Added much of member authorization to projects, start of project admin

Joseph Salzano · Joseph Salzano · commit 2496e0b63f32 · 2016-12-27T03:09:58.000-07:00
diff --git a/app/Http/Controllers/CommentController.php b/app/Http/Controllers/CommentController.php
@@ -1,18 +1,18 @@
 <?php 
 namespace SoftwareHerd\Http\Controllers;
 
-use SoftwareHerd\Post;
+use SoftwareHerd\Comment;
 use Illuminate\Http\Request;
 
 class CommentController extends Controller
 {
-	public function projectCreateComment(request $request)
+	public function createComment(request $request)
 	{
 		$comment = new Comment();
-		$comment->title = $request['title'];
-		$comment->description = $request['description'];
-		$comment->posting_project = $request->project()->id;
-		//$request->projects()->-posts->save($post);
-		return view('home');
+		$comment->data = $request['data'];
+		$comment->post_id = $request->id;
+		$comment->user_id = $request->user()->id;
+		$comment->save();
+		return redirect('/news_post/'.$request->id);
 	}
 }
diff --git a/app/Http/Controllers/PostController.php b/app/Http/Controllers/PostController.php
@@ -6,14 +6,15 @@
 
 class PostController extends Controller
 {
-	public function projectCreatePost(request $request)
+	public function createPost(request $request)
 	{
-		$post = new Post();
-		$post->title = $request['title'];
+		$post = new Comment();
+		$post->title = $request['info'];
+		$post->summary = $request['summary'];
 		$post->info = $request['info'];
-		$post->posting_project = $request->project()->id;
-		save($post);
-		return view('home');
+		$post->posting_project = $request->id;
+		$post->save();
+		return redirect('/project/'.$request->id);
 	}
 
 	public function post($id) {
diff --git a/app/Http/Controllers/ProjectController.php b/app/Http/Controllers/ProjectController.php
@@ -31,4 +31,10 @@ public function projects() {
 		return view('project_library', array('projects' => $projects));
 	}
 
+	public function admin($id) {
+		$project = Project::find($id);
+		if(!\Auth::user()->can('admin', $project))
+			return redirect('/project_library');
+		return view('project_admin', array('project' => $project));
+	}
 }
diff --git a/app/Policies/CommentPolicy.php b/app/Policies/CommentPolicy.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace SoftwareHerd\Policies;
+
+use SoftwareHerd\User;
+use SoftwareHerd\Comment;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class CommentPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Determine whether the user can update the comment.
+     *
+     * @param  \SoftwareHerd\User  $user
+     * @param  \SoftwareHerd\Comment  $comment
+     * @return mixed
+     */
+    public function update(User $user, Comment $comment)
+    {
+        //
+    }
+
+    /**
+     * Determine whether the user can delete the comment.
+     *
+     * @param  \SoftwareHerd\User  $user
+     * @param  \SoftwareHerd\Comment  $comment
+     * @return mixed
+     */
+    public function delete(User $user, Comment $comment)
+    {
+        //
+    }
+}
diff --git a/app/Policies/ProjectPolicy.php b/app/Policies/ProjectPolicy.php
@@ -0,0 +1,45 @@
+<?php
+
+namespace SoftwareHerd\Policies;
+
+use SoftwareHerd\User;
+use SoftwareHerd\Project;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class ProjectPolicy
+{
+    use HandlesAuthorization;
+
+    public function admin(User $user, Project $project)
+    {
+        $user_projects = \DB::table('user_projects')->where('project_id', $project->id)->where('user_id', $user->id)->first();
+        if(!$user_projects)
+            return false;
+        if($user_projects->level > 0)
+            return true;
+        else
+            return false;
+    }
+    
+    public function leader(User $user, Project $project)
+    {
+        $user_projects = \DB::table('user_projects')->where('project_id', $project->id)->where('user_id', $user->id)->first();
+        if(!$user_projects)
+            return false;
+        if($user_projects->level > 1)
+            return true;
+        else
+            return false;
+    }
+    
+    public function creator(User $user, Project $project)
+    {
+        $user_projects = \DB::table('user_projects')->where('project_id', $project->id)->where('user_id', $user->id)->first();
+        if(!$user_projects)
+            return false;
+        if($user_projects->level > 2)
+            return true;
+        else
+            return false;
+    }
+}
diff --git a/app/Project.php b/app/Project.php
@@ -10,7 +10,7 @@ class Project extends Model
 
