saufi/eCert-MBIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: two-role system — super_admin & admin program (Fasa 12)

Browse Source 
- Replace is_admin boolean with role enum('super_admin','admin') via migration
- ProgramPolicy: admin program can only view/edit/delete own programs
- EnsureIsAdmin: accepts both roles; EnsureSuperAdmin: super_admin only
- UserController + views: super_admin can manage admin accounts
- Sidebar: user management link & role badge gated on isSuperAdmin()
- Fix Controller base class: add AuthorizesRequests trait
- Fix tests: replace nonAdmin() (invalid enum) with adminProgram() against super_admin-only route

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Saufi
2026-05-18 08:47:58 +08:00
parent 700fbd1bcc
commit c9b50ccc5e
18 changed files with 503 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
resources/views/admin/users/create.blade.php Normal file
View File

@@ -0,0 +1,76 @@
@extends('layouts.admin')
@section('title', 'Tambah Pengguna')
@section('header', 'Tambah Pengguna Baru')
@section('breadcrumb')
<li class="breadcrumb-item"><a href="{{ route('admin.users.index') }}">Pengguna</a></li>
<li class="breadcrumb-item active">Tambah Baru</li>
@endsection
@section('content')
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card border-0 shadow-sm">
<div class="card-body p-4">
<form method="POST" action="{{ route('admin.users.store') }}">
@csrf
<div class="mb-3">
<label class="form-label fw-medium">Nama Penuh <span class="text-danger">*</span></label>
<input type="text" name="name" value="{{ old('name') }}"
class="form-control @error('name') is-invalid @enderror"
placeholder="Nama penuh pengguna">
@error('name')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-3">
<label class="form-label fw-medium">Emel <span class="text-danger">*</span></label>
<input type="email" name="email" value="{{ old('email') }}"
class="form-control @error('email') is-invalid @enderror"
placeholder="pengguna@mbip.gov.my">
@error('email')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-3">
<label class="form-label fw-medium">Peranan <span class="text-danger">*</span></label>
<select name="role" class="form-select @error('role') is-invalid @enderror">
<option value="admin" {{ old('role') === 'admin' ? 'selected' : '' }}>
Admin Program Boleh urus program sendiri sahaja
</option>
<option value="super_admin" {{ old('role') === 'super_admin' ? 'selected' : '' }}>
Super Admin Boleh urus semua program & pengguna
</option>
</select>
@error('role')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-3">
<label class="form-label fw-medium">Kata Laluan <span class="text-danger">*</span></label>
<input type="password" name="password"
class="form-control @error('password') is-invalid @enderror"
placeholder="Minimum 8 aksara, huruf besar, huruf kecil, nombor">
@error('password')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-4">
<label class="form-label fw-medium">Sahkan Kata Laluan <span class="text-danger">*</span></label>
<input type="password" name="password_confirmation"
class="form-control"
placeholder="Ulang kata laluan">
</div>
<div class="d-flex gap-2">
<button type="submit" class="btn btn-primary">
<i class="bi bi-person-check me-1"></i> Tambah Pengguna
</button>
<a href="{{ route('admin.users.index') }}" class="btn btn-outline-secondary">Batal</a>
</div>
</form>
</div>
</div>
</div>
</div>
@endsection

77
resources/views/admin/users/edit.blade.php Normal file
View File

@@ -0,0 +1,77 @@
@extends('layouts.admin')
@section('title', 'Edit Pengguna — ' . $user->name)
@section('header', 'Edit Pengguna')
@section('breadcrumb')
<li class="breadcrumb-item"><a href="{{ route('admin.users.index') }}">Pengguna</a></li>
<li class="breadcrumb-item active">{{ Str::limit($user->name, 30) }}</li>
@endsection
@section('content')
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card border-0 shadow-sm">
<div class="card-body p-4">
<form method="POST" action="{{ route('admin.users.update', $user) }}">
@csrf @method('PUT')
<div class="mb-3">
<label class="form-label fw-medium">Nama Penuh <span class="text-danger">*</span></label>
<input type="text" name="name" value="{{ old('name', $user->name) }}"
class="form-control @error('name') is-invalid @enderror">
@error('name')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-3">
<label class="form-label fw-medium">Emel <span class="text-danger">*</span></label>
<input type="email" name="email" value="{{ old('email', $user->email) }}"
class="form-control @error('email') is-invalid @enderror">
@error('email')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-3">
<label class="form-label fw-medium">Peranan <span class="text-danger">*</span></label>
<select name="role" class="form-select @error('role') is-invalid @enderror"
{{ $user->id === auth()->id() ? 'disabled' : '' }}>
<option value="admin" {{ old('role', $user->role) === 'admin' ? 'selected' : '' }}>
Admin Program
</option>
<option value="super_admin" {{ old('role', $user->role) === 'super_admin' ? 'selected' : '' }}>
Super Admin
</option>
</select>
@if($user->id === auth()->id())
<input type="hidden" name="role" value="{{ $user->role }}">
<div class="form-text text-warning"><i class="bi bi-exclamation-circle me-1"></i>Anda tidak boleh tukar peranan akaun sendiri.</div>
@endif
@error('role')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-3">
<label class="form-label fw-medium">Kata Laluan Baru <span class="text-muted small">(kosongkan jika tidak tukar)</span></label>
<input type="password" name="password"
class="form-control @error('password') is-invalid @enderror"
placeholder="Minimum 8 aksara, huruf besar, huruf kecil, nombor">
@error('password')<div class="invalid-feedback">{{ $message }}</div>@enderror
</div>
<div class="mb-4">
<label class="form-label fw-medium">Sahkan Kata Laluan Baru</label>
<input type="password" name="password_confirmation" class="form-control">
</div>
<div class="d-flex gap-2">
<button type="submit" class="btn btn-primary">
<i class="bi bi-check-lg me-1"></i> Simpan Perubahan
</button>
<a href="{{ route('admin.users.index') }}" class="btn btn-outline-secondary">Batal</a>
</div>
</form>
</div>
</div>
</div>
</div>
@endsection

