gbanyan/usher-manage-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restrict access to forbidden links and widgets based on roles

Browse Source 
- Wrapped Admin/Management navigation links in @role and @can permission checks.
- Restricted dashboard 'Management/Ops' and 'Finance Application' widgets to authorized roles.
- Applied granular visibility control to 'To-do' buckets on the dashboard for Applicant, Cashier, Accountant, and Chair.
This commit is contained in:
Gbanyan
2025-11-28 00:38:10 +08:00
parent ebf7f4b42d
commit b6be6578c4
2 changed files with 55 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
resources/views/layouts/navigation.blade.php
View File

@@ -24,7 +24,7 @@
{{ __('Documents') }}
</x-nav-link>
@if(Auth::user())
@if(Auth::user() && (Auth::user()->hasRole(['admin', 'membership_manager', 'finance_accountant', 'staff']) || Auth::user()->canAny(['view_finance_documents', 'view_accounting_transactions', 'manage_system_settings'])))
<div class="hidden sm:flex sm:items-center">
<x-dropdown align="right" width="48">
<x-slot name="trigger">
@@ -40,33 +40,47 @@
</x-slot>
<x-slot name="content">
@hasrole('admin|membership_manager')
<x-dropdown-link :href="route('admin.members.index')">
{{ __('Admin: Members') }}
</x-dropdown-link>
@endhasrole
@role('admin')
<x-dropdown-link :href="route('admin.roles.index')">
{{ __('Admin: Roles') }}
</x-dropdown-link>
@endrole
@can('view_finance_documents')
<x-dropdown-link :href="route('admin.finance.index')">
{{ __('Admin: Finance') }}
</x-dropdown-link>
@endcan
@hasrole('admin|finance_accountant')
<x-dropdown-link :href="route('admin.budgets.index')">
{{ __('Admin: Budgets') }}
</x-dropdown-link>
@endhasrole
@can('view_accounting_transactions')
<x-dropdown-link :href="route('admin.transactions.index')">
{{ __('Admin: Transactions') }}
</x-dropdown-link>
@endcan
<x-dropdown-link :href="route('admin.issues.index')">
{{ __('Admin: Issues') }}
</x-dropdown-link>
@role('admin')
<x-dropdown-link :href="route('admin.audit.index')">
{{ __('Admin: Audit Logs') }}
</x-dropdown-link>
<x-dropdown-link :href="route('admin.document-categories.index')">
{{ __('Admin: Document Categories') }}
</x-dropdown-link>
@endrole
@hasrole('admin|staff')
<x-dropdown-link :href="route('admin.documents.index')">
{{ __('Admin: Documents') }}
</x-dropdown-link>
@endhasrole
@can('manage_system_settings')
<x-dropdown-link :href="route('admin.settings.general')">
{{ __('Admin: System Settings') }}
@@ -156,39 +170,53 @@
{{ __('Documents') }}
</x-responsive-nav-link>
@if(Auth::user())
@if(Auth::user() && (Auth::user()->hasRole(['admin', 'membership_manager', 'finance_accountant', 'staff']) || Auth::user()->canAny(['view_finance_documents', 'view_accounting_transactions', 'manage_system_settings'])))
<div class="pt-2 pb-1 border-t border-gray-200 dark:border-gray-700 mt-2">
<div class="px-4 text-xs font-semibold text-gray-500 uppercase tracking-wider">
{{ __('Management') }}
</div>
</div>
@hasrole('admin|membership_manager')
<x-responsive-nav-link :href="route('admin.members.index')" :active="request()->routeIs('admin.members.*')">
{{ __('Admin: Members') }}
</x-responsive-nav-link>
@endhasrole
@role('admin')
<x-responsive-nav-link :href="route('admin.roles.index')" :active="request()->routeIs('admin.roles.*')">
{{ __('Admin: Roles') }}
</x-responsive-nav-link>
@endrole
@can('view_finance_documents')
<x-responsive-nav-link :href="route('admin.finance.index')" :active="request()->routeIs('admin.finance.*')">
{{ __('Admin: Finance') }}
</x-responsive-nav-link>
@endcan
@hasrole('admin|finance_accountant')
<x-responsive-nav-link :href="route('admin.budgets.index')" :active="request()->routeIs('admin.budgets.*')">
{{ __('Admin: Budgets') }}
</x-responsive-nav-link>
@endhasrole
@can('view_accounting_transactions')
<x-responsive-nav-link :href="route('admin.transactions.index')" :active="request()->routeIs('admin.transactions.*')">
{{ __('Admin: Transactions') }}
</x-responsive-nav-link>
@endcan
<x-responsive-nav-link :href="route('admin.issues.index')" :active="request()->routeIs('admin.issues.*')">
{{ __('Admin: Issues') }}
</x-responsive-nav-link>
@role('admin')
<x-responsive-nav-link :href="route('admin.audit.index')" :active="request()->routeIs('admin.audit.*')">
{{ __('Admin: Audit Logs') }}
</x-responsive-nav-link>
<x-responsive-nav-link :href="route('admin.document-categories.index')" :active="request()->routeIs('admin.document-categories.*')">
{{ __('Admin: Document Categories') }}
</x-responsive-nav-link>
@endrole
@hasrole('admin|staff')
<x-responsive-nav-link :href="route('admin.documents.index')" :active="request()->routeIs('admin.documents.*')">
{{ __('Admin: Documents') }}
</x-responsive-nav-link>
@endhasrole
@can('manage_system_settings')
<x-responsive-nav-link :href="route('admin.settings.general')" :active="request()->routeIs('admin.settings.*')">
{{ __('Admin: System Settings') }}