v1

Author: fernandod1

Diff for: app/Http/Controllers/Auth/RegisterController.php

@@ -64,7 +64,17 @@ protected function validator(array $data)
      */
     protected function create(array $data)
     {
+        if(User::count()==0){
+            //first registration, admin privileges
+            $active=1;
+            $role=0;
+        } else {
+            $active=0;
+            $role=10;
+        }
         return User::create([
+            'active' => $active,
+            'role' => $role,
             'name' => $data['name'],
             'email' => $data['email'],
             'password' => Hash::make($data['password']),

Diff for: app/Http/Controllers/CategoryController.php

@@ -11,15 +11,22 @@
  */
 class CategoryController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+    }
     /**
      * Display a listing of the resource.
      *
      * @return \Illuminate\Http\Response
      */
     public function index()
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $categories = Category::paginate();
-
         return view('category.index', compact('categories'))
             ->with('i', (request()->input('page', 1) - 1) * $categories->perPage());
     }
@@ -31,6 +38,10 @@ public function index()
      */
     public function create()
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $category = new Category();
         return view('category.create', compact('category'));
     }
@@ -43,10 +54,12 @@ public function create()
      */
     public function store(Request $request)
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         request()->validate(Category::$rules);
-
         $category = Category::create($request->all());
-
         return redirect()->route('categories.index')
             ->with('success', 'Categoría creada con éxito.');
     }
@@ -59,8 +72,11 @@ public function store(Request $request)
      */
     public function show($id)
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $category = Category::find($id);
-
         return view('category.show', compact('category'));
     }
 
@@ -72,8 +88,11 @@ public function show($id)
      */
     public function edit($id)
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $category = Category::find($id);
-
         return view('category.edit', compact('category'));
     }
 
@@ -86,8 +105,11 @@ public function edit($id)
      */
     public function update(Request $request, Category $category)
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         request()->validate(Category::$rules);
-
         $category->update($request->all());
 
         return redirect()->route('categories.index')
@@ -101,8 +123,11 @@ public function update(Request $request, Category $category)
      */
     public function destroy($id)
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $category = Category::find($id)->delete();
-
         return redirect()->route('categories.index')
             ->with('success', 'Categoría elimnada con éxito.');
     }

Diff for: app/Http/Controllers/OrderController.php

@@ -16,6 +16,10 @@
  */
 class OrderController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+    }
     /**
      * Display a listing of the resource.
      *
@@ -36,6 +40,10 @@ public function index()
      */
     public function create()
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $order = new Order();
         $category = Category::all();
         $product = Product::all();        
@@ -64,12 +72,25 @@ public function status($id_order,$id_status)
      */
     public function store(Request $request)
     {
-        $id_order = rand(100, 999);
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
+        $data = Order::latest('id')->first();
+        if($data != null){
+            $id_order = $data->id + 1;
+        }else{$id_order = 1;}
+        $id = DB::table('clients')->insertGetId(
+            [ 'id_order' => $id_order,
+              'name'     => $request['name'],
+              'notes'     => $request['notes']
+            ]
+            );   
         foreach ($request->p as $x => $x_value){
             if($x_value>0){
                 $order = new Order;
                 $order->id_order = $id_order;
-                $order->id_user = auth()->user()->id;
+                $order->id_client = $id;
                 $order->id_product = (int)$x;
                 $order->quantity = (int)$x_value;
                 $order->status = 0;
@@ -118,9 +139,7 @@ public function edit($id)
     public function update(Request $request, Order $order)
     {
         request()->validate(Order::$rules);
-
         $order->update($request->all());
-
         return redirect()->route('orders.index')
             ->with('success', 'Pedido modificado con éxito.');
     }
@@ -133,7 +152,6 @@ public function update(Request $request, Order $order)
     public function destroy($id)
     {
         $order = Order::find($id)->delete();
-
         return redirect()->route('orders.index')
             ->with('success', 'Pedido eliminado con éxito');
     }

Diff for: app/Http/Controllers/ProductController.php

@@ -12,15 +12,22 @@
  */
 class ProductController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+    }
     /**
      * Display a listing of the resource.
      *
      * @return \Illuminate\Http\Response
      */
     public function index()
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $products = Product::paginate();
-
         return view('product.index', compact('products'))
             ->with('i', (request()->input('page', 1) - 1) * $products->perPage());
     }
@@ -32,6 +39,10 @@ public function index()
      */
     public function create()
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $product = new Product();
         $category = Category::all();    
 
