Probindo/database-pertani-web
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

offtaker access

Browse Source
This commit is contained in:
fauzgabriel@gmail.com 2026-03-11 11:29:37 +07:00
parent a10828f460
commit 59160a62c3
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/Http/Controllers/Api/OfftakerController.php
View File

@ -22,7 +22,9 @@ public function index(): JsonResponse
public function store(Request $request): JsonResponse public function store(Request $request): JsonResponse
{ {
Gate::authorize('any',['super_admin', 'petani']); if (!Gate::any(['super_admin', 'petani', 'fasilitator', 'admin'])) {
abort(403, 'Unauthorized');
}
$validated = $request->validate([ $validated = $request->validate([
'user_email' => ['required', 'email', 'max:255'], 'user_email' => ['required', 'email', 'max:255'],
@ -49,14 +51,18 @@ public function store(Request $request): JsonResponse
public function show(string $id): JsonResponse public function show(string $id): JsonResponse
{ {
Gate::authorize('any',['super_admin', 'petani']); if (!Gate::any(['super_admin', 'petani', 'fasilitator', 'admin'])) {
abort(403, 'Unauthorized');
}
$offtaker = Offtaker::findOrFail($id); $offtaker = Offtaker::findOrFail($id);
return response()->json($offtaker); return response()->json($offtaker);
} }
public function update(Request $request, string $id): JsonResponse public function update(Request $request, string $id): JsonResponse
{ {
Gate::authorize('any',['super_admin', 'petani']); if (!Gate::any(['super_admin', 'petani', 'fasilitator', 'admin'])) {
abort(403, 'Unauthorized');
}
$offtaker = Offtaker::findOrFail($id); $offtaker = Offtaker::findOrFail($id);
$validated = $request->validate([ $validated = $request->validate([
@ -74,7 +80,9 @@ public function update(Request $request, string $id): JsonResponse
public function destroy(string $id): JsonResponse public function destroy(string $id): JsonResponse
{ {
Gate::authorize('any',['super_admin', 'petani']); if (!Gate::any(['super_admin', 'petani', 'fasilitator', 'admin'])) {
abort(403, 'Unauthorized');
}
Offtaker::findOrFail($id)->delete(); Offtaker::findOrFail($id)->delete();
return response()->json(null, 204); return response()->json(null, 204);
@ -85,7 +93,9 @@ public function destroy(string $id): JsonResponse
*/ */
public function batchUpsert(Request $request): JsonResponse public function batchUpsert(Request $request): JsonResponse
{ {
Gate::authorize('any',['super_admin', 'petani']); if (!Gate::any(['super_admin', 'petani', 'fasilitator', 'admin'])) {
abort(403, 'Unauthorized');
}
$validated = $request->validate([ $validated = $request->validate([
'offtakers' => ['required', 'array'], 'offtakers' => ['required', 'array'],