fix(views): restrict edit/delete actions to admin role

Wrap admin-only UI elements with role check directives:
- Schedule edit/copy modal (schedule/index.blade.php)
- Order export and delete buttons (orders/show.blade.php)
- Reclamation edit/delete actions (reclamations/edit.blade.php)

Prevents unauthorized users from accessing administrative functions

resources/views/orders/show.blade.php

@@ -18,6 +18,8 @@
                 @if(hasRole('admin,manager'))
                     <a href="{{ route('order.edit', ['order' => $order, 'previous_url' => $previous_url]) }}"
                        class="btn btn-sm mb-1 btn-primary">Редактировать</a>
+                @endif
+                @if(hasRole('admin'))
                     <a href="#" class="btn btn-sm btn-primary mb-1" onclick="$('#export-order').submit()">Экспорт МАФ</a>
                     <form class="d-none" method="post" action="{{ route('order.export-one', $order) }}" id="export-order">
                         @csrf
@@ -307,7 +309,7 @@
                             </table>
                         </div>
                         <div>
-                            @if(hasRole('admin,manager'))
+                            @if(hasRole('admin'))
                                 <a href="{{ route('order.get-maf', $order) }}"
                                    class="btn btn-primary btn-sm mb-1 @disabled($order->ready_to_mount == 'Нет' )">Привязать
                                     все МАФы</a>
@@ -319,6 +321,8 @@
                                         data-bs-target="#moveModal">Перенести МАФы
                                 </button>
                                 <br class="d-md-none">
+                            @endif
+                            @if(hasRole('admin,manager'))
                                 <button class="btn btn-sm mb-1 btn-warning" id="create-reclamation-button">Создать
                                     рекламацию
                                 </button>
@@ -327,7 +331,8 @@
                                     @csrf
                                 </form>
                                 <br class="d-md-none">
-
+                            @endif
+                            @if(hasRole('admin'))
                                 <a href="#" class="btn btn-primary btn-sm mb-1" id="ttnBtn">ТН</a>
                             @endif
                                 <br class="d-md-none">
@@ -343,80 +348,82 @@
         </div>
     </div>
 
-    <!-- Модальное окно графика -->
-    <div class="modal fade" id="copySchedule" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
-        <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
-            <div class="modal-content">
-                <div class="modal-header">
-                    <h1 class="modal-title fs-5" id="addModalLabel">Перенести в график монтажей</h1>
-                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
-                </div>
-                <div class="modal-body">
-                    <form action="{{ route('schedule.create-from-order') }}" method="post" id="scheduleCreateForm">
-                        @csrf
-                        <div>
-                            <input type="hidden" name="order_id" value="{{ $order->id }}">
-                            <textarea name="comment" placeholder="Комментарий для графика" class="form-control mb-3"></textarea>
+    @if(hasRole('admin'))
+        <!-- Модальное окно графика -->
+        <div class="modal fade" id="copySchedule" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
+            <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
+                <div class="modal-content">
+                    <div class="modal-header">
+                        <h1 class="modal-title fs-5" id="addModalLabel">Перенести в график монтажей</h1>
+                        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
+                    </div>
+                    <div class="modal-body">
+                        <form action="{{ route('schedule.create-from-order') }}" method="post" id="scheduleCreateForm">
+                            @csrf
+                            <div>
+                                <input type="hidden" name="order_id" value="{{ $order->id }}">
+                                <textarea name="comment" placeholder="Комментарий для графика" class="form-control mb-3"></textarea>
 
-                            <input type="checkbox" checked="checked" id="sendNotifications" name="send_notifications" class="form-check-inline">
-                            <label for="sendNotifications" class="form-check-label mb-2">Уведомить менеджера и бригадира</label><br>
+                                <input type="checkbox" checked="checked" id="sendNotifications" name="send_notifications" class="form-check-inline">
+                                <label for="sendNotifications" class="form-check-label mb-2">Уведомить менеджера и бригадира</label><br>
 
