feat(logs): tambahkan validasi akses pengguna dan seeder izin untuk Audit dan System Logs

- Memperbarui `AuditLogsController`: - Menambahkan validasi akses pengguna untuk memastikan pengguna hanya dapat melihat log audit jika memiliki izin 'audit-logs.read'. - Menambahkan properti `$user` dalam konstruktor untuk otorisasi. - Memperbarui `SystemLogsController`: - Menambahkan validasi akses pengguna untuk memastikan pengguna hanya dapat melihat log sistem jika memiliki izin 'system-logs.read'. - Menambahkan properti `$user` dalam konstruktor untuk otorisasi. - Menambahkan `PermissionSeeder`: - Membuat seeder untuk menginisialisasi izin terkait log, termasuk `system-logs` dan `audit-logs`. - Menyertakan izin CRUD lengkap (`create`, `read`, `update`, `delete`, dll.) untuk masing-masing grup. - Memperbarui `LogsDatabaseSeeder`: - Mendaftarkan `PermissionSeeder` dalam daftar pemanggilan untuk migrasi izin saat seeding. Signed-off-by: Daeng Deni Mardaeni <ddeni05@gmail.com>
2025-06-22 18:59:13 +07:00
parent 45810efa3d
commit cf120c035e
5 changed files with 83 additions and 31 deletions
--- a/app/Http/Controllers/AuditLogsController.php
+++ b/app/Http/Controllers/AuditLogsController.php
@@ -9,16 +9,33 @@

    class AuditLogsController extends Controller
    {
+        protected $user;
+
+        public function __construct()
+        {
+            $this->user = Auth::guard('web')->user();
+        }
+
        /**
         * Display a listing of the resource.
         */
        public function index()
        {
+            // Check if the authenticated user has the required permission to view audit logs
+            if (is_null($this->user) || !$this->user->can('audit-logs.read')) {
+                abort(403, 'Sorry! You are not allowed to view audit logs.');
+            }
+
            return view('logs::audit');
        }

        public function datatable(Request $request)
        {
+            // Check if the authenticated user has the required permission to view audit logs
+            if (is_null($this->user) || !$this->user->can('audit-logs.read')) {
+                abort(403, 'Sorry! You are not allowed to view audit logs.');
+            }
+
            // Retrieve data from the database
            $query = Activity::query();

@@ -97,6 +114,5 @@
                'totalCount'      => $filteredRecords,
                'data'            => $data,
            ]);
-
        }
    }
--- a/app/Http/Controllers/SystemLogsController.php
+++ b/app/Http/Controllers/SystemLogsController.php
@@ -10,10 +10,12 @@ use Jackiedo\LogReader\LogReader;
 class SystemLogsController extends Controller
 {
    protected $reader;
+    protected $user;

    public function __construct(LogReader $reader)
    {
        $this->reader = $reader;
+        $this->user = Auth::guard('web')->user();
    }

    /**
@@ -21,10 +23,20 @@ class SystemLogsController extends Controller
     */
    public function index()
    {
+        // Check if the authenticated user has the required permission to view system logs
+        if (is_null($this->user) || !$this->user->can('system-logs.read')) {
+            abort(403, 'Sorry! You are not allowed to view system logs.');
+        }
+
        return view('logs::system');
    }

    public function datatable(Request $request){
+        // Check if the authenticated user has the required permission to view system logs
+        if (is_null($this->user) || !$this->user->can('system-logs.read')) {
+            abort(403, 'Sorry! You are not allowed to view system logs.');
+        }
+
        $data = collect();
        $this->reader->setLogPath(storage_path('logs'));
        try {