daengdeni/lpj
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Filter data permohonan berdasarkan cabang pengguna non-administrator

Browse Source 
- Menambahkan pengecekan role pengguna menggunakan `Auth`.
- Membatasi data permohonan hanya untuk cabang yang sesuai dengan pengguna non-administrator.
- Menghindari akses data lintas cabang untuk meningkatkan keamanan dan relevansi data.
This commit is contained in:
Daeng Deni Mardaeni
2024-12-29 20:41:22 +07:00
parent 785f9bf1d9
commit c02c0cacc4
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Http/Controllers/PermohonanController.php
View File

@@ -23,6 +23,7 @@
use Modules\Lpj\Models\StatusPermohonan;
use Modules\Lpj\Models\TujuanPenilaian;
use Modules\Lpj\Services\PermohonanHistoryService;
use Illuminate\Support\Facades\Auth;
class PermohonanController extends Controller
{
@@ -180,6 +181,11 @@
// Retrieve data from the database
$query = Permohonan::query();
if(!Auth::user()->hasAnyRole(['administrator'])) {
$query = $query->where('branch_id', Auth::user()->branch_id);
}
$query = $query->orderBy('nomor_registrasi', 'desc');
// Apply search filter if provided
if ($request->has('search') && !empty($request->get('search'))) {