-                            <input type="checkbox" id="deleteOldRecords" name="delete_old_records" class="form-check-inline">
-                            <label for="deleteOldRecords" class="form-check-label mb-2">Удалить старые записи в графике для этой площадки?</label><br>
+                                <input type="checkbox" id="deleteOldRecords" name="delete_old_records" class="form-check-inline">
+                                <label for="deleteOldRecords" class="form-check-label mb-2">Удалить старые записи в графике для этой площадки?</label><br>
 
-                            <button type="submit" class="btn btn-primary btn-sm">Обновить график</button>
-                        </div>
-                    </form>
+                                <button type="submit" class="btn btn-primary btn-sm">Обновить график</button>
+                            </div>
+                        </form>
+                    </div>
                 </div>
             </div>
         </div>
-    </div>
 
-    <!-- Модальное окно ТН -->
-    <div class="modal fade" id="createTtnModal" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
-        <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
-            <div class="modal-content">
-                <div class="modal-header">
-                    <h1 class="modal-title fs-5" id="addModalLabel">Введите данные для ТН</h1>
-                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
-                </div>
-                <div class="modal-body">
-                    <form action="{{ route('order.create-ttn') }}" method="post" id="ttnForm">
-                        @csrf
-                        <div>
-                            <input type="text" class="form-control mb-2" name="order_number" placeholder="Номер заказа">
-                            <input type="date" class="form-control mb-2" name="order_date" placeholder="Дата заказа" value="{{ date('Y-m-d') }}">
-                            <input type="number" class="form-control mb-2" name="order_sum" placeholder="Сумма заказа" value="0">
-                            <button href="#" class="btn btn-primary" id="createTtn">Создать ТН</button>
-                        </div>
-                    </form>
+        <!-- Модальное окно ТН -->
+        <div class="modal fade" id="createTtnModal" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
+            <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
+                <div class="modal-content">
+                    <div class="modal-header">
+                        <h1 class="modal-title fs-5" id="addModalLabel">Введите данные для ТН</h1>
+                        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
+                    </div>
+                    <div class="modal-body">
+                        <form action="{{ route('order.create-ttn') }}" method="post" id="ttnForm">
+                            @csrf
+                            <div>
+                                <input type="text" class="form-control mb-2" name="order_number" placeholder="Номер заказа">
+                                <input type="date" class="form-control mb-2" name="order_date" placeholder="Дата заказа" value="{{ date('Y-m-d') }}">
+                                <input type="number" class="form-control mb-2" name="order_sum" placeholder="Сумма заказа" value="0">
+                                <button href="#" class="btn btn-primary" id="createTtn">Создать ТН</button>
+                            </div>
+                        </form>
+                    </div>
                 </div>
             </div>
         </div>
-    </div>
 
-    <!-- Модальное окно переноса -->
-    <div class="modal fade" id="moveModal" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
-        <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
-            <div class="modal-content">
-                <div class="modal-header">
-                    <h1 class="modal-title fs-5" id="addModalLabel">Выбрать площадку, куда переносим</h1>
-                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
-                </div>
-                <div class="modal-body">
-                    <form action="{{ route('order.move-maf') }}" method="post">
-                        @csrf
-                        <div id="select_maf_form">
-                            <input type="text" class="form-control mb-2" placeholder="Поиск площадки" id="search_order">
-                            <select id="select_order" name="new_order_id" class="form-select mb-3" size="20" multiple
-                                    required></select>
-                            <a href="#" class="btn btn-primary" id="moveMaf">Перенести</a>
-                        </div>
-                    </form>
+        <!-- Модальное окно переноса -->
+        <div class="modal fade" id="moveModal" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
+            <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
+                <div class="modal-content">
+                    <div class="modal-header">
+                        <h1 class="modal-title fs-5" id="addModalLabel">Выбрать площадку, куда переносим</h1>
+                        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
+                    </div>
+                    <div class="modal-body">
+                        <form action="{{ route('order.move-maf') }}" method="post">
+                            @csrf
+                            <div id="select_maf_form">
+                                <input type="text" class="form-control mb-2" placeholder="Поиск площадки" id="search_order">
+                                <select id="select_order" name="new_order_id" class="form-select mb-3" size="20" multiple
+                                        required></select>
+                                <a href="#" class="btn btn-primary" id="moveMaf">Перенести</a>
+                            </div>
+                        </form>
+                    </div>
                 </div>
             </div>
         </div>
-    </div>
+    @endif
 
