Skip to content

Commit

Permalink
Fix training permissions so Senior Staff can see training records.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Jonhasacat
Jonhasacat committed Mar 7, 2024
1 parent 4ddabf1 commit 953d298
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 22 deletions.
13 changes: 4 additions & 9 deletions app/Http/Controllers/TrainingController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,7 @@ function getOTSEval(
->has('perfcats.indicators')->withAll()->find($form)
: OTSEvalForm::has('perfcats')->has('perfcats.indicators')
->withAll()->where('rating_id', $student->rating + 1)->first();
if (!RoleHelper::isInstructor(Auth::user()->cid,
$student->facility) && !RoleHelper::isInstructor(Auth::user()->cid, $form->facility)) {
if (!RoleHelper::isInstructor() && !RoleHelper::isFacilitySeniorStaff()) {
abort(403);
}
if (!$student || !$form) {
Expand All @@ -77,10 +76,7 @@ function viewOTSEval(
abort(404, "The OTS evaluation form is invalid.");
}
$student = $eval->student;
if (!RoleHelper::isInstructor(Auth::user()->cid,
$student->facility) && !RoleHelper::isInstructor(Auth::user()->cid,
$eval->facility) && !RoleHelper::isFacilitySeniorStaff(Auth::user()->cid,
$student->facility) && !RoleHelper::isFacilitySeniorStaff(Auth::user()->cid, $eval->facility)) {
if (!RoleHelper::isInstructor() && !RoleHelper::isFacilitySeniorStaff()) {
abort(403);
}
$attempt = Helper::numToOrdinalWord(OTSEval::where([
Expand Down Expand Up @@ -165,7 +161,7 @@ function seconds_to_string($seconds): string
foreach ($insByRole as $ins) {
$instructors[$ins->cid] = $ins->user;
}
foreach($insByRating as $ins) {
foreach ($insByRating as $ins) {
$instructors[$ins->cid] = $ins;
}

Expand Down Expand Up @@ -662,8 +658,7 @@ function viewOTSEvalStatistics(
if (!$interval) {
abort(400);
}
if (!RoleHelper::isInstructor(Auth::user()->cid,
$facility) || ($instructor && !RoleHelper::isInstructor($instructor, $facility))) {
if (!RoleHelper::isInstructor() && !RoleHelper::isFacilitySeniorStaff()) {
abort(403);
}

Expand Down
18 changes: 8 additions & 10 deletions resources/views/layout.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,7 @@ class="fas fa-sign-out-alt"></i> Logout</a>
<li><a href="{{url("mgt/transfer") }}">Submit Transfer Request</a></li>
@endif

@if(\App\Classes\RoleHelper::isInstructor() || \App\Classes\RoleHelper::isFacilitySeniorStaff() || \App\Classes\RoleHelper::isAcademyStaff())
@if(\App\Classes\RoleHelper::isInstructor() || \App\Classes\RoleHelper::isFacilitySeniorStaff())
<!-- Training -->
<li class="nav-divider"></li>
<li class="dropdown-header">
Expand All @@ -332,15 +332,13 @@ class="fas fa-sign-out-alt"></i> Logout</a>
</li>

<!-- Training Statistics [INS/ATM/DATM/TA/VATUSA] -->
@if (\App\Classes\RoleHelper::isTrainingStaff())
<li><a href="{{ url("/mgt/facility/training/stats") }}">Training
Statistics</a>
</li>
<li><a href="{{ url("/mgt/facility/training/evals") }}">OTS
Evaluations</a>
</li>
<!--This is exactly like the Training tab of records, but with OTS Evals. ARTCC select, position groups, and everything. -->
@endif
<li>
<a href="{{ url("/mgt/facility/training/stats") }}">Training Statistics</a>
</li>
<li>
<a href="{{ url("/mgt/facility/training/evals") }}">OTS Evaluations</a>
</li>
<!--This is exactly like the Training tab of records, but with OTS Evals. ARTCC select, position groups, and everything. -->
@endif

<!-- Division -->
Expand Down
7 changes: 4 additions & 3 deletions resources/views/mgt/controller/training/training.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,9 +108,8 @@ class="glyphicon @if($i > $record->score) glyphicon-star-empty @else glyphicon-s
<button class="btn btn-primary view-tr"
data-id="{{ $record->id }}"><span
class="glyphicon glyphicon-eye-open"></span></button>
@php $canModify = \App\Classes\RoleHelper::isFacilitySeniorStaff(Auth::user()->cid, $trainingfac) ||
(\App\Classes\RoleHelper::isTrainingStaff(Auth::user()->cid, true, $trainingfac)
&& $record->instructor_id == Auth::user()->cid);
@php $canModify = \App\Classes\RoleHelper::isTrainingStaff(Auth::user()->cid, true, $trainingfac)
&& $record->instructor_id == Auth::user()->cid;
$isUSAStaff = \App\Classes\RoleHelper::isVATUSAStaff();
$ownRecord = $record->student_id == Auth::user()->cid;
$canEditDelete = !in_array($record->ots_status, [1, 2]); @endphp
Expand All @@ -119,6 +118,8 @@ class="glyphicon glyphicon-eye-open"></span></button>
data-id="{{ $record->id }}"><span
class="glyphicon glyphicon-pencil"></span>
</button>
@endif
@if($isUSAStaff)
<button class="btn btn-danger delete-tr"
data-id="{{ $record->id }}"><span
class="glyphicon glyphicon-remove"></span></button>
Expand Down

0 comments on commit 953d298

Please sign in to comment.