feat(usermanagement): ubah respons abort menjadi JSON untuk akses terlarang di beberapa controller
- Mengganti respons `abort(403)` menjadi respons JSON yang lebih informatif di beberapa controller:
- **PermissionsController**
- Penyesuaian pada metode penghapusan dan pengambilan data untuk datatable.
- Menampilkan pesan error dan status success=false jika pengguna tidak memiliki izin.
- **PositionsController**
- Perubahan serupa diterapkan pada metode penghapusan posisi dan pengambilan data untuk datatable.
- **RolesController**
- Penyesuaian dilakukan pada metode pengambilan data untuk datatable.
- **UsersController**
- Ubah logika pada metode penghapusan dan pengambilan data pengguna ke JSON.
Signed-off-by: Daeng Deni Mardaeni <ddeni05@gmail.com>
This commit is contained in:
Daeng Deni Mardaeni
@@ -205,7 +205,7 @@
|
||||
{
|
||||
// Check if the authenticated user has the required permission to delete permissions
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.delete')) {
|
||||
abort(403, 'Sorry! You are not allowed to delete permissions.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to delete permissions.','success' => false]);
|
||||
}
|
||||
|
||||
$permission = PermissionGroup::find($id);
|
||||
@@ -260,7 +260,7 @@
|
||||
public function dataForDatatables(Request $request)
|
||||
{
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.read')) {
|
||||
abort(403, 'Sorry! You are not allowed to view users.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to view permissions.','success' => false]);
|
||||
}
|
||||
|
||||
// Retrieve data from the database
|
||||
|
||||
@@ -170,7 +170,7 @@
|
||||
{
|
||||
// Check if the authenticated user has the required permission to delete positions
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.delete')) {
|
||||
abort(403, 'Sorry! You are not allowed to delete positions.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to delete positions.','success' => false]);
|
||||
}
|
||||
|
||||
// Find the position by ID
|
||||
@@ -207,7 +207,7 @@
|
||||
{
|
||||
// Check if the authenticated user has the required permission to view positions
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.read')) {
|
||||
abort(403, 'Sorry! You are not allowed to view positions.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to view positions.','success' => false]);
|
||||
}
|
||||
|
||||
// Retrieve data from the database
|
||||
|
||||
@@ -260,7 +260,7 @@
|
||||
public function dataForDatatables(Request $request)
|
||||
{
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.read')) {
|
||||
abort(403, 'Sorry! You are not allowed to view users.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to view roles.','success' => false]);
|
||||
}
|
||||
|
||||
// Retrieve data from the database
|
||||
|
||||
@@ -66,7 +66,7 @@
|
||||
public function dataForDatatables(Request $request)
|
||||
{
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.view')) {
|
||||
abort(403, 'Sorry! You are not allowed to view users.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to view users.','success' => false]);
|
||||
}
|
||||
|
||||
// Retrieve data from the database
|
||||
@@ -155,7 +155,7 @@
|
||||
public function destroy($id)
|
||||
{
|
||||
if (is_null($this->user) || !$this->user->can('usermanagement.delete')) {
|
||||
abort(403, 'Sorry! You are not allowed to delete users.');
|
||||
return response()->json(['message' => 'Sorry! You are not allowed to delete users.','success' => false]);
|
||||
}
|
||||
|
||||
$user = User::find($id);
|
||||
|
||||
Reference in New Issue
Block a user