diff --git a/app/Models/User.php b/app/Models/User.php index 09f785997..b64dc0228 100755 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -386,7 +386,7 @@ public function canAccessPanel(Panel $panel): bool { // For the admin panel if ($panel->getId() === 'admin') { - return $this->hasRole(Utils::getSuperAdminName()) || $this->can('page_Dashboard'); + return $this->hasAdminAccess(); } // For modules panels @@ -395,7 +395,7 @@ public function canAccessPanel(Panel $panel): bool public function hasAdminAccess(): bool { - return $this->hasRole(Utils::getSuperAdminName()) || $this->can('page_Dashboard'); + return $this->hasRole(Utils::getSuperAdminName().'|admin') || $this->can('page_Dashboard'); } public function getFilamentAvatarUrl(): ?string diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 78b7ad0ad..3542b316d 100755 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -2,7 +2,10 @@ namespace App\Providers; +use App\Models\User; +use Illuminate\Auth\Access\Response; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; +use Illuminate\Support\Facades\Gate; class AuthServiceProvider extends ServiceProvider { @@ -22,6 +25,10 @@ class AuthServiceProvider extends ServiceProvider */ public function boot() { - // + Gate::define('access_admin', function (User $user): Response { + return $user->hasAdminAccess() + ? Response::allow() + : Response::deny('You do not have permission to access this page.'); + }); } } diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php index e25552d27..fb69057d6 100755 --- a/app/Providers/RouteServiceProvider.php +++ b/app/Providers/RouteServiceProvider.php @@ -79,7 +79,7 @@ protected function mapUpdaterRoutes() Route::group([ 'as' => 'update.', 'prefix' => 'update', - 'middleware' => ['web', 'auth', 'role_or_permission:super_admin|page_Dashboard'], + 'middleware' => ['web', 'auth', 'can:access_admin'], 'namespace' => 'App\Http\Controllers\System', ], function () { Route::get('/', 'UpdateController@index')->name('index');