Skip to content
Snippets Groups Projects
Commit 2517808c authored by Yassine Doghri's avatar Yassine Doghri
Browse files

refactor: remove unnecessary permissions and update route filters 

- add missing pages-manage permission
- remove some instance wide permissions for superadmin

closes #29
parent 043f49c7
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/Config/Routes.php
+ 31
28
View file @ 2517808c
...@@ -104,30 +104,29 @@ $routes->group( ...@@ -104,30 +104,29 @@ $routes->group(
]); ]);
$routes->get('edit', 'Podcast::edit/$1', [ $routes->get('edit', 'Podcast::edit/$1', [
'as' => 'podcast-edit', 'as' => 'podcast-edit',
'filter' => 'permission:podcasts-edit,podcast-edit', 'filter' => 'permission:podcast-edit',
]); ]);
$routes->post('edit', 'Podcast::attemptEdit/$1', [ $routes->post('edit', 'Podcast::attemptEdit/$1', [
'filter' => 'permission:podcasts-edit,podcast-edit', 'filter' => 'permission:podcast-edit',
]); ]);
$routes->add('delete', 'Podcast::delete/$1', [ $routes->add('delete', 'Podcast::delete/$1', [
'as' => 'podcast-delete', 'as' => 'podcast-delete',
'filter' => 'permission:podcasts-edit,podcast-delete', 'filter' => 'permission:podcasts-delete',
]); ]);
// Podcast episodes // Podcast episodes
$routes->group('episodes', function ($routes) { $routes->group('episodes', function ($routes) {
$routes->get('/', 'Episode::list/$1', [ $routes->get('/', 'Episode::list/$1', [
'as' => 'episode-list', 'as' => 'episode-list',
'filter' => 'permission:podcasts-view,podcast-view', 'filter' =>
'permission:episodes-list,podcast_episodes-list',
]); ]);
$routes->get('new', 'Episode::create/$1', [ $routes->get('new', 'Episode::create/$1', [
'as' => 'episode-create', 'as' => 'episode-create',
'filter' => 'filter' => 'permission:podcast_episodes-create',
'permission:episodes-create,podcast_episodes-create',
]); ]);
$routes->post('new', 'Episode::attemptCreate/$1', [ $routes->post('new', 'Episode::attemptCreate/$1', [
'filter' => 'filter' => 'permission:podcast_episodes-create',
'permission:episodes-create,podcast_episodes-create',
]); ]);
// Episode // Episode
...@@ -139,17 +138,14 @@ $routes->group( ...@@ -139,17 +138,14 @@ $routes->group(
]); ]);
$routes->get('edit', 'Episode::edit/$1/$2', [ $routes->get('edit', 'Episode::edit/$1/$2', [
'as' => 'episode-edit', 'as' => 'episode-edit',
'filter' => 'filter' => 'permission:podcast_episodes-edit',
'permission:episodes-edit,podcast_episodes-edit',
]); ]);
$routes->post('edit', 'Episode::attemptEdit/$1/$2', [ $routes->post('edit', 'Episode::attemptEdit/$1/$2', [
'filter' => 'filter' => 'permission:podcast_episodes-edit',
'permission:episodes-edit,podcast_episodes-edit',
]); ]);
$routes->add('delete', 'Episode::delete/$1/$2', [ $routes->add('delete', 'Episode::delete/$1/$2', [
'as' => 'episode-delete', 'as' => 'episode-delete',
'filter' => 'filter' => 'permission:podcast_episodes-delete',
'permission:episodes-delete,podcast_episodes-delete',
]); ]);
}); });
}); });
...@@ -159,40 +155,40 @@ $routes->group( ...@@ -159,40 +155,40 @@ $routes->group(
$routes->get('/', 'Contributor::list/$1', [ $routes->get('/', 'Contributor::list/$1', [
'as' => 'contributor-list', 'as' => 'contributor-list',
'filter' => 'filter' =>
'permission:podcasts-manage_contributors,podcast-manage_contributors', 'permission:podcasts-view,podcast-manage_contributors',
]); ]);
$routes->get('add', 'Contributor::add/$1', [ $routes->get('add', 'Contributor::add/$1', [
'as' => 'contributor-add', 'as' => 'contributor-add',
'filter' => 'filter' => 'permission:podcast-manage_contributors',
'permission:podcasts-manage_contributors,podcast-manage_contributors',
]); ]);
$routes->post('add', 'Contributor::attemptAdd/$1', [ $routes->post('add', 'Contributor::attemptAdd/$1', [