     @if($errors->any())
         @dump($errors)
@@ -431,44 +438,48 @@
             window.open('https://t.me/{{ $order->tg_group_link }}', '_blank');
         });
 
-        // select order
-        $('#search_order').on('keyup', function () {
-            // search products on backend
-            $.get('{{ route('order.search') }}?s=' + $(this).val(),
-                function (data) {
-                    $('#select_order').children().remove()
-                    $.each(data, function (id, name) {
-                        $('#select_order').append('<option value=\'' + id + '\'>' + name + '</option>');
-                    });
-                }
-            );
-        }).trigger('keyup');
+        @if(hasRole('admin'))
+            // select order
+            $('#search_order').on('keyup', function () {
+                // search products on backend
+                $.get('{{ route('order.search') }}?s=' + $(this).val(),
+                    function (data) {
+                        $('#select_order').children().remove()
+                        $.each(data, function (id, name) {
+                            $('#select_order').append('<option value=\'' + id + '\'>' + name + '</option>');
+                        });
+                    }
+                );
+            }).trigger('keyup');
+        @endif
 
 
         $('#check-all-maf').on('change', function () {
             $('input:checkbox.check-maf').not(this).prop('checked', this.checked);
         });
 
-        // move maf
-        $('#moveMaf').on('click', function () {
-            let ids = Array();
-            $('.check-maf').each(function () {
-                if ($(this).prop('checked')) {
-                    ids.push($(this).attr('data-maf-id'));
-                }
+        @if(hasRole('admin'))
+            // move maf
+            $('#moveMaf').on('click', function () {
+                let ids = Array();
+                $('.check-maf').each(function () {
+                    if ($(this).prop('checked')) {
+                        ids.push($(this).attr('data-maf-id'));
+                    }
+                });
+
+                $.post('{{ route('order.move-maf') }}',
+                    {
+                        '_token': $('meta[name=csrf-token]').attr('content'),
+                        ids: JSON.stringify(ids),
+                        'new_order_id': $('#select_order').find(":selected").val()
+                    },
+                    function () {
+                        location.reload();
+                    }
+                );
             });
-
-            $.post('{{ route('order.move-maf') }}',
-                {
-                    '_token': $('meta[name=csrf-token]').attr('content'),
-                    ids: JSON.stringify(ids),
-                    'new_order_id': $('#select_order').find(":selected").val()
-                },
-                function () {
-                    location.reload();
-                }
-            );
-        });
+        @endif
 
         $('#create-reclamation-button').on('click', function () {
             let ids = Array();
@@ -486,44 +497,46 @@
             }
         });
 
-        $('#createScheduleButton').on('click', function () {
-            let ids = Array();
-            $('.check-maf').each(function () {
-                if ($(this).prop('checked')) {
-                    ids.push($(this).attr('data-maf-id'));
-                    $('#scheduleCreateForm').append('<input type="hidden" name="skus[]" value="' + $(this).attr('data-maf-id') + '">');
-                }
+        @if(hasRole('admin'))
+            $('#createScheduleButton').on('click', function () {
+                let ids = Array();
+                $('.check-maf').each(function () {
+                    if ($(this).prop('checked')) {
+                        ids.push($(this).attr('data-maf-id'));
+                        $('#scheduleCreateForm').append('<input type="hidden" name="skus[]" value="' + $(this).attr('data-maf-id') + '">');
+                    }
+                });
+
+                let myModalSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
+                myModalSchedule.show();
             });
 
-            let myModalSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
-            myModalSchedule.show();
-        });
+            $('#ttnBtn').on('click', function () {
+                if ($('input.check-maf:checkbox:checked').length > 0) {
 
