diff --git a/app/Livewire/Admin/Client/AddClient.php b/app/Livewire/Admin/Client/AddClient.php
index 4ef7c0e..f62fc53 100644
--- a/app/Livewire/Admin/Client/AddClient.php
+++ b/app/Livewire/Admin/Client/AddClient.php
@@ -18,9 +18,11 @@ class AddClient extends Component
public function save(ClientService $clientService)
{
- $this->form->validate();
try {
+ $this->authorize('addClient', Auth::user());
+ $this->form->validate();
+
$data = $this->form->all();
$data['name'] = $data['client_name'];
@@ -36,7 +38,7 @@ public function save(ClientService $clientService)
$this->dispatch('client-added');
$this->dispatch('notify', message: $client->name . ' adicionado com sucesso!');
} catch (\Exception $e) {
- $this->dispatch('notify', message: 'Ocorreu um erro inesperado ao salvar.', type: 'error');
+ $this->dispatch('notify', message: 'Ocorreu um erro inesperado ao salvar. ' . $e->getMessage(), type: 'error');
}
}
diff --git a/app/Livewire/Admin/Client/DeleteClient.php b/app/Livewire/Admin/Client/DeleteClient.php
index e1ad1f6..d3c951e 100644
--- a/app/Livewire/Admin/Client/DeleteClient.php
+++ b/app/Livewire/Admin/Client/DeleteClient.php
@@ -5,25 +5,36 @@
use Livewire\Component;
use Livewire\Attributes\On;
use App\Models\Client;
+use Exception;
+use Illuminate\Support\Facades\Auth;
class DeleteClient extends Component
{
#[On('confirm-delete')]
public function deleteClient($payload)
{
+ try {
+ // Sua lógica de autorização e exclusão (Correta)
+ $this->authorize('deleteClient', Auth::user());
- $deletedClient = Client::findOrFail($payload);
+ $deletedClient = Client::findOrFail($payload);
- if ($deletedClient) {
- $deletedClient->delete();
+ if ($deletedClient) {
+ $deletedClient->delete();
+ }
+
+ // Sucesso (Dentro do try, onde deve estar)
+ $this->dispatch('client-deleted');
+ $this->dispatch('notify', message: 'Cliente excluído com sucesso!');
+
+ } catch (Exception $e) {
+ // Tratamento de erro
+ $this->dispatch('notify', message: 'Você não possui permissão para realizar essa ação.', type: 'error');
}
-
- $this->dispatch('client-deleted');
- $this->dispatch('notify', message: 'Cliente excluído com sucesso!');
}
public function render()
{
return '';
}
-}
+}
\ No newline at end of file
diff --git a/app/Livewire/Admin/Client/EditClient.php b/app/Livewire/Admin/Client/EditClient.php
index 0dc71da..7a27f8b 100644
--- a/app/Livewire/Admin/Client/EditClient.php
+++ b/app/Livewire/Admin/Client/EditClient.php
@@ -5,6 +5,7 @@
use App\Livewire\Forms\ClientForm;
use App\Models\Client;
use App\Services\ClientService;
+use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Crypt;
use Livewire\Attributes\On;
use Livewire\Component;
@@ -18,7 +19,6 @@ class EditClient extends Component
public Client $client;
public ClientForm $clientForm;
- // public ClientService $clientService;
#[On('update-client')]
public function loadClient($id)
@@ -35,17 +35,19 @@ public function loadClient($id)
}
public function edit(ClientService $clientService)
{
- $data = $this->clientForm->validate();
-
- if ($this->clientForm->profile_image_path) {
- $path = $this->clientForm->profile_image_path->store('client_logos', 'public');
- $data['profile_image_path'] = $path;
- }
-
- $data['root_password'] = Crypt::encryptString($data['root_password']);
-
try {
+
+ $this->authorize('editClient', Auth::user());
+ $data = $this->clientForm->validate();
+
+ if ($this->clientForm->profile_image_path) {
+ $path = $this->clientForm->profile_image_path->store('client_logos', 'public');
+ $data['profile_image_path'] = $path;
+ }
+
+ $data['root_password'] = Crypt::encryptString($data['root_password']);
+
if (!$clientService->updateClient($this->client, $data)) {
throw new Exception('O serviço não confirmou a atualização.');
}
diff --git a/app/Livewire/Admin/User/CreateUser.php b/app/Livewire/Admin/User/CreateUser.php
index 9add896..de6e8a2 100644
--- a/app/Livewire/Admin/User/CreateUser.php
+++ b/app/Livewire/Admin/User/CreateUser.php
@@ -34,11 +34,10 @@ class CreateUser extends Component
public function createUser(UserService $userService)
{
- $validated = $this->validate($this->rules, $this->messages);
-
try {
-
