From ba5b9d364e02d135d7e095a5bfc8f42e92a3c818 Mon Sep 17 00:00:00 2001 From: Alfonso Rafael Solis Rangel Date: Sun, 30 Jun 2024 21:30:25 -0600 Subject: [PATCH] Middleware de roles en funcionamiento --- routes/web.php | 64 +++++++++++++++++++++++++++----------------------- 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/routes/web.php b/routes/web.php index 7287681..3c0ae91 100644 --- a/routes/web.php +++ b/routes/web.php @@ -3,6 +3,7 @@ use Illuminate\Support\Facades\Route; //Middlewares use App\Http\Middleware\CheckBanned; +use App\Http\Middleware\CheckRoles; //Controllers use App\Http\Controllers\DependenciaController; use App\Http\Controllers\CargoController; @@ -30,42 +31,45 @@ }); Route::prefix('catalogos')->name('catalogos.')->group(function () { - Route::get('/cargos', [CargoController::class, 'index'])->name('cargos.get'); - Route::post('/cargos', [CargoController::class, 'store'])->name('cargos.store'); - Route::put('/cargos', [CargoController::class, 'update'])->name('cargos.update'); - Route::delete('/cargos/{id}', [CargoController::class, 'destroy'])->name('cargos.destroy'); + Route::get('/cargos', [CargoController::class, 'index'])->name('cargos.get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/cargos', [CargoController::class, 'store'])->name('cargos.store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::put('/cargos', [CargoController::class, 'update'])->name('cargos.update')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::delete('/cargos/{id}', [CargoController::class, 'destroy'])->name('cargos.destroy')->middleware(CheckRoles::class . ':admingen,admin' ); - Route::get('/profesion', [ProfesionController::class, 'index'])->name('profesion.get'); - Route::post('/profesion', [ProfesionController::class, 'store'])->name('profesion.store'); - Route::put('/profesion/{id}', [ProfesionController::class, 'update'])->name('profesion.update'); - Route::delete('/profesion/{id}', [ProfesionController::class, 'destroy'])->name('profesion.destroy'); + Route::get('/profesion', [ProfesionController::class, 'index'])->name('profesion.get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/profesion', [ProfesionController::class, 'store'])->name('profesion.store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::put('/profesion/{id}', [ProfesionController::class, 'update'])->name('profesion.update')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::delete('/profesion/{id}', [ProfesionController::class, 'destroy'])->name('profesion.destroy')->middleware(CheckRoles::class . ':admingen,admin' ); - Route::get('/caracteristicas', [CaracteristicasController::class, 'index'])->name('caracteristicas.get'); - Route::post('/caracteristicas', [CaracteristicasController::class, 'store'])->name('caracteristicas.store'); - Route::put('/caracteristicas', [CaracteristicasController::class, 'update'])->name('caracteristicas.update'); - Route::delete('/caracteristicas/{id}', [CaracteristicasController::class, 'destroy'])->name('caracteristicas.destroy'); + Route::get('/caracteristicas', [CaracteristicasController::class, 'index'])->name('caracteristicas.get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/caracteristicas', [CaracteristicasController::class, 'store'])->name('caracteristicas.store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::put('/caracteristicas', [CaracteristicasController::class, 'update'])->name('caracteristicas.update')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::delete('/caracteristicas/{id}', [CaracteristicasController::class, 'destroy'])->name('caracteristicas.destroy')->middleware(CheckRoles::class . ':admingen,admin' ); - Route::get('/grupos', [GruposController::class, 'index'])->name('grupos.get'); - Route::post('/grupos', [GruposController::class, 'store'])->name('grupos.store'); - Route::put('/grupos', [GruposController::class, 'update'])->name('grupos.update'); - Route::delete('/grupos/{id}', [GruposController::class, 'destroy'])->name('grupos.destroy'); + Route::get('/grupos', [GruposController::class, 'index'])->name('grupos.get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/grupos', [GruposController::class, 'store'])->name('grupos.store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::put('/grupos', [GruposController::class, 'update'])->name('grupos.update')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::delete('/grupos/{id}', [GruposController::class, 'destroy'])->name('grupos.destroy')->middleware(CheckRoles::class . ':admingen,admin' ); }); Route::name('catalogos.')