-        $('#ttnBtn').on('click', function () {
-            if ($('input.check-maf:checkbox:checked').length > 0) {
-
-                let myModalTtn = new bootstrap.Modal(document.getElementById("createTtnModal"), {});
-                myModalTtn.show();
-            } else {
-                customAlert('Нужно выбрать МАФ для ТН!');
-            }
-        });
-
-        $('#createTtn').on('click', function () {
-            let ids = Array();
-            $('.check-maf').each(function () {
-                if ($(this).prop('checked')) {
-                    ids.push($(this).attr('data-maf-id'));
-                    $('#ttnForm').append('<input type="hidden" name="skus[]" value="' + $(this).attr('data-maf-id') + '">');
+                    let myModalTtn = new bootstrap.Modal(document.getElementById("createTtnModal"), {});
+                    myModalTtn.show();
+                } else {
+                    customAlert('Нужно выбрать МАФ для ТН!');
                 }
             });
 
-            if (ids.length) {
-                $('#ttnForm').submit();
-            } else {
-                customAlert('Нужно выбрать МАФ для ТН!');
-            }
-        });
+            $('#createTtn').on('click', function () {
+                let ids = Array();
+                $('.check-maf').each(function () {
+                    if ($(this).prop('checked')) {
+                        ids.push($(this).attr('data-maf-id'));
+                        $('#ttnForm').append('<input type="hidden" name="skus[]" value="' + $(this).attr('data-maf-id') + '">');
+                    }
+                });
+
+                if (ids.length) {
+                    $('#ttnForm').submit();
+                } else {
+                    customAlert('Нужно выбрать МАФ для ТН!');
+                }
+            });
+        @endif
 
         $('.update-once').on('change', function () {
             let v = $(this).val();

resources/views/reclamations/edit.blade.php

@@ -88,8 +88,10 @@
                                 </td>
                                 <td>{!! $p->product->nomenclature_number !!}</td>
                                 <td>
-                                    @if($p->maf_order_id && hasRole('admin,manager'))
+                                    @if($p->maf_order_id && hasRole('admin'))
                                         <a href="{{ route('maf_order.show', $p->maf_order) }}">{{ $p->maf_order->order_number }}</a>
+                                    @else
+                                        {{ $p->maf_order?->order_number }}
                                     @endif
                                 </td>
                                 <td>{{ $p->rfid }}</td>
@@ -261,9 +263,13 @@
                                                 <tr>
                                                     <td>
                                                         @if($reservation->sparePart)
-                                                            <a href="{{ route('spare_parts.show', $reservation->sparePart->id) }}">
+                                                            @if(hasRole('admin,manager'))
+                                                                <a href="{{ route('spare_parts.show', $reservation->sparePart->id) }}">
+                                                                    {{ $reservation->sparePart->article }}
+                                                                </a>
+                                                            @else
                                                                 {{ $reservation->sparePart->article }}
-                                                            </a>
+                                                            @endif
                                                         @else
                                                             -
                                                         @endif
@@ -278,9 +284,13 @@
                                                     </td>
                                                     <td>
                                                         @if($reservation->sparePartOrder)
-                                                            <a href="{{ route('spare_part_orders.show', $reservation->sparePartOrder->id) }}">
+                                                            @if(hasRole('admin,manager'))
+                                                                <a href="{{ route('spare_part_orders.show', $reservation->sparePartOrder->id) }}">
+                                                                    #{{ $reservation->sparePartOrder->id }}
+                                                                </a>
+                                                            @else
                                                                 #{{ $reservation->sparePartOrder->id }}
-                                                            </a>
+                                                            @endif
                                                         @else
                                                             -
                                                         @endif
@@ -339,9 +349,13 @@
                                                 <tr>
                                                     <td>
                                                         @if($reservation->sparePart)
-                                                            <a href="{{ route('spare_parts.show', $reservation->sparePart->id) }}">
+                                                            @if(hasRole('admin,manager'))
+                                                                <a href="{{ route('spare_parts.show', $reservation->sparePart->id) }}">
+                                                                    {{ $reservation->sparePart->article }}
+                                                                </a>
+                                                            @else
                                                                 {{ $reservation->sparePart->article }}
-                                                            </a>
+                                                            @endif
                                                         @else
                                                             -
                                                         @endif
@@ -356,9 +370,13 @@
                                                     </td>
                                                     <td>
                                                         @if($reservation->sparePartOrder)
-                                                            <a href="{{ route('spare_part_orders.show', $reservation->sparePartOrder->id) }}">
+                                                            @if(hasRole('admin,manager'))
+                                                                <a href="{{ route('spare_part_orders.show', $reservation->sparePartOrder->id) }}">
+                                                                    #{{ $reservation->sparePartOrder->id }}
+                                                                </a>
+                                                            @else
                                                                 #{{ $reservation->sparePartOrder->id }}
-                                                            </a>
+                                                            @endif
                                                         @else
                                                             -
                                                         @endif
@@ -390,9 +408,13 @@
                                                 <tr>
                                                     <td>
                                                         @if($shortage->sparePart)
-                                                            <a href="{{ route('spare_parts.show', $shortage->sparePart->id) }}">
+                                                            @if(hasRole('admin,manager'))
+                                                                <a href="{{ route('spare_parts.show', $shortage->sparePart->id) }}">
+                                                                    {{ $shortage->sparePart->article }}
+                                                                </a>
+                                                            @else
                                                                 {{ $shortage->sparePart->article }}
-                                                            </a>
+                                                            @endif
                                                         @else
                                                             -
                                                         @endif
@@ -570,41 +592,45 @@
         </div>
     </div>
 