     public function user()
     {
-    	return $this->belongsTo('SoftwareHerd\User');
+    	return $this->hasMany('SoftwareHerd\User');
     }
 	
 	public function posts()
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
@@ -6,6 +6,7 @@
 
 class AppServiceProvider extends ServiceProvider
 {
+    
     /**
      * Bootstrap any application services.
      *
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
@@ -14,6 +14,8 @@ class AuthServiceProvider extends ServiceProvider
      */
     protected $policies = [
         'SoftwareHerd\Model' => 'SoftwareHerd\Policies\ModelPolicy',
+        'SoftwareHerd\Project' => 'SoftwareHerd\Policies\ProjectPolicy',
+        'SoftwareHerd\Comment' => 'SoftwareHerd\Policies\CommentPolicy',
     ];
 
     /**
diff --git a/database/migrations/2016_12_27_061052_add_member_level_to_projects.php b/database/migrations/2016_12_27_061052_add_member_level_to_projects.php
@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddMemberLevelToProjects extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('user_projects', function (Blueprint $table) {
+            $table->smallInteger('level'); // 0=Member, 1=Admin, 2=Leader, 3=Creator
+            $table->index('project_id', 'project_id_index');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('user_projects', function (Blueprint $table) {
+            $table->dropColumn('level');
+            $table->dropIndex('project_id_index');
+        });
+    }
+}
diff --git a/resources/views/news_post.blade.php b/resources/views/news_post.blade.php
@@ -2,17 +2,32 @@
 
 @section('content')
 
-{{$post->title}}<br>
+<h4>{{$post->title}}</h4><br>
 {{$post->created_at}}<br>
 <?php echo $post->info; ?><br>
 
 
 <h2>Comments:</h2>
 
 @foreach ($post->comments as $comment)
-    {{$comment->user->name}}<br>
+    <a href="/members/{{$comment->user->id}}">{{$comment->user->name}}</a><br>
     {{$comment->created_at}}<br>
-    {{$comment->data}}</br><br>
+    {{$comment->data}}<br><br>
 @endforeach 
 
+@if(Auth::User())
+
+<form  method="post">
+    <div class="form-group">
+       <textarea class="form-control" name="data" id="new-project" rows="5" placeholder="Post a comment here."></textarea>
+   </div>
+   <button type="submit" class="btn btn-primary">Post Comment</button>
+   <input type="hidden" value="{{ Session::token() }}" name="_token">
+     {{ csrf_field() }}
+</form>
+
+@else
+    Please <a href="{{ url('/login') }}">login</a> if you want to post a comment.
+@endif
+
 @endsection
diff --git a/resources/views/project.blade.php b/resources/views/project.blade.php
@@ -28,6 +28,12 @@
 
 @include('news_list')
 
+<h3>
+    @can('admin', $project)
+    <a href="/project_admin/{{$project->id}}">Project Administration</a>
+    @endcan
+</h3>
+
 <div>
 </div>
 
