Example #1
0
 /**
  * So here's the deal with permissions... Suppose we have code
  * like the following:
  * 
  * @if( $user->hasPermission('edit', 'Employee') )
  *     <li><a href="/editEmployees">Edit Employees</a></li>
  * @endif
  * 
  * Now suppose a user can edit a SUBSET of employees... We still
  * want to display this button, but within this button we need
  * to limit the employees shown. So we need two different actions:
  * 
  *     can you edit ANYTHING?
  *     what can you edit?
  * 
  * To prevent "what can you edit" from returning the entire
  * database in the event that you actually can edit everything,
  * it needs to somehow be condensed. Maybe a query string?
  * 
  * 
  * 
  */
 public function hasPermission($action, $model)
 {
     // First, is $model an instance? If so, get the class name
     if (is_string($model)) {
         $modelName = $model;
         $modelInstance = null;
     } else {
         $modelName = get_class($model);
         $modelInstance = $model;
     }
     // Now get ALL permissions for this action on this model
     $permissions = Permission::where(function ($query) use($action) {
         $query->orWhere('action', $action)->orWhere('action', 'all');
     })->where(function ($query) use($modelName) {
         $query->orWhere('model', 'like', $modelName)->orWhere('model', '*');
     })->get();
     // Now see if we have a matching role
     // To start, see if we have a previously cached list of roles:
     if ($this->roleParents == null) {
         // We start with a list of this user's roles...
         $this->roleParents = $this->roles;
         // Then we iteratively get all parents
         foreach ($this->roleParents as $role) {
             if ($role->parent != null) {
                 $this->roleParents->add($role->parent);
             }
         }
     }
     if ($this->roleChildren == null) {
         // We start with a list of this user's roles...
         $this->roleChildren = $this->roles;
         // Then we need to recursively get all children
         $children = new Collection();
         foreach ($this->roles as $role) {
             $this->roleChildren = $this->roleChildren->merge($this->getAllChildren($role));
         }
         $this->roleChildren = $this->roleChildren->unique();
     }
     foreach ($permissions as $permission) {
         if ($permission->role_id == 0 || $this->roleParents->contains($permission->role) || $this->roleChildren->contains($permission->role) && $permission->trickle) {
             // So the user has a role that can perform the action on this model
             if ($modelInstance == null) {
                 // If we're looking at the model as a whole, we good
                 return true;
             } else {
                 // If we're looking at a specific model, we need to check the domain
                 $domain = json_decode($permission->domain);
                 if (is_array($domain)) {
                     if ($this->confirmDomain($domain, $modelInstance)) {
                         return true;
                     }
                 } else {
                     return true;
                 }
             }
         }
     }
     // Failed to find a valid permission
     return false;
 }
 private function sortByLikes(Collection $collection, Collection $orderArray)
 {
     $sorted = new Collection();
     $orderArray->each(function ($orderElem) use($collection, $sorted) {
         if ($collection->contains($orderElem->likeable_id)) {
             $sorted->push($collection->find($orderElem->likeable_id));
         }
     });
     return $sorted;
 }
 /**
  * Get all permissions as collection.
  *
  * @return \Illuminate\Database\Eloquent\Collection
  */
 public function getPermissions()
 {
     if (!$this->permissions) {
         $rolePermissions = $this->rolePermissions()->get();
         $userPermissions = $this->userPermissions()->get();
         $deniedPermissions = new Collection();
         foreach ($userPermissions as $key => $permission) {
             if (!$permission->pivot->granted && $rolePermissions->contains($permission)) {
                 $deniedPermissions->push($permission);
             }
         }
         $permissions = $rolePermissions->merge($userPermissions);
         $this->permissions = $permissions->filter(function ($permission) use($deniedPermissions) {
             return !$deniedPermissions->contains($permission);
         });
     }
     return $this->permissions;
 }
 /**
  * Check if token is available
  *
  * @param string $tokenName
  *
  * @return bool
  */
 public function __isset($tokenName)
 {
     return (bool) $this->tokens->contains($tokenName);
 }
Example #5
0
 public function permissions()
 {
     $permissions = new Collection();
     foreach ($this->roles as $role) {
         foreach ($role->permissions as $permission) {
             if (!$permissions->contains('id', $permission->id)) {
                 $permissions->add($permission);
             }
         }
     }
     return $permissions;
 }