-    <!-- Модальное окно графика -->
-    <div class="modal fade" id="copySchedule" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
-        <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
-            <div class="modal-content">
-                <div class="modal-header">
-                    <h1 class="modal-title fs-5" id="addModalLabel">Перенести в график монтажей</h1>
-                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
-                </div>
-                <div class="modal-body">
-                    <form action="{{ route('schedule.create-from-reclamation') }}" method="post" id="scheduleCreateForm">
-                        @csrf
-                        <div>
-                            <input type="hidden" name="reclamation_id" value="{{ $reclamation->id }}">
+    @if(hasRole('admin'))
+        <!-- Модальное окно графика -->
+        <div class="modal fade" id="copySchedule" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
+            <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
+                <div class="modal-content">
+                    <div class="modal-header">
+                        <h1 class="modal-title fs-5" id="addModalLabel">Перенести в график монтажей</h1>
+                        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
+                    </div>
+                    <div class="modal-body">
+                        <form action="{{ route('schedule.create-from-reclamation') }}" method="post" id="scheduleCreateForm">
+                            @csrf
+                            <div>
+                                <input type="hidden" name="reclamation_id" value="{{ $reclamation->id }}">
 {{--                            <textarea name="comment" placeholder="Комментарий для графика" class="form-control mb-3"></textarea>--}}
 
-                            <input type="checkbox" checked="checked" id="sendNotifications" name="send_notifications" value="1" class="form-check-inline">
-                            <label for="sendNotifications" class="form-check-label mb-2">Уведомить менеджера и бригадира</label><br>
+                                <input type="checkbox" checked="checked" id="sendNotifications" name="send_notifications" value="1" class="form-check-inline">
+                                <label for="sendNotifications" class="form-check-label mb-2">Уведомить менеджера и бригадира</label><br>
 
-                            <input type="checkbox" id="deleteOldRecords" name="delete_old_records" class="form-check-inline">
-                            <label for="deleteOldRecords" class="form-check-label mb-2">Удалить старые записи в графике для этой рекламации?</label><br>
-                            <button type="submit" class="btn btn-primary btn-sm">Обновить график</button>
-                        </div>
-                    </form>
+                                <input type="checkbox" id="deleteOldRecords" name="delete_old_records" class="form-check-inline">
+                                <label for="deleteOldRecords" class="form-check-label mb-2">Удалить старые записи в графике для этой рекламации?</label><br>
+                                <button type="submit" class="btn btn-primary btn-sm">Обновить график</button>
+                            </div>
+                        </form>
+                    </div>
                 </div>
             </div>
         </div>
-    </div>
+    @endif
 @endsection
 
