daengdeni/basicdata
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat(basicdata): tambah otorisasi berbasis peran dan pengujian pada BranchController

Browse Source 
- Implementasi otorisasi berbasis peran untuk seluruh aksi di BranchController seperti index, create, store, edit, update, delete, dan export.
- Tambahan utilitas `getUser` untuk mendapatkan pengguna yang diautentikasi dan mempermudah pengecekan otorisasi.
- Semua aksi pada controller sekarang memeriksa izin pengguna sebelum melanjutkan:
  - `basic-data.read` untuk melihat data.
  - `basic-data.create` untuk membuat cabang baru.
  - `basic-data.update` untuk memperbarui data cabang.
  - `basic-data.delete` untuk menghapus data cabang.
  - `basic-data.export` untuk mengekspor data cabang.
- Penyesuaian pada view:
  - Tombol aksi seperti `Save`, `Delete Selected`, dan `Export to Excel` hanya tampil jika pengguna memiliki izin terkait.
- Tambahan pengujian (unit test) pada `BranchControllerTest` untuk memastikan logika otorisasi:
  - Pengguna dengan izin dapat melakukan aksi sesuai dengan perannya.
  - Pengguna tanpa izin mendapatkan respon 403 atau dicegah melakukan aksi tertentu.
- Update logika tombol aksi di datatables untuk mendukung pengecekan izin sebelum menampilkan opsi edit/hapus.
- Update respons JSON dalam aksi hapus tunggal dan hapus banyak untuk kejelasan struktur pesan.

Commit ini mengamankan BranchController dari akses tak sah dan meningkatkan fleksibilitas sistem terkait kendali peran dan izin.

Signed-off-by: Daeng Deni Mardaeni <ddeni05@gmail.com>
This commit is contained in:
Daeng Deni Mardaeni
2025-05-17 11:32:06 +07:00
parent 32e620299b
commit 52b48263a2
4 changed files with 377 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
app/Http/Controllers/BranchController.php
View File

@@ -12,15 +12,35 @@
class BranchController extends Controller
{
public $user;
/**
* Get the authenticated user.
*
* @return \Illuminate\Contracts\Auth\Authenticatable|null
*/
protected function getUser()
{
return \Illuminate\Support\Facades\Auth::guard('web')->user();
}
public function index()
{
// Check if the authenticated user has the required permission to view branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.read')) {
abort(403, 'Sorry! You are not allowed to view branches.');
}
return view('basicdata::branch.index');
}
public function store(BranchRequest $request)
{
// Check if the authenticated user has the required permission to create branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.create')) {
abort(403, 'Sorry! You are not allowed to create branches.');
}
$validate = $request->validated();
if ($validate) {
@@ -40,17 +60,35 @@
public function create()
{
// Check if the authenticated user has the required permission to create branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.create')) {
abort(403, 'Sorry! You are not allowed to create branches.');
}
return view('basicdata::branch.create');
}
public function edit($id)
{
// Check if the authenticated user has the required permission to update branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.update')) {
abort(403, 'Sorry! You are not allowed to update branches.');
}
$branch = Branch::find($id);
return view('basicdata::branch.create', compact('branch'));
}
public function update(BranchRequest $request, $id)
{
// Check if the authenticated user has the required permission to update branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.update')) {
abort(403, 'Sorry! You are not allowed to update branches.');
}
$validate = $request->validated();
if ($validate) {
@@ -71,28 +109,42 @@
public function destroy($id)
{
// Check if the authenticated user has the required permission to delete branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.delete')) {
return response()->json(['success' => false, 'message' => 'Sorry! You are not allowed to delete branches.'], 403);
}
try {
// Delete from database
$branch = Branch::find($id);
$branch->delete();
echo json_encode(['success' => true, 'message' => 'Branch deleted successfully']);
return response()->json(['success' => true, 'message' => 'Branch deleted successfully']);
} catch (Exception $e) {
echo json_encode(['success' => false, 'message' => 'Failed to delete branch']);
return response()->json(['success' => false, 'message' => 'Failed to delete branch']);
}
}
public function deleteMultiple(Request $request)
{
// Check if the authenticated user has the required permission to delete branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.delete')) {
return response()->json(['success' => false, 'message' => 'Sorry! You are not allowed to delete branches.'], 403);
}
$ids = $request->input('ids');
Branch::whereIn('id', $ids)->delete();
return response()->json(['message' => 'Branches deleted successfully']);
return response()->json(['success' => true, 'message' => 'Branches deleted successfully']);
}
public function dataForDatatables(Request $request)
{
if (is_null($this->user) || !$this->user->can('branch.view')) {
//abort(403, 'Sorry! You are not allowed to view users.');
// Check if the authenticated user has the required permission to view branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.read')) {
return response()->json(['success' => false, 'message' => 'Sorry! You are not allowed to view branches.'], 403);
}
// Retrieve data from the database
@@ -152,6 +204,12 @@
public function export()
{
// Check if the authenticated user has the required permission to export branches
$user = $this->getUser();
if (is_null($user) || !$user->can('basic-data.export')) {
abort(403, 'Sorry! You are not allowed to export branches.');
}
return Excel::download(new BranchExport, 'branch.xlsx');
}
}