/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
DB::table('roles')->delete();
/**
* Role Attributes
*
* name: Unique name for the permission, used for looking up permission information in the
* application layer. For example: "create-post", "edit-user", "post-payment", "mailing-list-subscribe".
*
* display_name: Human readable name for the permission. Not necessarily unique, and is optional.
* For example "Create Posts", "Edit Users", "Post Payments", "Subscribe to mailing list".
*
* description: A more detailed explanation of the Role. This is also optional.
*
* permissions: A list of permission names to assign to the user. Optional.
*/
$roles = array(array('name' => 'owner', 'display_name' => 'Owner', 'description' => 'Owner of the management system. Has access to all aspects of the system.', 'permissions' => PermissionNames::AllGlobalPermissions()));
foreach ($roles as $r) {
$entry = new Role();
$entry->name = $r['name'];
if (array_key_exists('permissions', $r)) {
$permissions = $r['permissions'];
unset($r['permissions']);
}
if (array_key_exists('display_name', $r)) {
$entry->display_name = $r['display_name'];
}
if (array_key_exists('description', $r)) {
$entry->description = $r['description'];
}
$entry->save();
if (isset($permissions)) {
foreach ($permissions as $p) {
$entry->attachPermission(Permission::where('name', $p)->get()->first());
}
unset($permissions);
}
}
$rolePermissions = Permission::whereIn('name', PermissionNames::AllGlobalPermissions())->get();
RoleCreate::createPermissionRoles($rolePermissions);
}
/**
* Remove the event given the eventID.
* @param int $id
* @return Response
*/
public function destroy($id)
{
if (!Entrust::hasRole(RoleNames::EventManager($id))) {
return response("Permission not found", 403);
}
return DB::transaction(function () use($id) {
$event = Event::find($id);
if (is_null($event)) {
return response("No event for id {$id}.", 404);
}
$event->delete();
Permission::whereIn('name', PermissionNames::AllEventPermissions($id))->delete();
RoleCreate::deleteEventRoles($id);
return response()->json(['id' => $event->id]);
});
}
/**
* Deletes a conference.
*/
public function delete($id)
{
if (!Entrust::can(PermissionNames::ConferenceInfoEdit($id))) {
return response("", 403);
}
DB::transaction(function () use($id) {
$events = Event::where('conferenceID', $id)->get();
$pnames = array_merge(PermissionNames::AllConferencePermissions($id), PermissionNames::ExclusiveConferencePermissions($id));
$evtIds = [];
foreach ($events as $e) {
$pnames = array_merge($pnames, PermissionNames::AllEventPermissions($e->id));
echo $e;
$evtIds[] = $e->id;
}
Permission::whereIn('name', $pnames)->delete();
RoleCreate::deleteConferenceRoles($id);
RoleCreate::deleteEventRoles($evtIds);
Conference::destroy($id);
});
Log::info("Conference with ID {$id} deleted");
return '';
}
public function putPermissionsUpdate($id, Request $request)
{
$role = Role::findOrFail($id);
$this->validate($request, ['permissions' => 'required|array']);
// fetch an id list array of the permissions we need
$permissions = Permission::whereIn('name', $request->get('permissions', []))->get();
$ids = [];
foreach ($permissions as $permission) {
$ids[] = $permission->id;
}
// sync to current role
$role->permissions()->sync($ids);
return response()->json(['status' => 'success', 'message' => trans('api.resource_updated', ['resource' => trans('global.role')])])->setStatusCode(200);
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Permission::whereIn('name', ['view.admin', 'update.application'])->delete();
Role::whereIn('name', ['administrator', 'manager'])->delete();
}
private static function findPermissions($permissionNames)
{
return Permission::whereIn("name", $permissionNames)->get();
}