 @push('scripts')
     <script type="module">
-        $('#createScheduleButton').on('click', function () {
-            let myModalSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
-            myModalSchedule.show();
-        });
+        @if(hasRole('admin'))
+            $('#createScheduleButton').on('click', function () {
+                let myModalSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
+                myModalSchedule.show();
+            });
+        @endif
 
         let sparePartIndex = {{ max($reclamation->spareParts->count(), 1) }};
         const searchUrl = '{{ route('spare_parts.search') }}';

resources/views/schedule/index.blade.php

@@ -303,40 +303,42 @@
             }
         </style>
 
-        <!-- Модальное окно редактирования графика -->
-        <div class="modal fade" id="copySchedule" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
-            <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
-                <div class="modal-content">
-                    <div class="modal-header">
-                        <h1 class="modal-title fs-5" id="addModalLabel">Изменить/создать запись в графике</h1>
-                        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
-                    </div>
-                    <div class="modal-body">
-                        <form action="{{ route('schedule.update') }}" method="post" id="scheduleEditForm">
-                            @csrf
-                            <input type="hidden" name="id" value="0">
-                            <div>
-                                @include('partials.input',  ['name' => 'installation_date', 'title' => 'Дата монтажа', 'type' => 'date'])
-                                @include('partials.input',  ['name' => 'address_code', 'title' => 'Код адреса'])
-                                @include('partials.select', ['name' => 'district_id', 'title' => 'Округ', 'options' => $districts, 'first_empty' => true])
-                                @include('partials.select', ['name' => 'area_id', 'title' => 'Район', 'options' => $areas, 'first_empty' => true])
-                                @include('partials.input',  ['name' => 'object_address', 'title' => 'Адрес', 'required' => true])
-                                @include('partials.input',  ['name' => 'object_type', 'title' => 'Тип объекта', 'required' => true])
-                                @include('partials.textarea', ['name' => 'mafs', 'title' => 'МАФы', 'required' => true])
-                                @include('partials.input',  ['name' => 'mafs_count', 'title' => 'Кол-во МАФ', 'type' => 'number', 'required' => true])
-                                @include('partials.select', ['name' => 'brigadier_id', 'title' => 'Бригадир', 'options' => $brigadiers, 'required' => true, 'first_empty' => true])
-                                @include('partials.input',  ['name' => 'transport', 'title' => 'Транспорт'])
-                                @include('partials.textarea', ['name' => 'admin_comment', 'title' => 'Комментарий'])
-                                @include('partials.textarea', ['name' => 'comment', 'title' => 'Примечание'])
-                                <div class="text-center">
-                                    <button type="submit" class="btn btn-primary btn-sm">Сохранить</button>
+        @if(hasRole('admin'))
+            <!-- Модальное окно редактирования графика -->
+            <div class="modal fade" id="copySchedule" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
+                <div class="modal-dialog modal-fullscreen-sm-down modal-lg">
+                    <div class="modal-content">
+                        <div class="modal-header">
+                            <h1 class="modal-title fs-5" id="addModalLabel">Изменить/создать запись в графике</h1>
+                            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрыть"></button>
+                        </div>
+                        <div class="modal-body">
+                            <form action="{{ route('schedule.update') }}" method="post" id="scheduleEditForm">
+                                @csrf
+                                <input type="hidden" name="id" value="0">
+                                <div>
+                                    @include('partials.input',  ['name' => 'installation_date', 'title' => 'Дата монтажа', 'type' => 'date'])
+                                    @include('partials.input',  ['name' => 'address_code', 'title' => 'Код адреса'])
+                                    @include('partials.select', ['name' => 'district_id', 'title' => 'Округ', 'options' => $districts, 'first_empty' => true])
+                                    @include('partials.select', ['name' => 'area_id', 'title' => 'Район', 'options' => $areas, 'first_empty' => true])
+                                    @include('partials.input',  ['name' => 'object_address', 'title' => 'Адрес', 'required' => true])
+                                    @include('partials.input',  ['name' => 'object_type', 'title' => 'Тип объекта', 'required' => true])
+                                    @include('partials.textarea', ['name' => 'mafs', 'title' => 'МАФы', 'required' => true])
+                                    @include('partials.input',  ['name' => 'mafs_count', 'title' => 'Кол-во МАФ', 'type' => 'number', 'required' => true])
+                                    @include('partials.select', ['name' => 'brigadier_id', 'title' => 'Бригадир', 'options' => $brigadiers, 'required' => true, 'first_empty' => true])
+                                    @include('partials.input',  ['name' => 'transport', 'title' => 'Транспорт'])
+                                    @include('partials.textarea', ['name' => 'admin_comment', 'title' => 'Комментарий'])
+                                    @include('partials.textarea', ['name' => 'comment', 'title' => 'Примечание'])
+                                    <div class="text-center">
+                                        <button type="submit" class="btn btn-primary btn-sm">Сохранить</button>
+                                    </div>
                                 </div>
-                            </div>
-                        </form>
+                            </form>
+                        </div>
                     </div>
                 </div>
             </div>
-        </div>
+        @endif
 
