feat: granular permissions, export backup, user/role management
- PermissionSeeder: 29 permissions with role mapping (admin/manager/staff) - Policies updated to use hasPermissionTo() instead of hasRole() - ExportBackup command: JSON per-table backup with chunk processing - UserResource: CRUD users with role assignment (admin only) - RoleResource: CRUD roles with permission assignment (admin only) - UserPolicy + RolePolicy: admin-only access control - ImportCskh: detailed skip logging with color in dry-run mode - Widgets: permission-based visibility checks - Tests: 8/8 pass (21 assertions)
This commit is contained in:
@@ -20,7 +20,7 @@ class ResolvedTicketsWidget extends BaseWidget
|
||||
Feedback::query()
|
||||
->where('status', 'resolved')
|
||||
->when(
|
||||
auth()->user()->hasRole('manager'),
|
||||
auth()->user()->hasRole('manager') && ! auth()->user()->hasRole('admin'),
|
||||
function ($q) {
|
||||
$deptIds = Department::where('manager_id', auth()->id())->pluck('id');
|
||||
return $q->whereIn('current_department_id', $deptIds);
|
||||
@@ -30,30 +30,47 @@ class ResolvedTicketsWidget extends BaseWidget
|
||||
->columns([
|
||||
TextColumn::make('id')
|
||||
->label('#')
|
||||
->sortable(),
|
||||
->sortable()
|
||||
->weight('bold')
|
||||
->color('primary'),
|
||||
|
||||
TextColumn::make('title')
|
||||
->label('Ticket')
|
||||
->searchable()
|
||||
->url(fn (Feedback $record): string => FeedbackResource::getUrl('edit', ['record' => $record])),
|
||||
->weight('semibold')
|
||||
->url(fn (Feedback $record): string => FeedbackResource::getUrl('edit', ['record' => $record]))
|
||||
->color('primary'),
|
||||
|
||||
TextColumn::make('customer.name')
|
||||
->label('Customer')
|
||||
->searchable(),
|
||||
|
||||
TextColumn::make('customerProduct.product.name')
|
||||
->label('Product')
|
||||
->placeholder('General'),
|
||||
|
||||
TextColumn::make('assignedTo.name')
|
||||
->label('Handler'),
|
||||
|
||||
TextColumn::make('currentDepartment.name')
|
||||
->label('Department'),
|
||||
->label('Department')
|
||||
->badge()
|
||||
->color('info'),
|
||||
|
||||
TextColumn::make('updated_at')
|
||||
->label('Resolved Date')
|
||||
->dateTime('d/m/Y')
|
||||
->sortable(),
|
||||
->label('Resolved')
|
||||
->since()
|
||||
->sortable()
|
||||
->color('secondary'),
|
||||
])
|
||||
->defaultSort('updated_at', 'desc')
|
||||
->heading('Tickets Awaiting Closure (Resolved)')
|
||||
->description('Tickets that have been resolved and are pending manager review for closure.');
|
||||
->heading('Tickets Awaiting Closure')
|
||||
->description('Tickets that have been resolved and are pending manager review for closure.')
|
||||
->paginated([5]);
|
||||
}
|
||||
|
||||
public static function canView(): bool
|
||||
{
|
||||
return auth()->user()?->hasRole(['admin', 'manager']) ?? false;
|
||||
return auth()->user()?->hasPermissionTo('view-dashboard-widgets') ?? false;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user