Skip to content

Commit

Permalink
Merge pull request #15563 from snipe/refined_gates_on_user_bulk
Browse files Browse the repository at this point in the history 
Update for #15534 - Refined gates on user bulk
  • Loading branch information
@snipe
snipe authored Sep 25, 2024
2 parents 9b03f46 + 3f0245f commit ac64117
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 20 deletions.
6 changes: 4 additions & 2 deletions app/Http/Controllers/Users/BulkUsersController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ class BulkUsersController extends Controller
*/
public function edit(Request $request)
{
$this->authorize('update', User::class);
$this->authorize('view', User::class);

// Make sure there were users selected
if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
Expand All @@ -48,16 +48,18 @@ public function edit(Request $request)

// bulk edit, display the bulk edit form
if ($request->input('bulk_actions') == 'edit') {
$this->authorize('update', User::class);
return view('users/bulk-edit', compact('users'))
->with('groups', Group::pluck('name', 'id'));

// bulk delete, display the bulk delete confirmation form
} elseif ($request->input('bulk_actions') == 'delete') {
$this->authorize('delete', User::class);
return view('users/confirm-bulk-delete')->with('users', $users)->with('statuslabel_list', Helper::statusLabelList());

// merge, confirm they have at least 2 users selected and display the merge screen
} elseif ($request->input('bulk_actions') == 'merge') {

$this->authorize('delete', User::class);
if (($request->filled('ids')) && (count($request->input('ids')) > 1)) {
return view('users/confirm-merge')->with('users', $users);
// Not enough users selected, send them back
Expand Down
43 changes: 25 additions & 18 deletions resources/views/partials/users-bulk-actions.blade.php
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,31 @@
<div id="userBulkEditToolbar">
@can('view', \App\Models\User::class)
<div id="userBulkEditToolbar">
{{ Form::open([
'method' => 'POST',
'route' => ['users/bulkedit'],
'class' => 'form-inline',
'id' => 'usersBulkForm']) }}

@if (request('status')!='deleted')
@can('delete', \App\Models\User::class)
<div id="users-toolbar">
<label for="bulk_actions" class="sr-only">{{ trans('general.bulk_actions') }}</label>
<select name="bulk_actions" class="form-control select2" style="min-width:300px;" aria-label="bulk_actions">
<option value="edit">{{ trans('general.bulk_edit') }}</option>
<option value="delete">{!! trans('general.bulk_checkin_delete') !!}</option>
<option value="merge">{!! trans('general.merge_users') !!}</option>
<option value="bulkpasswordreset">{{ trans('button.send_password_link') }}</option>
<option value="print">{{ trans('admin/users/general.print_assigned') }}</option>
</select>
<button class="btn btn-primary" id="bulkUserEditButton" disabled>{{ trans('button.go') }}</button>
</div>
@endcan
@endif
{{ Form::close() }}
</div>
@if (request('status')!='deleted')
<div id="users-toolbar">
<label for="bulk_actions" class="sr-only">{{ trans('general.bulk_actions') }}</label>
<select name="bulk_actions" class="form-control select2" style="min-width:300px;" aria-label="bulk_actions">

@can('update', \App\Models\User::class)
<option value="edit">{{ trans('general.bulk_edit') }}</option>
@endcan

@can('delete', \App\Models\User::class)
<option value="delete">{!! trans('general.bulk_checkin_delete') !!}</option>
<option value="merge">{!! trans('general.merge_users') !!}</option>
@endcan

<option value="bulkpasswordreset">{{ trans('button.send_password_link') }}</option>
<option value="print">{{ trans('admin/users/general.print_assigned') }}</option>
</select>
<button class="btn btn-primary" id="bulkUserEditButton" disabled>{{ trans('button.go') }}</button>
</div>
@endif
{{ Form::close() }}
</div>
@endcan

0 comments on commit ac64117

Please sign in to comment.