         @if($errors->any())
             @dump($errors)
@@ -352,66 +354,68 @@
             document.location = '{{ route('schedule.index') }}?tab=week&week=' + week;
         });
 
-        $('.editSchedule').on('click', function () {
-            let scheduleId = $(this).attr('data-schedule-id');
-            let scheduleDate = $(this).attr('data-schedule-date');
-            let scheduleDistrict = $(this).attr('data-schedule-district');
-            let scheduleArea = $(this).attr('data-schedule-area');
-            let scheduleBrigadier = $(this).attr('data-schedule-brigadier');
-            let scheduleAddress = $(this).attr('data-schedule-address');
-            let scheduleComment = $('.comment-' + scheduleId).text();
-            let scheduleTransport = $('.transport-' + scheduleId).text();
-            let scheduleAdminComment = $('.admin-comment-' + scheduleId).text();
-            let scheduleMafs = $('.mafs-' + scheduleId).text();
-            let scheduleObjectType = $('.object-type-' + scheduleId).text();
-            let scheduleMafsCount = $('.mafs-count-' + scheduleId).text();
-            let scheduleCode = $('.code-' + scheduleId).text();
-            console.log(scheduleId, scheduleDate, scheduleDistrict, $(this).attr('data-schedule-brigadier'));
-            $('form#scheduleEditForm input[name=id]').val(scheduleId);
-            $('form#scheduleEditForm input[name=object_address]').val(scheduleAddress);
-            $('form#scheduleEditForm input[name=object_type]').val(scheduleObjectType);
-            $('form#scheduleEditForm input[name=installation_date]').val(scheduleDate);
-            $('form#scheduleEditForm select[name=district_id]').val(scheduleDistrict);
-            $('form#scheduleEditForm select[name=area_id]').val(scheduleArea);
-            $('form#scheduleEditForm select[name=brigadier_id]').val(scheduleBrigadier);
-            $('form#scheduleEditForm textarea[name=comment]').text(scheduleComment);
-            $('form#scheduleEditForm input[name=transport]').val(scheduleTransport);
-            $('form#scheduleEditForm textarea[name=admin_comment]').text(scheduleAdminComment);
-            $('form#scheduleEditForm textarea[name=mafs]').text(scheduleMafs);
-            $('form#scheduleEditForm input[name=mafs_count]').val(scheduleMafsCount);
-            $('form#scheduleEditForm input[name=address_code]').val(scheduleCode);
+        @if(hasRole('admin'))
+            $('.editSchedule').on('click', function () {
+                let scheduleId = $(this).attr('data-schedule-id');
+                let scheduleDate = $(this).attr('data-schedule-date');
+                let scheduleDistrict = $(this).attr('data-schedule-district');
+                let scheduleArea = $(this).attr('data-schedule-area');
+                let scheduleBrigadier = $(this).attr('data-schedule-brigadier');
+                let scheduleAddress = $(this).attr('data-schedule-address');
+                let scheduleComment = $('.comment-' + scheduleId).text();
+                let scheduleTransport = $('.transport-' + scheduleId).text();
+                let scheduleAdminComment = $('.admin-comment-' + scheduleId).text();
+                let scheduleMafs = $('.mafs-' + scheduleId).text();
+                let scheduleObjectType = $('.object-type-' + scheduleId).text();
+                let scheduleMafsCount = $('.mafs-count-' + scheduleId).text();
+                let scheduleCode = $('.code-' + scheduleId).text();
+                console.log(scheduleId, scheduleDate, scheduleDistrict, $(this).attr('data-schedule-brigadier'));
+                $('form#scheduleEditForm input[name=id]').val(scheduleId);
+                $('form#scheduleEditForm input[name=object_address]').val(scheduleAddress);
+                $('form#scheduleEditForm input[name=object_type]').val(scheduleObjectType);
+                $('form#scheduleEditForm input[name=installation_date]').val(scheduleDate);
+                $('form#scheduleEditForm select[name=district_id]').val(scheduleDistrict);
+                $('form#scheduleEditForm select[name=area_id]').val(scheduleArea);
+                $('form#scheduleEditForm select[name=brigadier_id]').val(scheduleBrigadier);
+                $('form#scheduleEditForm textarea[name=comment]').text(scheduleComment);
+                $('form#scheduleEditForm input[name=transport]').val(scheduleTransport);
+                $('form#scheduleEditForm textarea[name=admin_comment]').text(scheduleAdminComment);
+                $('form#scheduleEditForm textarea[name=mafs]').text(scheduleMafs);
+                $('form#scheduleEditForm input[name=mafs_count]').val(scheduleMafsCount);
+                $('form#scheduleEditForm input[name=address_code]').val(scheduleCode);
 