'filter' => 'filter' => 'permission:podcast-manage_contributors',
'permission:podcasts-manage_contributors,podcast-manage_contributors',
]); ]);
// Contributor // Contributor
$routes->group('(:num)', function ($routes) { $routes->group('(:num)', function ($routes) {
$routes->get('/', 'Contributor::view/$1/$2', [ $routes->get('/', 'Contributor::view/$1/$2', [
'as' => 'contributor-view', 'as' => 'contributor-view',
'filter' =>
'permission:podcast-manage_contributors',
]); ]);
$routes->get('edit', 'Contributor::edit/$1/$2', [ $routes->get('edit', 'Contributor::edit/$1/$2', [
'as' => 'contributor-edit', 'as' => 'contributor-edit',
'filter' => 'filter' =>
'permission:podcasts-manage_contributors,podcast-manage_contributors', 'permission:podcast-manage_contributors',
]); ]);
$routes->post( $routes->post(
'edit', 'edit',
'Contributor::attemptEdit/$1/$2', 'Contributor::attemptEdit/$1/$2',
[ [
'filter' => 'filter' =>
'permission:podcasts-manage_contributors,podcast-manage_contributors', 'permission:podcast-manage_contributors',
] ]
); );
$routes->add('remove', 'Contributor::remove/$1/$2', [ $routes->add('remove', 'Contributor::remove/$1/$2', [
'as' => 'contributor-remove', 'as' => 'contributor-remove',
'filter' => 'filter' =>
'permission:podcasts-manage_contributors,podcast-manage_contributors', 'permission:podcast-manage_contributors',
]); ]);
}); });
}); });
...@@ -211,7 +207,7 @@ $routes->group( ...@@ -211,7 +207,7 @@ $routes->group(
['filter' => 'permission:podcast-manage_platforms'] ['filter' => 'permission:podcast-manage_platforms']
); );
$routes->get( $routes->add(
'platforms/(:num)/remove-link', 'platforms/(:num)/remove-link',
'PodcastSettings::removePlatformLink/$1/$2', 'PodcastSettings::removePlatformLink/$1/$2',
[ [
...@@ -228,18 +224,25 @@ $routes->group( ...@@ -228,18 +224,25 @@ $routes->group(
$routes->get('/', 'Page::list', ['as' => 'page-list']); $routes->get('/', 'Page::list', ['as' => 'page-list']);
$routes->get('new', 'Page::create', [ $routes->get('new', 'Page::create', [
'as' => 'page-create', 'as' => 'page-create',
'filter' => 'permission:pages-manage',
]);
$routes->post('new', 'Page::attemptCreate', [
'filter' => 'permission:pages-manage',
]); ]);
$routes->post('new', 'Page::attemptCreate');
$routes->group('(:num)', function ($routes) { $routes->group('(:num)', function ($routes) {
$routes->get('/', 'Page::view/$1', ['as' => 'page-view']); $routes->get('/', 'Page::view/$1', ['as' => 'page-view']);
$routes->get('edit', 'Page::edit/$1', [ $routes->get('edit', 'Page::edit/$1', [
'as' => 'page-edit', 'as' => 'page-edit',
'filter' => 'permission:pages-manage',
]);
$routes->post('edit', 'Page::attemptEdit/$1', [
'filter' => 'permission:pages-manage',
]); ]);
$routes->post('edit', 'Page::attemptEdit/$1');
$routes->add('delete', 'Page::delete/$1', [ $routes->add('delete', 'Page::delete/$1', [
'as' => 'page-delete', 'as' => 'page-delete',
'filter' => 'permission:pages-manage',
]); ]);
}); });
}); });
...@@ -292,13 +295,13 @@ $routes->group( ...@@ -292,13 +295,13 @@ $routes->group(
// My account // My account
$routes->group('my-account', function ($routes) { $routes->group('my-account', function ($routes) {
$routes->get('/', 'Myaccount', [ $routes->get('/', 'MyAccount', [
'as' => 'my-account', 'as' => 'my-account',
]); ]);
$routes->get('change-password', 'Myaccount::changePassword/$1', [ $routes->get('change-password', 'MyAccount::changePassword/$1', [
'as' => 'change-password', 'as' => 'change-password',
]); ]);
$routes->post('change-password', 'Myaccount::attemptChange/$1'); $routes->post('change-password', 'MyAccount::attemptChange/$1');
}); });
} }
); );
......
