Added settings API
This commit is contained in:
Sockenklaus
@@ -6,7 +6,6 @@
|
||||
*/
|
||||
|
||||
import Bouncer from '@ioc:Adonis/Addons/Bouncer'
|
||||
import Employee from 'App/Models/Employee'
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
@@ -32,37 +31,6 @@ import Employee from 'App/Models/Employee'
|
||||
*/
|
||||
export const { actions } = Bouncer
|
||||
|
||||
.define('employees.index', (user: Employee) => {
|
||||
if(user.role !== 'admin') return Bouncer.deny('You are not allowed to view all employees')
|
||||
return true
|
||||
})
|
||||
|
||||
.define('employees.show', (user: Employee, query: Employee) => {
|
||||
if(user.role !== 'admin' && user.id !== query.id){
|
||||
return Bouncer.deny('You are not allowd to view employees other than yourself')
|
||||
}
|
||||
return true
|
||||
})
|
||||
|
||||
.define('employees.store', (user: Employee) => {
|
||||
if(user.role !== 'admin') return Bouncer.deny('You are not allowd to create any employees')
|
||||
return true
|
||||
})
|
||||
|
||||
.define('employees.destroy', (user: Employee) => {
|
||||
if(user.role !== 'admin') return Bouncer.deny('You are not allowed to delete any employees')
|
||||
return true
|
||||
})
|
||||
|
||||
.define('employees.update', (user: Employee, editContractHours : boolean, query: Employee) => {
|
||||
if(user.id !== query.id && user.role !== 'admin'){
|
||||
return Bouncer.deny('You are not allowed to edit employees other than yourself.')
|
||||
} else if (editContractHours && user.role !== 'admin'){
|
||||
return Bouncer.deny('You are not allowed to edit your contract hours.')
|
||||
}
|
||||
return true
|
||||
})
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Bouncer Policies
|
||||
@@ -86,4 +54,7 @@ export const { actions } = Bouncer
|
||||
| NOTE: Always export the "policies" const from this file
|
||||
|****************************************************************
|
||||
*/
|
||||
export const { policies } = Bouncer.registerPolicies({})
|
||||
export const { policies } = Bouncer.registerPolicies({
|
||||
EmployeesPolicy: () => import('App/Policies/EmployeesPolicy'),
|
||||
SettingsPolicy: () => import('App/Policies/SettingsPolicy'),
|
||||
})
|
||||
|
||||
@@ -30,6 +30,11 @@ Route.group(() => {
|
||||
Route.post('logout', 'AuthController.logout').as('logout')
|
||||
|
||||
Route.resource('employees', 'EmployeesController').apiOnly()
|
||||
|
||||
Route.get('settings/:userId', 'SettingsController.list').as('settings.list')
|
||||
Route.get('settings/:userId/:key', 'SettingsController.get').as('settings.get')
|
||||
Route.post('settings/:userId', 'SettingsController.set').as('settings.set')
|
||||
Route.delete('settings/:userId/:key', 'SettingsController.delete').as('settings.delete')
|
||||
})
|
||||
.prefix('api/v1')
|
||||
.middleware('auth')
|
||||
|
||||
Reference in New Issue
Block a user