geolba/tethys
6
0
Fork 0
Code Issues 2 Pull requests Projects 1 Releases Packages Wiki Activity

dataset publication workflow: editor page

Browse source
This commit is contained in:
Arno Kaimbacher 2019-04-09 19:05:03 +02:00
parent de80de9d88
commit 246577b0b0
9 changed files with 246 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

39
app/Http/Controllers/Publish/WorkflowController.php
View file

@ -30,7 +30,7 @@ class WorkflowController extends Controller
$builder = Dataset::query();
$myDatasets = $builder
->whereIn('server_state', ['inprogress', 'released'])
->where('account_id', $user_id)
// ->where('account_id', $user_id)
->with('user:id,login')
->get();
return view('workflow.index', [
@ -51,7 +51,7 @@ class WorkflowController extends Controller
// $q->where('login', 'admin');
// })->pluck('login', 'id');
$editors = User::with(['roles' => function ($query) {
$query->where('name', 'reviewer');
$query->where('name', 'editor');
}])
->pluck('login', 'id');
//$editors = Role::where('name', 'reviewer')->first()->users;
@ -105,7 +105,7 @@ class WorkflowController extends Controller
}
}
$dataset->delete();
session()->flash('flash_message', 'You have been deleted 1 dataset!');
session()->flash('flash_message', 'You have deleted 1 dataset!');
return redirect()->route('publish.workflow.index');
}
}
@ -115,14 +115,43 @@ class WorkflowController extends Controller
*
* @return \Illuminate\Http\Response
*/
public function indexReleased()
public function editorIndex()
{
$builder = Dataset::query();
$datasets = $builder
//->where('server_state', 'inprogress')
->whereIn('server_state', ['released'])
->get();
return view('workflow.review', compact('datasets'));
return view('workflow.editor_index', compact('datasets'));
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\View\View
*/
public function accept($id): View
{
$dataset = Dataset::with('user:id,login')->findOrFail($id);
// $editors = User::whereHas('roles', function ($q) {
// $q->where('login', 'admin');
// })->pluck('login', 'id');
$editors = User::with(['roles' => function ($query) {
$query->where('name', 'editor');
}])
->pluck('login', 'id');
//$editors = Role::where('name', 'reviewer')->first()->users;
return view('workflow.accept', [
'dataset' => $dataset,
'editors' => $editors,
]);
}
public function acceptUpdate(Request $request, $id)
{
$dataset = Dataset::findOrFail($id);
}
// public function release()

1
app/Http/Kernel.php
View file

@ -63,6 +63,7 @@ class Kernel extends HttpKernel
// 'role' => \Zizaco\Entrust\Middleware\EntrustRole::class,
'permission' => \Zizaco\Entrust\Middleware\EntrustPermission::class,
'ability' => \Zizaco\Entrust\Middleware\EntrustAbility::class,
'isUserDatasetAdmin' => \App\Http\Middleware\WebAuthorizeDataset::class,
];
}

57
app/Http/Middleware/WebAuthorizeDataset.php Normal file
View file

@ -0,0 +1,57 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Contracts\Auth\Guard;
use App\Models\Dataset;
use App\Models\User;
class WebAuthorizeDataset
{
const DELIMITER = '|';
protected $auth;
/**
* Creates a new instance of the middleware.
*
* @param Guard $auth
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(\Illuminate\Http\Request $request, Closure $next, bool $requiresDatasetAdministrator)
{
// if ($this->auth->guest() || !$request->user()->can("Administrator")) {
// abort(403);
// }
$userId = $this->auth->user()->id;
$datasetId = $request->route('id');
if ($this->auth->guest() || !$this->isUserDatasetAdmin($userId, $datasetId)) {
abort(403, "You are not allowed to do this action!");
}
return $next($request);
}
private function isUserDatasetAdmin($userId, $datasetId)
{
$dataset = Dataset::with('user:id,login')->findOrFail($datasetId);
$user = User::findOrFail($userId);
if ($dataset->user->id == $user->id) { //} || $user->can("administrator")) {
return true;
} else {
return false;
}
}
}