app/Controllers/Admin/Myaccount.php
+ 1
1
View file @ 2517808c
...@@ -11,7 +11,7 @@ namespace App\Controllers\Admin; ...@@ -11,7 +11,7 @@ namespace App\Controllers\Admin;
use Config\Services; use Config\Services;
use App\Models\UserModel; use App\Models\UserModel;
class Myaccount extends BaseController class MyAccount extends BaseController
{ {
public function index() public function index()
{ {
......
app/Database/Seeds/AuthSeeder.php
+ 8
58
View file @ 2517808c
...@@ -84,6 +84,13 @@ class AuthSeeder extends Seeder ...@@ -84,6 +84,13 @@ class AuthSeeder extends Seeder
'has_permission' => ['superadmin'], 'has_permission' => ['superadmin'],
], ],
], ],
'pages' => [
[
'name' => 'manage',
'description' => 'List / create / edit / delete pages',
'has_permission' => ['superadmin'],
],
],
'podcasts' => [ 'podcasts' => [
[ [
'name' => 'create', 'name' => 'create',
...@@ -102,22 +109,7 @@ class AuthSeeder extends Seeder ...@@ -102,22 +109,7 @@ class AuthSeeder extends Seeder
], ],
[ [
'name' => 'view', 'name' => 'view',
'description' => 'View any podcast', 'description' => 'View any podcast and their contributors list',
'has_permission' => ['superadmin'],
],
[
'name' => 'edit',
'description' => 'Edit any podcast',
'has_permission' => ['superadmin'],
],
[
'name' => 'manage_contributors',
'description' => 'Add / remove contributors to a podcast',
'has_permission' => ['superadmin'],
],
[
'name' => 'manage_publication',
'description' => 'Publish / unpublish a podcast',
'has_permission' => ['superadmin'], 'has_permission' => ['superadmin'],
], ],
[ [
...@@ -143,32 +135,6 @@ class AuthSeeder extends Seeder ...@@ -143,32 +135,6 @@ class AuthSeeder extends Seeder
'description' => 'View any episode of any podcast', 'description' => 'View any episode of any podcast',
'has_permission' => ['superadmin'], 'has_permission' => ['superadmin'],
], ],
[
'name' => 'create',
'description' => 'Add a new episode to any podcast',
'has_permission' => ['superadmin'],
],
[
'name' => 'edit',
'description' => 'Edit any podcast episode',
'has_permission' => ['superadmin'],
],
[
'name' => 'manage_publications',
'description' => 'Publish / unpublish any podcast episode',
'has_permission' => ['superadmin'],
],
[
'name' => 'delete',
'description' =>
'Delete any podcast episode without removing it from database',
'has_permission' => ['superadmin'],
],
[
'name' => 'delete_permanently',
'description' => 'Delete any podcast episode from database',
'has_permission' => ['superadmin'],
],
], ],
'podcast' => [ 'podcast' => [
[ [
...@@ -181,28 +147,12 @@ class AuthSeeder extends Seeder ...@@ -181,28 +147,12 @@ class AuthSeeder extends Seeder
'description' => 'Edit a podcast', 'description' => 'Edit a podcast',
'has_permission' => ['podcast_admin'], 'has_permission' => ['podcast_admin'],
], ],
[
'name' => 'delete',
'description' =>
'Delete a podcast without removing it from the database',
'has_permission' => ['podcast_admin'],
],
[
'name' => 'delete_permanently',
'description' => 'Delete a podcast from the database',
'has_permission' => ['podcast_admin'],
],
[ [
'name' => 'manage_contributors', 'name' => 'manage_contributors',
'description' => 'description' =>
'Add / remove contributors to a podcast and edit their roles', 'Add / remove contributors to a podcast and edit their roles',
'has_permission' => ['podcast_admin'], 'has_permission' => ['podcast_admin'],
], ],
[
'name' => 'manage_publication',
'description' => 'Publish / unpublish a podcast',
'has_permission' => ['podcast_admin'],
],
[ [
'name' => 'manage_platforms', 'name' => 'manage_platforms',
'description' => 'Set / remove platform links of a podcast', 'description' => 'Set / remove platform links of a podcast',
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment