Ejemplo n.º 1
0
 /**
  * Run the database seeds.
  *
  * @return void
  */
 public function run()
 {
     DB::transaction(function () {
         // create admin user
         $root = factory(App\User::class)->create(['name' => 'Administrator', 'email' => '*****@*****.**', 'password' => bcrypt('123456'), 'username' => 'admin', 'location' => 'Da Nang', 'country' => 'Viet Nam', 'biography' => 'Dev', 'occupation' => 'Dev', 'website' => 'greenglobal.vn', 'image' => 'avatar.jpg']);
         // create default roles
         $admin = new Role();
         $admin->name = 'admin';
         $admin->display_name = 'Administrator';
         $admin->description = 'User is allowed to manage all system.';
         $admin->active = 1;
         $admin->save();
         // create default guest roles
         $guest = new Role();
         $guest->name = 'guest';
         $guest->display_name = 'Guest';
         $guest->description = 'User are not logged in.';
         $guest->active = 1;
         $guest->save();
         // attach roles
         $root->attachRole($admin);
         // create root permission
         $admin = new NodePermission();
         $admin->name = 'Root';
         $admin->display_name = 'Root permission';
         $admin->description = 'The root.';
         $admin->save();
         // create all permission to admin
         $root = new PermissionRole();
         $root->permission_id = 1;
         $root->role_id = 1;
         $root->status = 1;
         $root->save();
     });
 }
Ejemplo n.º 2
0
 public function can($permissions, $arguments = [])
 {
     // Get param
     $userId = Auth::user()->id;
     // Get roles
     $listRole = (new RoleUser())->getUserRole($userId);
     if (empty($listRole) || empty($permissions)) {
         return false;
     }
     if (!is_array($permissions)) {
         $permissions = [$permissions];
     }
     // Get list permissions id
     $listPermissions = NodePermission::whereIn('name', $permissions)->lists('id');
     // Get permission status
     $rolePerm = PermissionRole::whereIn('role_id', $listRole)->whereIn('permission_id', $listPermissions)->get();
     if (!$rolePerm->count()) {
         return false;
     }
     foreach ($rolePerm as $perm) {
         if ($perm->status == 1) {
             return true;
         }
     }
     return false;
 }
 public function testGetListPermissionNull()
 {
     $this->withoutMiddleware();
     $this->call('POST', '/nodePermission', ['name' => 'Login', 'display_name' => 'User login', 'description' => 'Des', 'parent_id' => 1]);
     // CHange root node id
     $root = NodePermission::find(1);
     $root->id = 0;
     $root->save();
     $res = $this->call('GET', '/nodePermission');
     $this->assertEquals(200, $res->getStatusCode());
     $results = json_decode($res->getContent());
     $this->assertEquals(null, $results->entities);
 }
Ejemplo n.º 4
0
 /**
  * List route of a permission
  *
  * @param permission id
  * @return json
  */
 public function index($id = null)
 {
     $node = NodePermission::where('id', $id)->get();
     if (!$node->count()) {
         return response()->json(null, 404);
     }
     $routes = PermissionRoute::where('permission_id', $id)->get();
     $results = [];
     if ($routes->count()) {
         foreach ($routes as $route) {
             $route = array('id' => $route->id, 'route_method' => $route->route_method, 'route_name' => $route->route_name);
             $results[] = (object) $route;
         }
     }
     return response()->json(arrayView('gcl.gclusers::route/browse', ['routes' => $results]), 200);
 }
Ejemplo n.º 5
0
 public function testHasManyPermission()
 {
     // assign new roles with name
     $modify = factory(Role::class)->create(['name' => 'modify', 'active' => 1]);
     $editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]);
     $user = factory(App\User::class)->create(['password' => bcrypt('123456')]);
     $credentials = ['email' => $user->email, 'password' => '123456'];
     $token = JWTAuth::attempt($credentials);
     // add roles to user
     $user->attachRole($modify);
     $user->attachRole($editor);
     // Post permission tree
     NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"3","children":[{"id":4, "name":"4","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]');
     // add route to permission
     PermissionRoute::setRoutePermissionsRoles(2, '/password', 'PATCH');
     PermissionRoute::setRoutePermissionsRoles(2, '/blog/{id}', 'POST');
     // set permissons
     PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]);
     PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]);
     $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
     $this->assertEquals(403, $res->getStatusCode());
     // set permissons
     PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 1]);
     PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]);
     $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
     $this->assertEquals(200, $res->getStatusCode());
     // set permissons
     PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]);
     PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 1]);
     $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
     $this->assertEquals(200, $res->getStatusCode());
 }
Ejemplo n.º 6
0
 /**
  * Get role permission action
  *
  * @param Request
  * @return Response
  */
 public function getRolePerm($id = null)
 {
     if (!Role::find($id)) {
         return response()->json(null, 404);
     }
     $roles = NodePermission::model()->rolePerm($id);
     return response()->json(arrayView('gcl.gclusers::nodePermission/read', ['node' => $roles]), 200);
 }
Ejemplo n.º 7
0
 public function testCanPermissionAndHasRole()
 {
     $this->withoutMiddleware();
     $user = factory(App\User::class)->create(['password' => bcrypt('123456')]);
     $credentials = ['email' => $user->email, 'password' => '123456'];
     $token = JWTAuth::attempt($credentials);
     $editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]);
     $partner = factory(Role::class)->create(['name' => 'partner', 'active' => 1]);
     // add role to user
     $user->attachRole($editor);
     $this->assertEquals(true, $user->hasRole('editor'));
     $this->assertEquals(false, $user->hasRole('admin'));
     $this->assertEquals(false, $user->can('delete-user'));
     $this->assertEquals(false, $user->can(['delete-user', 'create-user']));
     // Add permission
     NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"delete-user","children":[{"id":4, "name":"create-post","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]');
     PermissionRole::create(['permission_id' => 3, 'role_id' => $editor->id, 'status' => 1]);
     $this->assertEquals(true, $user->can('delete-user'));
     $this->assertEquals(true, $user->can(['delete-user', 'create-user']));
     $this->assertEquals(false, $user->can('create-post'));
     $user->attachRole($partner);
     PermissionRole::create(['permission_id' => 4, 'role_id' => $partner->id, 'status' => 1]);
     $this->assertEquals(true, $user->can('create-post'));
     $this->assertEquals(true, $user->can(['create-post', 'delete-post']));
     $this->assertEquals(true, $user->can(['create-post', 'delete-post', 'delete-user']));
 }