$this->authorize('createUser', Auth::user());
+ $validated = $this->validate($this->rules, $this->messages);
+
$user = $userService->createUser($validated);
@@ -49,6 +48,7 @@ public function createUser(UserService $userService)
$this->dispatch('notify', message: 'Usuário cadastrado com sucesso!');
} catch (\Exception $e) {
$this->addError('general', $e->getMessage());
+ $this->dispatch('notify', message: 'Ocorreu um erro ao criar o usuário. ' . $e->getMessage(), type: 'error');
}
}
diff --git a/app/Livewire/Admin/User/DeleteUser.php b/app/Livewire/Admin/User/DeleteUser.php
index 9871804..2a0999f 100644
--- a/app/Livewire/Admin/User/DeleteUser.php
+++ b/app/Livewire/Admin/User/DeleteUser.php
@@ -6,6 +6,7 @@
use Livewire\Attributes\On;
use App\Models\User;
use App\Services\UserService;
+use Illuminate\Support\Facades\Auth;
use Exception;
class DeleteUser extends Component
@@ -14,9 +15,11 @@ class DeleteUser extends Component
#[On('confirm-delete-user')]
public function deleteUser(UserService $userService, $payload)
{
-
- $deletedUser = User::findOrFail($payload);
try {
+
+ $this->authorize('deleteUser', Auth::user());
+
+ $deletedUser = User::findOrFail($payload);
if ($deletedUser) {
$deletedUser = $userService->deleteUser($deletedUser);
}
@@ -25,7 +28,7 @@ public function deleteUser(UserService $userService, $payload)
$this->dispatch('notify', message: $deletedUser->name . ' Usuário excluído com sucesso!');
} catch (Exception $e) {
$this->dispatch('user-delete-error');
- $this->dispatch('notify', message: $e->getMessage());
+ $this->dispatch('notify', message: $e->getMessage(), type: 'error');
}
}
diff --git a/app/Livewire/Admin/User/EditUser.php b/app/Livewire/Admin/User/EditUser.php
index b522ae0..2f35740 100644
--- a/app/Livewire/Admin/User/EditUser.php
+++ b/app/Livewire/Admin/User/EditUser.php
@@ -7,6 +7,7 @@
use Livewire\Component;
use Livewire\Attributes\On;
use App\Services\UserService;
+use Illuminate\Support\Facades\Auth;
class EditUser extends Component
{
@@ -31,8 +32,11 @@ public function loadUser($id)
}
public function editUser(UserService $userService)
{
- $data = $this->userForm->validate();
+
try {
+ $this->authorize('editUser', Auth::user());
+ $data = $this->userForm->validate();
+
if (!$userService->updateUser($this->user, $data)) {
throw new \Exception('O serviço não confirmou a atualização.');
}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index b3423a4..e627d7c 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -22,8 +22,21 @@ public function register(): void
*/
public function boot(): void
{
- Gate::define('createUser', function (User $user) {
- return isset($user->permissions) ? in_array('admin', $user->permissions) : false;
- });
+ // Lista de todas as ações que são exclusivas de Admin
+ $adminActions = [
+ 'createUser',
+ 'editUser',
+ 'deleteUser',
+ 'addClient', // Exemplo
+ 'deleteClient', // Exemplo
+ 'editClient',
+ ];
+
+ foreach ($adminActions as $action) {
+ Gate::define($action, function (User $user) {
+ // A lógica fica centralizada aqui. Se mudar, muda pra todos.
+ return isset($user->permissions) && in_array('admin', $user->permissions);
+ });
+ }
}
}
diff --git a/app/Services/UserService.php b/app/Services/UserService.php
index 7af14fc..6f590cd 100644
--- a/app/Services/UserService.php
+++ b/app/Services/UserService.php
@@ -13,6 +13,8 @@ class UserService
public function __construct(protected User $user) {}
public function createUser(array $user)
{
+ $permissions = [$user['permissions']];
+ $user['permissions'] = $permissions;
return User::create($user);
}
diff --git a/resources/views/components/flash-messages.blade.php b/resources/views/components/flash-messages.blade.php
index d78d96e..4beca58 100644
--- a/resources/views/components/flash-messages.blade.php
+++ b/resources/views/components/flash-messages.blade.php
@@ -12,7 +12,7 @@
}
}" @notify.window="addToast($event.detail.message, $event.detail.type || 'success')"
@notifyError.window="addToast($event.detail.message, $event.detail.type || 'error')"
- class="fixed top-5 right-5 z-50 flex w-full max-w-xs flex-col space-y-3">
+ class="fixed top-5 right-5 z-50000 flex w-full max-w-xs flex-col space-y-3">