From 87d25bb8b82923c61bc94da0e240d4cefb59fdee Mon Sep 17 00:00:00 2001 From: Josef Citrine Date: Wed, 18 May 2016 01:27:59 +0100 Subject: [PATCH] Admin album editing --- app/Commands/EditAlbumCommand.php | 15 +++++++++++++-- app/Http/Controllers/Api/Web/AlbumsController.php | 4 +++- app/Models/Album.php | 5 +++-- public/templates/account/album.html | 5 +++++ public/templates/directives/track-editor.html | 10 +++++----- .../app/controllers/account-albums-edit.coffee | 6 ++++-- 6 files changed, 33 insertions(+), 12 deletions(-) diff --git a/app/Commands/EditAlbumCommand.php b/app/Commands/EditAlbumCommand.php index 63cc6267..b913b4df 100644 --- a/app/Commands/EditAlbumCommand.php +++ b/app/Commands/EditAlbumCommand.php @@ -22,7 +22,9 @@ namespace Poniverse\Ponyfm\Commands; use Poniverse\Ponyfm\Models\Album; use Poniverse\Ponyfm\Models\Image; +use Poniverse\Ponyfm\Models\User; use Auth; +use Gate; use DB; use Validator; @@ -48,7 +50,7 @@ class EditAlbumCommand extends CommandBase { $user = Auth::user(); - return $this->_album && $user != null && $this->_album->user_id == $user->id; + return $this->_album && $user != null && Gate::allows('edit', $this->_album); } /** @@ -61,7 +63,8 @@ class EditAlbumCommand extends CommandBase 'title' => 'required|min:3|max:50', 'cover' => 'image|mimes:png|min_width:350|min_height:350', 'cover_id' => 'exists:images,id', - 'track_ids' => 'exists:tracks,id' + 'track_ids' => 'exists:tracks,id', + 'username' => 'exists:users,username' ]; $validator = Validator::make($this->_input, $rules); @@ -86,6 +89,14 @@ class EditAlbumCommand extends CommandBase } } + if (isset($this->_input['username'])) { + $newid = User::where('username', $this->_input['username'])->first()->id; + + if ($this->_album->user_id != $newid) { + $this->_album->user_id = $newid; + } + } + $trackIds = explode(',', $this->_input['track_ids']); $this->_album->syncTrackIds($trackIds); $this->_album->save(); diff --git a/app/Http/Controllers/Api/Web/AlbumsController.php b/app/Http/Controllers/Api/Web/AlbumsController.php index f5056802..5e618e85 100644 --- a/app/Http/Controllers/Api/Web/AlbumsController.php +++ b/app/Http/Controllers/Api/Web/AlbumsController.php @@ -29,6 +29,7 @@ use Poniverse\Ponyfm\Http\Controllers\ApiControllerBase; use Poniverse\Ponyfm\Models\Image; use Poniverse\Ponyfm\Models\ResourceLogItem; use Auth; +use Gate; use Input; use Poniverse\Ponyfm\Models\User; use Response; @@ -171,7 +172,7 @@ class AlbumsController extends ApiControllerBase return $this->notFound('Album ' . $id . ' not found!'); } - if ($album->user_id != Auth::user()->id) { + if (Gate::denies('edit', Auth::user())) { return $this->notAuthorized(); } @@ -187,6 +188,7 @@ class AlbumsController extends ApiControllerBase 'id' => $album->id, 'title' => $album->title, 'user_id' => $album->user_id, + 'username' => User::whereId($album->user_id)->first()->username, 'slug' => $album->slug, 'created_at' => $album->created_at, 'published_at' => $album->published_at, diff --git a/app/Models/Album.php b/app/Models/Album.php index e3000e17..d4f2187e 100644 --- a/app/Models/Album.php +++ b/app/Models/Album.php @@ -25,6 +25,7 @@ use Helpers; use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\SoftDeletes; use Auth; +use Gate; use Cache; use Poniverse\Ponyfm\Contracts\Searchable; use Poniverse\Ponyfm\Exceptions\TrackFileNotFoundException; @@ -217,8 +218,8 @@ class Album extends Model implements Searchable ], 'user_data' => $userData, 'permissions' => [ - 'delete' => Auth::check() && Auth::user()->id == $album->user_id, - 'edit' => Auth::check() && Auth::user()->id == $album->user_id + 'delete' => Gate::allows('delete', $album), + 'edit' => Gate::allows('edit', $album) ] ]; } diff --git a/public/templates/account/album.html b/public/templates/account/album.html index d2836506..ff6bd710 100644 --- a/public/templates/account/album.html +++ b/public/templates/account/album.html @@ -20,6 +20,11 @@
{{errors.description}}
+
+ + +
{{errors.username}}
+
diff --git a/public/templates/directives/track-editor.html b/public/templates/directives/track-editor.html index cafb5732..0b2bd178 100644 --- a/public/templates/directives/track-editor.html +++ b/public/templates/directives/track-editor.html @@ -108,11 +108,11 @@
-
- - -
{{errors.username}}
-
+
+ + +
{{errors.username}}
+
diff --git a/resources/assets/scripts/app/controllers/account-albums-edit.coffee b/resources/assets/scripts/app/controllers/account-albums-edit.coffee index 346c0c47..08ae35e9 100644 --- a/resources/assets/scripts/app/controllers/account-albums-edit.coffee +++ b/resources/assets/scripts/app/controllers/account-albums-edit.coffee @@ -25,8 +25,8 @@ window.pfm.preloaders['account-albums-edit'] = [ ] module.exports = angular.module('ponyfm').controller "account-albums-edit", [ - '$scope', '$state', '$dialog', 'account-albums' - ($scope, $state, $dialog, albums) -> + '$scope', '$state', '$dialog', 'account-albums', 'auth' + ($scope, $state, $dialog, albums, auth) -> $scope.isNew = $state.params.album_id == undefined $scope.data.isEditorOpen = true $scope.errors = {} @@ -35,6 +35,7 @@ module.exports = angular.module('ponyfm').controller "account-albums-edit", [ $scope.isSaving = false $scope.tracks = [] $scope.trackIds = {} + $scope.isAdmin = auth.data.isAdmin $scope.toggleTrack = (track) -> if $scope.trackIds[track.id] @@ -140,6 +141,7 @@ module.exports = angular.module('ponyfm').controller "account-albums-edit", [ $scope.album = id: album.id user_id: album.user_id + username: album.username title: album.title description: album.description remove_cover: false