diff --git a/resources/views/project_admin.blade.php b/resources/views/project_admin.blade.php
@@ -0,0 +1,21 @@
+@extends('layouts.master')
+
+@section('title')
+Project Admin Page
+@endsection
+
+@section('content')
+<section class="row new-post">
+    <div class="col-md-6">
+         <form action="{{ route('project.create') }}" method="post">
+            <div class="form-group">
+                <textarea class="form-control" name="title" id="new-post" rows="1" placeholder="Your Post's Title"></textarea>
+                <textarea class="form-control" name="summary" id="new-post" rows="2" placeholder="Your Post's Summary or Short Description"></textarea>
+                <textarea class="form-control" name="info" id="new-post" rows="5" placeholder="Your Post's Main Body"></textarea>
+            </div>
+            <button type="submit" class="btn btn-primary">Create Post</button>
+            <input type="hidden" value="{{ Session::token() }}" name="_token">
+            {{ csrf_field() }}
+        </form>
+</section>
+@endsection
diff --git a/routes/web.php b/routes/web.php
@@ -18,11 +18,13 @@
 
 Route::get('project/{id}', 'ProjectController@project'); //Route for individual project
 Route::get('project_library', 'ProjectController@projects'); //Route for project library
+Route::get('project_admin/{id}', 'ProjectController@admin'); //Route for project admin page
 
-Route::get('user/{id}', 'UserController@user'); //Route for individual project
-Route::get('members/{id}', 'User_ProjectsController@project_members'); //Route for project members
+Route::get('user/{id}', 'UserController@user')->middleware('auth'); //Route for individual project
+Route::get('members/{id}', 'User_ProjectsController@project_members')->middleware('auth'); //Route for project members
 
 Route::get('/news_post/{id}', 'PostController@post'); //For the specific post page.
+Route::post('/news_post/{id}', 'CommentController@createComment'); //For the specific post page.
 
 Auth::routes();
 

Original file line number	Diff line number	Diff line change
`@@ -1,18 +1,18 @@`
`1`	`1`	`<?php`
`2`	`2`	`namespace SoftwareHerd\Http\Controllers;`
`3`	`3`
`4`		`-use SoftwareHerd\Post;`
	`4`	`+use SoftwareHerd\Comment;`
`5`	`5`	`use Illuminate\Http\Request;`
`6`	`6`
`7`	`7`	`class CommentController extends Controller`
`8`	`8`	`{`
`9`		`- public function projectCreateComment(request $request)`
	`9`	`+ public function createComment(request $request)`
`10`	`10`	`{`
`11`	`11`	`$comment = new Comment();`
`12`		`- $comment->title = $request['title'];`
`13`		`- $comment->description = $request['description'];`
`14`		`- $comment->posting_project = $request->project()->id;`
`15`		`- //$request->projects()->-posts->save($post);`
`16`		`- return view('home');`
	`12`	`+ $comment->data = $request['data'];`
	`13`	`+ $comment->post_id = $request->id;`
	`14`	`+ $comment->user_id = $request->user()->id;`
	`15`	`+ $comment->save();`
	`16`	`+ return redirect('/news_post/'.$request->id);`
`17`	`17`	`}`
`18`	`18`	`}`
Original file line number	Diff line number	Diff line change
`@@ -31,4 +31,10 @@ public function projects() {`
`31`	`31`	`return view('project_library', array('projects' => $projects));`
`32`	`32`	`}`
`33`	`33`
	`34`	`+ public function admin($id) {`
	`35`	`+ $project = Project::find($id);`
	`36`	`+ if(!\Auth::user()->can('admin', $project))`
	`37`	`+ return redirect('/project_library');`
	`38`	`+ return view('project_admin', array('project' => $project));`
	`39`	`+ }`
`34`	`40`	`}`
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ class Project extends Model`
`10`	`10`
`11`	`11`	`public function user()`
`12`	`12`	`{`
`13`		`- return $this->belongsTo('SoftwareHerd\User');`
	`13`	`+ return $this->hasMany('SoftwareHerd\User');`
`14`	`14`	`}`
`15`	`15`
`16`	`16`	`public function posts()`
Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,7 @@`
`6`	`6`
`7`	`7`	`class AppServiceProvider extends ServiceProvider`
`8`	`8`	`{`
	`9`	`+`
`9`	`10`	`/**`
`10`	`11`	`* Bootstrap any application services.`
`11`	`12`	`*`