Restrict download links to specific user roles
Add conditional checks to show download links only to users with 'administrator' or 'pemohon-eo' roles in the 'jaminan.blade.php' and 'detail-jaminan.blade.php' views. This enhances security by limiting access to sensitive document downloads.
This commit is contained in:
Daeng Deni Mardaeni
@@ -74,7 +74,9 @@
|
||||
</td>
|
||||
<td class="py-3 text-gray-700 text-2sm font-normal">
|
||||
@if(isset($detail->dokumen_jaminan))
|
||||
@if(in_array(Auth::user()->roles[0]->name,['administrator','pemohon-eo']))
|
||||
<a href="{{ route('debitur.jaminan.download',['id'=>$permohonan->debiture->id,'dokumen'=>$detail->id]) }}" class="badge badge-sm badge-outline mt-2 badge-info"><i class="ki-filled ki-cloud-download mr-2"></i> Download</a>
|
||||
) @endif
|
||||
<span class="badge badge-sm badge-outline badge-warning mt-2" onclick="viewPDF('{{ Storage::url($detail->dokumen_jaminan) }}')"><i class="ki-filled ki-eye mr-2"></i>Preview</span>
|
||||
@endif
|
||||
</td>
|
||||
|
||||
Reference in New Issue
Block a user