root/New-Thanasoft
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add persmission in API in role CRUD controller

Browse Source
This commit is contained in:
kevin 2026-04-28 10:30:54 +03:00
parent e27cce45e0
commit bc497382a3
3 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
thanasoft-back/app/Http/Controllers/Api/AuthController.php
View File

@ -73,7 +73,7 @@ class AuthController extends BaseController
$token = $user->createToken('api')->plainTextToken; $token = $user->createToken('api')->plainTextToken;
return $this->sendResponse([ return $this->sendResponse([
'user' => $user, 'user' => $user->load('roles', 'permissions'),
'token' => $token, 'token' => $token,
], 'Login successful.'); ], 'Login successful.');
@ -143,7 +143,7 @@ class AuthController extends BaseController
$token = $user->createToken('api')->plainTextToken; $token = $user->createToken('api')->plainTextToken;
return $this->sendResponse([ return $this->sendResponse([
'user' => $user, 'user' => $user->load('roles', 'permissions'),
'token' => $token, 'token' => $token,
], 'Mot de passe cree et connexion reussie.'); ], 'Mot de passe cree et connexion reussie.');
} catch (ValidationException $e) { } catch (ValidationException $e) {

8
thanasoft-back/bootstrap/app.php
View File

@ -3,6 +3,9 @@
use Illuminate\Foundation\Application; use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions; use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware; use Illuminate\Foundation\Configuration\Middleware;
use Spatie\Permission\Middleware\PermissionMiddleware;
use Spatie\Permission\Middleware\RoleMiddleware;
use Spatie\Permission\Middleware\RoleOrPermissionMiddleware;
return Application::configure(basePath: dirname(__DIR__)) return Application::configure(basePath: dirname(__DIR__))
->withRouting( ->withRouting(
@ -13,6 +16,11 @@ return Application::configure(basePath: dirname(__DIR__))
) )
->withMiddleware(function (Middleware $middleware): void { ->withMiddleware(function (Middleware $middleware): void {
$middleware->statefulApi(); $middleware->statefulApi();
$middleware->alias([
'role' => RoleMiddleware::class,
'permission' => PermissionMiddleware::class,
'role_or_permission' => RoleOrPermissionMiddleware::class,
]);
}) })
->withExceptions(function (Exceptions $exceptions): void { ->withExceptions(function (Exceptions $exceptions): void {
// //

2
thanasoft-back/routes/api.php
View File

@ -66,6 +66,7 @@ Route::middleware('auth:sanctum')->group(function () {
Route::apiResource('client-groups', ClientGroupController::class); Route::apiResource('client-groups', ClientGroupController::class);
Route::apiResource('price-lists', PriceListController::class); Route::apiResource('price-lists', PriceListController::class);
Route::apiResource('users', UserController::class); Route::apiResource('users', UserController::class);
Route::middleware('permission:config.view_roles')->group(function () {
Route::get('access-control', [AccessControlController::class, 'index']); Route::get('access-control', [AccessControlController::class, 'index']);
Route::post('access-control/roles', [AccessControlController::class, 'storeRole']); Route::post('access-control/roles', [AccessControlController::class, 'storeRole']);
Route::put('access-control/roles/{id}', [AccessControlController::class, 'updateRole']); Route::put('access-control/roles/{id}', [AccessControlController::class, 'updateRole']);
@ -74,6 +75,7 @@ Route::middleware('auth:sanctum')->group(function () {
Route::post('access-control/permissions', [AccessControlController::class, 'storePermission']); Route::post('access-control/permissions', [AccessControlController::class, 'storePermission']);
Route::put('access-control/permissions/{id}', [AccessControlController::class, 'updatePermission']); Route::put('access-control/permissions/{id}', [AccessControlController::class, 'updatePermission']);
Route::delete('access-control/permissions/{id}', [AccessControlController::class, 'destroyPermission']); Route::delete('access-control/permissions/{id}', [AccessControlController::class, 'destroyPermission']);
});
Route::apiResource('client-locations', ClientLocationController::class); Route::apiResource('client-locations', ClientLocationController::class);
Route::apiResource('client-locations', ClientLocationController::class); Route::apiResource('client-locations', ClientLocationController::class);