->group(function () { - Route::get('/catalogos/dependencias', [DependenciaController::class, 'index'])->name('dependencias.get'); - Route::post('/catalogos/dependencias', [DependenciaController::class, 'store'])->name('dependencias.store'); - Route::put('/catalogos/dependencias', [DependenciaController::class, 'update'])->name('dependencias.update'); - Route::delete('/catalogos/dependencias/{id}', [DependenciaController::class, 'destroy'])->name('dependencias.destroy'); + Route::get('/catalogos/dependencias', [DependenciaController::class, 'index'])->name('dependencias.get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/catalogos/dependencias', [DependenciaController::class, 'store'])->name('dependencias.store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::put('/catalogos/dependencias', [DependenciaController::class, 'update'])->name('dependencias.update')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::delete('/catalogos/dependencias/{id}', [DependenciaController::class, 'destroy'])->name('dependencias.destroy')->middleware(CheckRoles::class . ':admingen,admin' ); - Route::get('/catalogos/grupos/subgrupos', [SubgrupoController::class, 'index'])->name('subgrupos.get'); - Route::get('/catalogos/grupos/subgrupos/crear', [SubgrupoController::class, 'create'])->name('subgrupos.create'); - Route::post('/catalogos/grupos/subgrupos/crear', [SubgrupoController::class, 'store'])->name('subgrupos.store'); - Route::get('/catalogos/grupos/subgrupos/{id}/editar', [SubgrupoController::class, 'edit'])->name('subgrupos.edit'); - Route::put('/catalogos/grupos/subgrupos/{id}/editar', [SubgrupoController::class, 'update'])->name('subgrupos.update'); - Route::delete('/catalogos/grupos/subgrupos/{id}', [SubgrupoController::class, 'destroy'])->name('subgrupos.destroy'); + Route::get('/catalogos/grupos/subgrupos', [SubgrupoController::class, 'index'])->name('subgrupos.get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::get('/catalogos/grupos/subgrupos/crear', [SubgrupoController::class, 'create'])->name('subgrupos.create')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/catalogos/grupos/subgrupos/crear', [SubgrupoController::class, 'store'])->name('subgrupos.store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::get('/catalogos/grupos/subgrupos/{id}/editar', [SubgrupoController::class, 'edit'])->name('subgrupos.edit')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::put('/catalogos/grupos/subgrupos/{id}/editar', [SubgrupoController::class, 'update'])->name('subgrupos.update')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::delete('/catalogos/grupos/subgrupos/{id}', [SubgrupoController::class, 'destroy'])->name('subgrupos.destroy')->middleware(CheckRoles::class . ':admingen,admin' ); }); -Route::name('usuarios.')->group(function () { +Route::middleware('auth:sanctum', + config('jetstream.auth_session'), + 'verified', + CheckBanned::class, CheckRoles::class . ':adminGen')->name('usuarios.')->group(function () { Route::get('/administracion/usuarios', [UserController::class, 'index'])->name('get'); Route::get('/administracion/usuarios/crear', [UserController::class, 'create'])->name('create'); Route::post('/administracion/usuarios/crear', [UserController::class, 'store'])->name('store'); @@ -78,7 +82,7 @@ config('jetstream.auth_session'), 'verified', CheckBanned::class)->name('contacto.')->group(function() { - Route::get('/contactos', [ContactoController::class, 'index'])->name('get'); - Route::get('/contactos/crear', [ContactoController::class, 'create'])->name('create'); - Route::post('/contactos/crear', [ContactoController::class, 'store'])->name('store'); + Route::get('/contactos', [ContactoController::class, 'index'])->name('get')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::get('/contactos/crear', [ContactoController::class, 'create'])->name('create')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); + Route::post('/contactos/crear', [ContactoController::class, 'store'])->name('store')->middleware(CheckRoles::class . ':admingen,admin,capturista' ); }); -- GitLab