tiradoe/movie-night-nuevo
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

added permissions to settings

Browse source
This commit is contained in:
Edward Tirado Jr 2025-12-30 23:57:45 -06:00
parent 83f7073b18
commit c31524977a
8 changed files with 121 additions and 83 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/Models/MovieList.php
View file

@ -24,4 +24,9 @@ class MovieList extends Model
{
return $this->belongsTo(User::class, 'user_id');
}
public function sharedUsers(): BelongsToMany
{
return $this->belongsToMany(User::class)->withPivot('permission')->withTimestamps();
}
}

10
app/Models/Permission.php
View file

@ -1,10 +0,0 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
class Permission extends Model
{
//
}

9
app/Models/User.php
View file

@ -2,16 +2,13 @@
namespace App\Models;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Database\Factories\UserFactory;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\Relations\HasOne;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Facades\Context;
use Illuminate\Support\Str;
use Laravel\Fortify\TwoFactorAuthenticatable;
class User extends Authenticatable
@ -60,6 +57,12 @@ class User extends Authenticatable
return $this->roles->contains('name', strtolower($role));
}
public function sharedLists(): BelongsToMany
{
return $this->belongsToMany(MovieList::class)->withPivot("permission")->withTimestamps();
}
/**
* Get the user's initials
*/

51
app/Policies/MovieListPolicy.php
View file

@ -15,11 +15,54 @@ class MovieListPolicy
//
}
public function update(User $user, MovieList $movieList)
/**
* Determine if the user can view the movie list.
*
* Grants access to the list owner and any user who has been
* granted view, edit, or admin permission.
*/
public function view(User $user, MovieList $movieList): bool
{
// If the user is the owner of the movie list or has been added as an editor for
// the movie list, allow them to update it.
if ($movieList->user_id === $user->id || $movieList->is_public === true) {
return true;
}
return $movieList->owner()->id = $user->id; //|| $movieList->editors->contains($user->id);
return $movieList->sharedUsers()->where("user_id", $user->id)->exists();
}
/**
* Determine if the user can update the movie list.
*
* Grants access to the list owner and any user who has been
* granted edit or admin permission.
*/
public function update(User $user, MovieList $movieList): bool
{
if ($movieList->user_id === $user->id) {
return true;
}
return $movieList->sharedUsers()
->where("user_id", $user->id)
->whereIn("permission", ["edit", "admin"])
->exists();
}
/**
* Determine if the user can delete the movie list.
*
* Grants access to the list owner and any user who has been
* granted admin permission.
*/
public function delete(User $user, MovieList $movieList): bool
{
if ($movieList->user_id === $user->id) {
return true;
}
return $movieList->sharedUsers()
->where("user_id", $user->id)
->where("permission", "admin")
->exists();
}
}

36
database/migrations/2025_12_27_193705_create_roles_table.php
View file

@ -1,36 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration {
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('roles', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('display_name');
$table->timestamps();
});
Schema::create('role_user', function (Blueprint $table) {
$table->id();
$table->foreignId('user_id')->constrained()->cascadeOnDelete();
$table->foreignId('role_id')->constrained()->cascadeOnDelete();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('roles_user');
Schema::dropIfExists('roles');
}
};

24
database/migrations/2025_12_27_193719_create_permissions_table.php
View file

@ -1,24 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
//
}
/**
* Reverse the migrations.
*/
public function down(): void
{
//
}
};

31
database/migrations/2025_12_31_043738_create_movie_list_user_table.php Normal file
View file

@ -0,0 +1,31 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('movie_list_user', function (Blueprint $table) {
$table->id();
$table->foreignId("movie_list_id")->constrained()->cascadeOnDelete();
$table->foreignId("user_id")->constrained()->cascadeOnDelete();
$table->enum("permission", ["view", "edit", "admin"]);
$table->unique(["movie_list_id", "user_id"]);
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('movie_list_user');
}
};

38
resources/views/livewire/movie-list.blade.php
View file

@ -2,7 +2,7 @@
<div class="flex flex-row justify-between items-center mx-2 sm:mx-0">
<h1 class="text-2xl sm:text-3xl font-bold">{{$list->name}}</h1>
@can('update', $list)
@can('delete', $list)
<button type="button" wire:click="toggleSettings"
class="hover:bg-blue-600 cursor-pointer text-white px-4 py-2 rounded">
<i class="fas fa-cog text-2xl"></i>
@ -30,11 +30,13 @@
wire:keyup="filterMovies"/>
</div>
@can("update", $list)
<hr class="my-2 sm:my-0"/>
<button wire:click="$dispatch('openSearch')"
class="bg-green-500 text-white p-2 rounded">
Add Movie
</button>
@endcan
</div>
@if(!$filteredMovies->isEmpty())
<ul class="grid grid-cols-2 sm:grid-cols-4 gap-5">
@ -65,7 +67,7 @@
<div class="flex flex-row">
<input type="text" wire:model.live="settingsForm.name" id="list-name"
class="w-full p-2 rounded rounded-r-none bg-white"/>
<button class="bg-green-400 p-2 rounded-r" type="submit" wire:click="saveSettings">Save
<button class="bg-green-500 p-2 rounded-r" type="submit" wire:click="saveSettings">Save
</button>
</div>
</div>
@ -78,15 +80,38 @@
class="w-5 h-5 text-blue-600 bg-gray-100 border-gray-300 rounded focus:ring-blue-500">
</div>
<div class="p-5">
<div class="p-5 flex flex-col gap-5 hover:bg-gray-500 rounded">
<span class="font-bold">Collaborators</span>
<details class="hover:cursor-pointer bg-gray-500 p-5 rounded">
<ul class="flex flex-col gap-2 py-2">
<li><span class="font-bold">Viewer</span>: Can view the list, but cannot make any changes.</li>
<li><span class="font-bold">Editor</span>: Can add/remove movies from the list.</li>
<li><span class="font-bold">Admin</span>: Can make any changes to the list including deleting it. Can also invite other users to collaborate on this list.</li>
</ul>
</details>
<ul>
<li>Bob</li>
<li>Eddie</li>
<li>Jane</li>
<li class="flex justify-between ">
<span>Bob</span>
<select>
<option value="view">Viewer</option>
<option value="edit">Editor</option>
<option value="admin">Admin</option>
</select>
</li>
</ul>
</div>
<div class="p-5 flex flex-col gap-3 hover:bg-gray-500 rounded">
<span class="font-bold">Invite collaborators</span>
<span class="hover:cursor-pointer">Enter a comma separated list of emails.</span>
<textarea class="bg-white rounded text-black p-2" placeholder="user1@example.com, user2@example.com, user3@example.com"></textarea>
<button type="button" class="p-2 rounded bg-green-500">Send Invites</button>
</div>
@can('delete', $list)
<div
class="flex items-center justify-between bg-gray-700 hover:bg-gray-500 hover:opacity-85 p-5 rounded">
<label for="delete_list" class="text-white cursor-pointer">Delete List</label>
@ -99,6 +124,7 @@
Delete List
</button>
</div>
@endcan
</div>
</div>
</div>