feat: granular permissions, export backup, user/role management
Some checks failed
Tests / PHP 8.3 (push) Has been cancelled
Tests / PHP 8.4 (push) Has been cancelled
Tests / PHP 8.5 (push) Has been cancelled

- PermissionSeeder: 29 permissions with role mapping (admin/manager/staff)
- Policies updated to use hasPermissionTo() instead of hasRole()
- ExportBackup command: JSON per-table backup with chunk processing
- UserResource: CRUD users with role assignment (admin only)
- RoleResource: CRUD roles with permission assignment (admin only)
- UserPolicy + RolePolicy: admin-only access control
- ImportCskh: detailed skip logging with color in dry-run mode
- Widgets: permission-based visibility checks
- Tests: 8/8 pass (21 assertions)
This commit is contained in:
2026-05-02 04:47:10 +00:00
parent 7c5055075b
commit 3a8db5cae6
40 changed files with 1804 additions and 440 deletions

View File

@@ -20,7 +20,7 @@ class ResolvedTicketsWidget extends BaseWidget
Feedback::query()
->where('status', 'resolved')
->when(
auth()->user()->hasRole('manager'),
auth()->user()->hasRole('manager') && ! auth()->user()->hasRole('admin'),
function ($q) {
$deptIds = Department::where('manager_id', auth()->id())->pluck('id');
return $q->whereIn('current_department_id', $deptIds);
@@ -30,30 +30,47 @@ class ResolvedTicketsWidget extends BaseWidget
->columns([
TextColumn::make('id')
->label('#')
->sortable(),
->sortable()
->weight('bold')
->color('primary'),
TextColumn::make('title')
->label('Ticket')
->searchable()
->url(fn (Feedback $record): string => FeedbackResource::getUrl('edit', ['record' => $record])),
->weight('semibold')
->url(fn (Feedback $record): string => FeedbackResource::getUrl('edit', ['record' => $record]))
->color('primary'),
TextColumn::make('customer.name')
->label('Customer')
->searchable(),
TextColumn::make('customerProduct.product.name')
->label('Product')
->placeholder('General'),
TextColumn::make('assignedTo.name')
->label('Handler'),
TextColumn::make('currentDepartment.name')
->label('Department'),
->label('Department')
->badge()
->color('info'),
TextColumn::make('updated_at')
->label('Resolved Date')
->dateTime('d/m/Y')
->sortable(),
->label('Resolved')
->since()
->sortable()
->color('secondary'),
])
->defaultSort('updated_at', 'desc')
->heading('Tickets Awaiting Closure (Resolved)')
->description('Tickets that have been resolved and are pending manager review for closure.');
->heading('Tickets Awaiting Closure')
->description('Tickets that have been resolved and are pending manager review for closure.')
->paginated([5]);
}
public static function canView(): bool
{
return auth()->user()?->hasRole(['admin', 'manager']) ?? false;
return auth()->user()?->hasPermissionTo('view-dashboard-widgets') ?? false;
}
}