif
 
-				@if (acl_check('snippet.edit') or acl_check('snippet.view'))
+				@if (acl_check('snippet::edit') or acl_check('snippet::view'))
 				{!! link_to_route('backend.snippet.edit', $snippet->getName(), [$snippet->getName()], [
 					'class' => $snippet->isReadOnly() ? 'popup' : ''
 				]) !!}
 				@else
+					{{ $snippet->getName() }}
 				@endif
 			</th>
 			<td class="modified hidden-xs">
@@ -57,7 +58,7 @@
 				{!! UI::label($snippet->getRelativePath()) !!}
 			</td>
 			<td class="actions text-right">
-				@if (acl_check('snippet.delete'))
+				@if (acl_check('snippet::delete'))
 				{!! Form::open(['route' => ['backend.snippet.delete', $snippet->getName()]]) !!}
 					{!! Form::button('', [
 						'type' => 'submit',

diff --git a/src/resources/views/snippet/snippet_select.blade.php b/src/resources/views/snippet/snippet_select.blade.php
@@ -60,14 +60,14 @@ function update_snippets_list(e, response) {
 				]) !!}
 
 				<div class="btn-group">
-					@if (acl_check('snippet.edit'))
+					@if (acl_check('snippet::edit'))
 					{!! link_to_route('backend.snippet.edit', '', [$template], [
 						'data-icon' => 'edit', 'class' => 'btn popup btn-primary '.$hidden,
 						'id' => 'EditTemplateButton'
 					]) !!}
 					@endif
 
-					@if (acl_check('snippet.add'))
+					@if (acl_check('snippet::add'))
 					{!! link_to_route('backend.snippet.create', '', [], [
 						'data-icon' => 'plus', 'class' => 'btn popup btn-success',
 						'id' => 'AddTemplateButton'

diff --git a/src/resources/views/widgets/edit.blade.php b/src/resources/views/widgets/edit.blade.php
@@ -45,7 +45,7 @@
 <hr class="no-margin-vr" />
 
 <div class="panel-body">
-	@if (acl_check('widgets.location') and !$widget->isHandler())
+	@if (acl_check('widget_settings::location') and !$widget->isHandler())
 		{!! link_to_route('backend.widget.location', trans('widgets::core.button.location'), [$widget], [
 			'data-icon' => 'sitemap', 'class' => 'btn btn-sm btn-primary btn-labeled'
 		]) !!}

diff --git a/src/resources/views/widgets/list.blade.php b/src/resources/views/widgets/list.blade.php
@@ -44,15 +44,15 @@
 					@lang('widgets::core.messages.corrupted')
 				</td>
 				<td class="actions text-right">
-					@if (acl_check('widgets.delete'))
+					@if (acl_check('widget::delete'))
 					{!! link_to_route('backend.widget.delete', '', [$widget], [
 					'data-icon' => 'times fa-inverse', 'class' => 'btn btn-xs btn-confirm'
 					]) !!}
 					@endif
 				</td>
 				@else
 				<th class="name" data-icon="cube">
-					@if (acl_check('widgets.edit'))
+					@if (acl_check('widget::edit'))
 					{!! link_to_route('backend.widget.edit', $widget->name, [$widget]) !!}
 					@else
 					{{ $widget->name }}
@@ -96,12 +96,12 @@
 				@endif
 				</td>
 				<td class="actions text-right">
-					@if (acl_check('widgets.location') and !$widget->isHandler())
+					@if (acl_check('widget_settings::location') and !$widget->isHandler())
 					{!! link_to_route('backend.widget.location', '', [$widget], [
 						'data-icon' => 'sitemap', 'class' => 'btn btn-xs btn-primary popup'
 					]) !!}
 					@endif
-					@if (acl_check('widgets.delete'))
+					@if (acl_check('widget::delete'))
 					{!! Form::open(['route' => ['backend.widget.delete', $widget], 'style' => 'display: inline-block']) !!}
 						{!! Form::button('', [
 							'type' => 'submit',

diff --git a/src/resources/views/widgets/location.blade.php b/src/resources/views/widgets/location.blade.php
@@ -32,7 +32,7 @@
 				</div>
 			</div>
 
-			@if (acl_check('layout.rebuild'))
+			@if (acl_check('layout::rebuild'))
 			{!! Form::button(trans('widgets::core.button.rebuild_blocks'), [
 				'data-icon' => 'refresh',
 				'class' => 'btn btn-xs btn-info btn-labeled',
@@ -88,7 +88,7 @@ function recurse_pages($pages, $spaces = 0, $layoutsBlocks = [], $pageWidgets =
 		$data .= Form::text('blocks[' . $page['id'] . '][position]', (int) $currentPosition, ['maxlength' => 4, 'size' => 4, 'class' => 'form-control text-right widget-position']);
 		$data .= '</td><td></td>';
 
-		if (acl_check('page.edit'))
+		if (acl_check('page::edit'))
 		{
 			$data .= '<th>' . str_repeat("-&nbsp;", $spaces) . link_to_route('backend.page.edit', $page['title'], [$page['id']]) . '</th>';
 		}

diff --git a/src/resources/views/widgets/page/list.blade.php b/src/resources/views/widgets/page/list.blade.php
@@ -13,13 +13,13 @@
 	</select>
 	@else
 
-	@if (acl_check('widgets.location'))
+	@if (acl_check('widget_settings::location'))
 
 	<a class="btn btn-success fancybox.ajax popup" href="{{ route('backend.widget.popup_list', [$page->id]) }}" id="addWidgetToPage" data-icon="plus">
 		@lang('widgets::core.button.add_to_page')
 	</a>
 
-	@if (acl_check('layout.rebuild'))
+	@if (acl_check('layout::rebuild'))
 		{!! Form::button(trans('pages::layout.button.rebuild'), [
 			'data-icon' => 'refresh',
 			'class' => 'btn btn-inverse btn-xs',

diff --git a/src/resources/views/widgets/page/row.blade.php b/src/resources/views/widgets/page/row.blade.php
@@ -1,6 +1,6 @@
 <tr>
 	<th>
-		@if (acl_check('widgets.edit'))
+		@if (acl_check('widgets::edit'))
 		{!! link_to_route('backend.widget.edit', $widget->getName(), [$widget->getId()]) !!}
 		@else
 		{!! UI::icon('lock') !!} {{ $widget->getName() }}
@@ -11,14 +11,14 @@
 		@endif
 	</th>
 	<td>
-		@if(acl_check('widgets.location'))
+		@if(acl_check('widget_settings::location'))
 		{!! Form::text('widget[' . $widget->getId() . '][position]', (int) $position, ['maxlength' => 4, 'size' => 4, 'class' => 'form-control text-right']) !!}
 		@else
 		<span class="label label-success">{{ __('Position: :position', [':block_name' => $block]) }}</span>
 		@endif
 	</td>
 	<td>
-		@if(acl_check('widgets.location') and $page->hasLayout())
+		@if(acl_check('widget_settings::location') and $page->hasLayout())
 		<div class="input-group">
 			{!! Form::hidden('widget[' . $widget->getId() . '][block]', ! empty($block) ? $block : 0, ['class' => 'widget-blocks', 'data-layout' => $page->layout]) !!}