-            let myModalEditSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
-            myModalEditSchedule.show();
-        });
+                let myModalEditSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
+                myModalEditSchedule.show();
+            });
 
-        $('.deleteSchedule').on('click', function () {
-            customConfirm('Удалить запись?', function () {
-                let scheduleId = $(this).attr('data-schedule-id');
-                $('.deleteForm-' + scheduleId).submit();
-            }.bind(this), 'Подтверждение удаления');
-        });
+            $('.deleteSchedule').on('click', function () {
+                customConfirm('Удалить запись?', function () {
+                    let scheduleId = $(this).attr('data-schedule-id');
+                    $('.deleteForm-' + scheduleId).submit();
+                }.bind(this), 'Подтверждение удаления');
+            });
 
-        $('.createSchedule').on('click', function () {
-            let scheduleDate = $(this).attr('data-schedule-date');
+            $('.createSchedule').on('click', function () {
+                let scheduleDate = $(this).attr('data-schedule-date');
 
-            $('form#scheduleEditForm input[name=id]').val('');
-            $('form#scheduleEditForm input[name=object_address]').val('');
-            $('form#scheduleEditForm input[name=object_type]').val('');
-            $('form#scheduleEditForm input[name=installation_date]').val(scheduleDate);
-            $('form#scheduleEditForm select[name=district_id]').val('');
-            $('form#scheduleEditForm select[name=area_id]').val('');
-            $('form#scheduleEditForm select[name=brigadier_id]').val('');
-            $('form#scheduleEditForm textarea[name=comment]').text('');
-            $('form#scheduleEditForm input[name=transport]').val('');
-            $('form#scheduleEditForm textarea[name=admin_comment]').text('');
-            $('form#scheduleEditForm textarea[name=mafs]').text('');
-            $('form#scheduleEditForm input[name=mafs_count]').val('');
-            $('form#scheduleEditForm input[name=address_code]').val('');
+                $('form#scheduleEditForm input[name=id]').val('');
+                $('form#scheduleEditForm input[name=object_address]').val('');
+                $('form#scheduleEditForm input[name=object_type]').val('');
+                $('form#scheduleEditForm input[name=installation_date]').val(scheduleDate);
+                $('form#scheduleEditForm select[name=district_id]').val('');
+                $('form#scheduleEditForm select[name=area_id]').val('');
+                $('form#scheduleEditForm select[name=brigadier_id]').val('');
+                $('form#scheduleEditForm textarea[name=comment]').text('');
+                $('form#scheduleEditForm input[name=transport]').val('');
+                $('form#scheduleEditForm textarea[name=admin_comment]').text('');
+                $('form#scheduleEditForm textarea[name=mafs]').text('');
+                $('form#scheduleEditForm input[name=mafs_count]').val('');
+                $('form#scheduleEditForm input[name=address_code]').val('');
 
-            let myModalCreateSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
-            myModalCreateSchedule.show();
-        });
+                let myModalCreateSchedule = new bootstrap.Modal(document.getElementById("copySchedule"), {});
+                myModalCreateSchedule.show();
+            });
+        @endif
 
         // select order
         $('#search_order').on('keyup', function () {