@@ -46,10 +57,12 @@ public function create()
      */
     public function store(Request $request)
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         request()->validate(Product::$rules);
-
         $product = Product::create($request->all());
-
         return redirect()->route('products.index')
             ->with('success', 'Producto añadido con éxito.');
     }
@@ -62,6 +75,10 @@ public function store(Request $request)
      */
     public function show($id)
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $product = Product::find($id);
 
         return view('product.show', compact('product'));
@@ -75,6 +92,10 @@ public function show($id)
      */
     public function edit($id)
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $product = Product::find($id);
         $category = Category::all();
 
@@ -90,10 +111,12 @@ public function edit($id)
      */
     public function update(Request $request, Product $product)
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         request()->validate(Product::$rules);
-
         $product->update($request->all());
-
         return redirect()->route('products.index')
             ->with('success', 'Producto actualizado con éxito.');
     }
@@ -105,8 +128,11 @@ public function update(Request $request, Product $product)
      */
     public function destroy($id)
     {
+        if (auth()->user()->role > 0){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $product = Product::find($id)->delete();
-
         return redirect()->route('products.index')
             ->with('success', 'Producto eliminado con éxito.');
     }

Diff for: app/Http/Controllers/UserController.php

@@ -5,22 +5,34 @@
 use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Auth;
+
+
+//use Auth;
 
 /**
  * Class UserController
  * @package App\Http\Controllers
  */
 class UserController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+
+    }
     /**
      * Display a listing of the resource.
      *
      * @return \Illuminate\Http\Response
      */
     public function index()
     {
+        if (auth()->user()->role > 1){
+            return redirect()->route('home')
+            ->with('error', 'No tiene permisos para realizar esta operación.');
+        }
         $users = User::paginate();
-
         return view('user.index', compact('users'))
             ->with('i', (request()->input('page', 1) - 1) * $users->perPage());
     }

Diff for: app/Models/Client.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+
+class Client extends Model
+{
+    use HasFactory;
+
+    protected $fillable = ['name','notes'];
+
+}

Diff for: app/Models/Order.php

@@ -26,7 +26,7 @@ class Order extends Model
 
     static $rules = [
 		'id_order' => 'required',
-		'id_user' => 'required',
+		'id_client' => 'required',
 		'id_product' => 'required',
 		'quantity' => 'required',
 		'status' => 'required',
@@ -39,7 +39,7 @@ class Order extends Model
      *
      * @var array
      */
-    protected $fillable = ['id_order','id_user','id_product','quantity','status'];
+    protected $fillable = ['id_order','id_client','id_product','quantity','status'];
 
 
     /**
@@ -49,14 +49,16 @@ public function product()
     {
         return $this->hasOne('App\Models\Product', 'id', 'id_product');
     }
-    
+
     /**
      * @return \Illuminate\Database\Eloquent\Relations\HasOne
      */
-    public function user()
+    public function client()
     {
-        return $this->hasOne('App\Models\User', 'id', 'id_user');
+        return $this->hasOne('App\Models\Client', 'id', 'id_client');
     }
+
+
 
 
 }

Diff for: database/migrations/2014_10_12_000000_create_users_table.php

@@ -18,7 +18,7 @@ public function up()
             $table->string('name');
             $table->string('email')->unique();
             $table->boolean('active')->default(0)->nullable();
-            $table->integer('role')->default(-1);
+            $table->integer('role')->default(10);
             $table->timestamp('email_verified_at')->nullable();
             $table->string('password');
             $table->rememberToken();

Diff for: database/migrations/2021_10_27_000115_create_orders_table.php

@@ -16,8 +16,8 @@ public function up()
         Schema::create('orders', function (Blueprint $table) {
             $table->id();
             $table->unsignedBigInteger('id_order');
-            $table->unsignedBigInteger('id_user');
-            $table->foreign('id_user')->references('id')->on('users')->onDelete('cascade');
+            $table->unsignedBigInteger('id_client');
+            $table->foreign('id_client')->references('id')->on('clients')->onDelete('cascade');
             $table->unsignedBigInteger('id_product');
             $table->foreign('id_product')->references('id')->on('products')->onDelete('cascade');
             $table->unsignedBigInteger('quantity');