added voucher angel group right

2022-06-02 22:31:49 +02:00 · 2022-06-02 22:31:49 +02:00 · 9001907b74
parent 743a79ceea
commit 9001907b74
3 changed files with 55 additions and 2 deletions
--- a/db/migrations/2022_06_02_000000_create_voucher_edit_permission.php
+++ b/db/migrations/2022_06_02_000000_create_voucher_edit_permission.php
@ -0,0 +1,53 @@
+<?php
+
+namespace Engelsystem\Migrations;
+
+use Engelsystem\Database\Migration\Migration;
+
+class CreateVoucherEditPermission extends Migration
+{
+    /**
+     * Run the migration
+     */
+    public function up()
+    {
+        if (!$this->schema->hasTable('Privileges')) {
+            return;
+        }
+
+        $db = $this->schema->getConnection();
+        $db->table('Privileges')->insert([
+            ['name' => 'voucher.edit', 'desc' => 'Edit vouchers'],
+        ]);
+        $db->table('Groups')->insert([
+            ['Name' => 'Voucher Angel', 'UID' => -26],
+        ]);
+
+        $shiftCoordinatorGroup = -40;
+        $editId = $db->table('Privileges')->where('name', 'voucher.edit')->first()->id;
+        $arriveId = $db->table('Privileges')->where('name', 'admin_arrive')->first()->id;
+        $db->table('GroupPrivileges')->insert([
+            ['group_id' => $shiftCoordinatorGroup, 'privilege_id' => $editId],
+            ['group_id' => -26, 'privilege_id' => $editId],
+            ['group_id' => -26, 'privilege_id' => $arriveId],
+        ]);
+    }
+
+    /**
+     * Reverse the migration
+     */
+    public function down()
+    {
+        if (!$this->schema->hasTable('Privileges')) {
+            return;
+        }
+
+        $db = $this->schema->getConnection();
+        $db->table('Privileges')
+            ->where('name', 'voucher.edit')
+            ->delete();
+        $db->table('Groups')
+            ->where('UID', -26)
+            ->delete();
+    }
+}
--- a/includes/controller/users_controller.php
+++ b/includes/controller/users_controller.php
@ -146,7 +146,7 @@ function user_edit_vouchers_controller()
        $user_source = $user;
    }

-    if (!auth()->can('admin_user')) {
+    if (!auth()->can('admin_user') && !auth()->can('voucher.edit')) {
        throw_redirect(page_link_to(''));
    }

--- a/includes/view/User_view.php
+++ b/includes/view/User_view.php
@ -641,7 +641,7 @@ function User_view(
                                form_hidden('user', $user_source->id),
                                form_submit('submit', __('arrived'), '', false, 'primary')
                            ], page_link_to('admin_arrive'), true) : '',
-                        $admin_user_privilege ? button(
+                        $admin_user_privilege || $auth->can('voucher.edit') ? button(
                            page_link_to(
                                'users',
                                ['action' => 'edit_vouchers', 'user_id' => $user_source->id]