Add user roles system
This commit is contained in:
11
app/Enums/UserRole.php
Normal file
11
app/Enums/UserRole.php
Normal file
@@ -0,0 +1,11 @@
|
||||
<?php
|
||||
|
||||
namespace App\Enums;
|
||||
|
||||
enum UserRole: string
|
||||
{
|
||||
case ADMINISTRATOR = 'admin';
|
||||
case MODERATOR = 'moderator';
|
||||
case SUPPORTER = 'supporter';
|
||||
case BANNED = 'banned';
|
||||
}
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Http\Controllers\Admin;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
use App\Models\User;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
@@ -31,11 +32,11 @@ class UserController extends Controller
|
||||
|
||||
switch ($validated['action']) {
|
||||
case 'ban':
|
||||
$user->update(['is_banned' => 1]);
|
||||
$user->addRole(UserRole::BANNED);
|
||||
alert()->success('Banned', 'User has been banned.');
|
||||
break;
|
||||
case 'unban':
|
||||
$user->update(['is_banned' => 0]);
|
||||
$user->removeRole(UserRole::BANNED);
|
||||
alert()->success('Unbanned', 'User has been unbanned.');
|
||||
break;
|
||||
default:
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Http\Controllers\Auth;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
use App\Models\User;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
@@ -88,10 +89,7 @@ class DiscordAuthController extends Controller
|
||||
|
||||
// User is not in the guild
|
||||
if ($response->status() === 404) {
|
||||
$user->update([
|
||||
'is_patreon' => false,
|
||||
]);
|
||||
|
||||
$user->removeRole(UserRole::SUPPORTER);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -110,21 +108,15 @@ class DiscordAuthController extends Controller
|
||||
$discordRoles = $response->json('roles', []);
|
||||
$patreonRoles = config('discord.patreon_roles', []);
|
||||
|
||||
$isPatreon = false;
|
||||
foreach($patreonRoles as $patreonRole)
|
||||
{
|
||||
if (in_array($patreonRole, $discordRoles, true)) {
|
||||
$isPatreon = true;
|
||||
break;
|
||||
}
|
||||
// If intersect of array is empty, then the user doesn't have the role
|
||||
$hasSupporterRole = !empty(array_intersect($discordRoles, $patreonRoles));
|
||||
|
||||
if (!$hasSupporterRole) {
|
||||
// Remove role if not found
|
||||
$user->removeRole(UserRole::SUPPORTER);
|
||||
return;
|
||||
}
|
||||
|
||||
// Only update if something actually changed
|
||||
if ($user->is_patreon !== $isPatreon) {
|
||||
$user->update([
|
||||
'is_patreon' => $isPatreon,
|
||||
]);
|
||||
}
|
||||
$user->addRole(UserRole::SUPPORTER);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -59,6 +59,7 @@ class Kernel extends HttpKernel
|
||||
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
||||
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
|
||||
'auth.admin' => \App\Http\Middleware\IsAdmin::class,
|
||||
'auth.moderator' => \App\Http\Middleware\IsModerator::class,
|
||||
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
|
||||
'can' => \Illuminate\Auth\Middleware\Authorize::class,
|
||||
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
|
||||
|
||||
@@ -1,28 +1,14 @@
|
||||
<?php namespace app\Http\Middleware;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Contracts\Auth\Guard;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class IsAdmin {
|
||||
|
||||
/**
|
||||
* The Guard implementation.
|
||||
*
|
||||
* @var Guard
|
||||
*/
|
||||
protected $auth;
|
||||
|
||||
/**
|
||||
* Create a new filter instance.