83
resources/views/admin/users/index.blade.php Normal file
View File

@@ -0,0 +1,83 @@
@extends('layouts.admin')
@section('title', 'Pengurusan Pengguna')
@section('header', 'Pengurusan Pengguna')
@section('breadcrumb')
<li class="breadcrumb-item active">Pengguna</li>
@endsection
@section('header-actions')
<a href="{{ route('admin.users.create') }}" class="btn btn-sm btn-primary">
<i class="bi bi-person-plus me-1"></i> Tambah Pengguna
</a>
@endsection
@section('content')
<div class="card border-0 shadow-sm">
<div class="table-responsive">
<table class="table table-hover align-middle mb-0">
<thead class="table-light">
<tr>
<th>Nama</th>
<th>Emel</th>
<th>Peranan</th>
<th class="text-center">Program</th>
<th>Tarikh Daftar</th>
<th></th>
</tr>
</thead>
<tbody>
@forelse($users as $user)
<tr>
<td>
<div class="fw-medium">{{ $user->name }}</div>
@if($user->id === auth()->id())
<span class="badge bg-light text-muted border" style="font-size:.65rem;">Anda</span>
@endif
</td>
<td class="small text-muted">{{ $user->email }}</td>
<td>
@if($user->role === 'super_admin')
<span class="badge bg-danger">Super Admin</span>
@else
<span class="badge bg-primary">Admin Program</span>
@endif
</td>
<td class="text-center">
<span class="badge bg-secondary">{{ $user->programs_count }}</span>
</td>
<td class="small text-muted">{{ $user->created_at->format('d/m/Y') }}</td>
<td class="text-end">
<a href="{{ route('admin.users.edit', $user) }}"
class="btn btn-sm btn-outline-secondary">
<i class="bi bi-pencil"></i>
</a>
@if($user->id !== auth()->id())
<form method="POST" action="{{ route('admin.users.destroy', $user) }}"
class="d-inline"
onsubmit="return confirm('Padam pengguna {{ addslashes($user->name) }}? Program mereka tidak akan terjejas.')">
@csrf @method('DELETE')
<button class="btn btn-sm btn-outline-danger">
<i class="bi bi-trash"></i>
</button>
</form>
@endif
</td>
</tr>
@empty
<tr>
<td colspan="6" class="text-center py-4 text-muted">Tiada pengguna dijumpai.</td>
</tr>
@endforelse
</tbody>
</table>
</div>
@if($users->hasPages())
<div class="card-footer bg-white">{{ $users->links() }}</div>
@endif
</div>
@endsection

22
resources/views/layouts/admin.blade.php
View File

@@ -46,11 +46,26 @@
<i class="bi bi-clipboard2-check-fill"></i> Set Soalselidik
</a>
</li>
@if(auth()->user()->isSuperAdmin())
<li class="nav-item mt-2">
<small class="text-white-50 px-3" style="font-size:.7rem; text-transform:uppercase; letter-spacing:.8px;">Sistem</small>
</li>
<li class="nav-item">
<a href="{{ route('admin.users.index') }}"
class="nav-link {{ request()->routeIs('admin.users.*') ? 'active' : '' }}">
<i class="bi bi-people-fill"></i> Pengurusan Pengguna
</a>
</li>
@endif
</ul>
<div class="px-3 pb-3 mt-auto">
<div class="border-top border-white border-opacity-25 pt-3">
<small class="text-white-50 d-block mb-1">{{ auth()->user()->name }}</small>
<span class="badge {{ auth()->user()->isSuperAdmin() ? 'bg-danger' : 'bg-primary' }} mb-2 d-inline-block">
{{ auth()->user()->isSuperAdmin() ? 'Super Admin' : 'Admin Program' }}
</span>
<form method="POST" action="{{ route('logout') }}">
@csrf
<button type="submit" class="btn btn-sm btn-outline-light w-100">
@@ -145,6 +160,13 @@
<i class="bi bi-clipboard2-check-fill me-2"></i>Set Soalselidik
</a>
</li>
@if(auth()->user()->isSuperAdmin())
<li class="nav-item">
<a href="{{ route('admin.users.index') }}" class="nav-link {{ request()->routeIs('admin.users.*') ? 'active' : '' }}" style="color:rgba(255,255,255,.85);">
<i class="bi bi-people-fill me-2"></i>Pengurusan Pengguna
</a>
</li>
@endif
</ul>
</div>
</div>