|
||||
*
|
||||
* @param Guard $auth
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(Guard $auth)
|
||||
{
|
||||
$this->auth = $auth;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
@@ -30,15 +16,14 @@ class IsAdmin {
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if( ! $this->auth->user()->is_admin)
|
||||
if(Auth::check() && Auth::user()->hasRole(UserRole::ADMINISTRATOR))
|
||||
{
|
||||
session()->flash('error_msg','This resource is restricted to Administrators!');
|
||||
return redirect()->route('home.index');
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
session()->flash('error_msg','This resource is restricted to Administrators!');
|
||||
return redirect()->route('home.index');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
<?php namespace app\Http\Middleware;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Contracts\Auth\Guard;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class IsBanned {
|
||||
|
||||
@@ -13,9 +16,9 @@ class IsBanned {
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if(auth()->check() && auth()->user()->is_banned == 1)
|
||||
if(Auth::check() && Auth::user()->hasRole(UserRole::BANNED))
|
||||
{
|
||||
Auth::logout();
|
||||
$request->session()->invalidate();
|
||||
|
||||
29
app/Http/Middleware/IsModerator.php
Normal file
29
app/Http/Middleware/IsModerator.php
Normal file
@@ -0,0 +1,29 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class IsModerator
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
if (Auth::check() && Auth::user()->hasRole(UserRole::MODERATOR))
|
||||
{
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
session()->flash('error_msg','This resource is restricted to Administrators!');
|
||||
return redirect()->route('home.index');
|
||||
}
|
||||
}
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Livewire;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
use App\Models\Comment;
|
||||
use App\Models\User;
|
||||
|
||||
@@ -17,7 +18,7 @@ class AdminUserSearch extends Component
|
||||
public $search = '';
|
||||
|
||||
#[Url(history: true)]
|
||||
public $filtered = ['true'];
|
||||
public $discordId = '';
|
||||
|
||||
#[Url(history: true)]
|
||||
public $patreon = [];
|
||||
@@ -38,10 +39,10 @@ class AdminUserSearch extends Component
|
||||
|
||||
public function render()
|
||||
{
|
||||
$users = User::when($this->filtered !== [], fn ($query) => $query->where('id', '>=', 10000))
|
||||
->when($this->patreon !== [], fn ($query) => $query->where('is_patreon', 1))
|
||||
->when($this->banned !== [], fn ($query) => $query->where('is_banned', 1))
|
||||
$users = User::when($this->patreon !== [], fn ($query) => $query->whereJsonContains('roles', UserRole::SUPPORTER->value))
|
||||
->when($this->banned !== [], fn ($query) => $query->whereJsonContains('roles', UserRole::BANNED->value))
|
||||
->when($this->search !== '', fn ($query) => $query->where('name', 'like', '%'.$this->search.'%'))
|
||||
->when($this->discordId !== '', fn ($query) => $query->where('discord_id', '=', $this->discordId))
|
||||
->paginate(20);
|
||||
|
||||
return view('livewire.admin-user-search', [
|
||||
|
||||
@@ -73,9 +73,9 @@ class DownloadsSearch extends Component
|
||||
$types[] = 'FHD';
|
||||
} elseif ($label === 'FHD 48fps') {
|
||||
$types[] = 'FHDi';
|
||||
} elseif ($label === 'UHD' && auth()->user()->is_patreon) {
|
||||
} elseif ($label === 'UHD' && auth()->user()->hasRole(\App\Enums\UserRole::SUPPORTER)) {
|
||||
$types[] = 'UHD';
|
||||
} elseif ($label === 'UHD 48fps' && auth()->user()->is_patreon) {
|
||||
} elseif ($label === 'UHD 48fps' && auth()->user()->hasRole(\App\Enums\UserRole::SUPPORTER)) {
|
||||
$types[] = 'UHDi';
|
||||
}
|
||||
}
|
||||
@@ -98,7 +98,7 @@ class DownloadsSearch extends Component
|
||||
|
||||
public function mount()
|
||||
{
|
||||
if (!auth()->user()->is_patreon) {
|
||||
if (!auth()->user()->hasRole(\App\Enums\UserRole::SUPPORTER)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -3,6 +3,8 @@
|
||||
namespace App\Models;
|
||||
|
||||
//use Illuminate\Contracts\Auth\MustVerifyEmail;
|
||||
|
||||
use App\Enums\UserRole;
|
||||
use Illuminate\Database\Eloquent\Relations\HasMany;
|
||||
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
use Illuminate\Foundation\Auth\User as Authenticatable;
|
||||
@@ -25,7 +27,6 @@ class User extends Authenticatable
|
||||
'email',
|
||||
'password',
|
||||
'locale',
|
||||
'is_banned',
|
||||
// Discord
|
||||
'discord_id',
|
||||
'discord_avatar',
|
||||
@@ -54,7 +55,7 @@ class User extends Authenticatable
|
||||
'name' => 'string',
|
||||
'email' => 'string',
|
||||
'locale' => 'string',
|
||||
'roles' => 'json',
|
||||
'roles' => 'array',
|
||||
'tag_blacklist' => 'array',
|
||||
// Discord
|
||||
'discord_id' => 'integer',
|
||||
@@ -119,4 +120,44 @@ class User extends Authenticatable
|
||||
|
||||
return asset('images/default-avatar.webp');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has a specific role
|
||||
*/
|
||||
public function hasRole(UserRole $role): bool
|
||||
{
|
||||
return in_array($role->value, $this->roles ?? [], true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Add Role to User
|
||||
*/
|
||||
public function addRole(UserRole $role): void
|
||||
{
|
||||
if ($this->hasRole($role)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Get all current roles
|
||||
$roles = $this->roles ?? [];
|
||||
|
||||
// Add new role
|
||||
$roles[] = $role->value;
|
||||
|
||||
$this->roles = $roles;
|
||||
$this->save();
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove Role from User
|
||||
*/
|
||||
public function removeRole(UserRole $role): void
|
||||
{
|
||||
if (!$this->hasRole($role)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->roles = array_diff($this->roles, [$role->value]);
|
||||
$this->save();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user