public function show($id) { if (Auth::user()->can('read-role')) { $data['role'] = Role::find($id); $data['title'] = "Role \"" . $data['role']->display_name . "\""; $data['menu_actions'] = [Form::editItem(route('roles.edit', $id), 'Edit This Role', Auth::user()->can('update-role'))]; $permissions = Permission::get(); $permissions_in_role = Permission::whereHas('roles', function ($q) use($id) { $q->where('roles.id', $id); })->get(); $counter = 0; foreach ($permissions as $permission) { $is_in_role = false; foreach ($permissions_in_role as $permission_in_role) { if ($permission->id == $permission_in_role->id) { $is_in_role = true; } } $data['permissions'][$counter] = $permission; $data['permissions'][$counter]['is_in_role'] = $is_in_role; $counter++; } return view('roles/show', $data); } else { return redirect()->back()->withErrors(['Access denied to roles show page']); } }
private function manageableRolesForUser() { $roles = $this->roleResultToList(Role::with('perms')->get()); if (Entrust::can(PermissionNames::ManageGlobalPermissions())) { return $roles; } //Filter out global permissions $roles = array_filter($roles, function ($r) { $globalPerms = PermissionNames::AllGlobalPermissions(); foreach ($r->perms as $p) { if (in_array($p->name, $globalPerms)) { return false; } } return true; }); $confPermNamePart = PermissionNames::normalizePermissionName(PermissionNames::ConferencePermissionManagement(1)); $evtPermNamePart = PermissionNames::normalizePermissionName(PermissionNames::EventPermissionManagement(1)); //Get the permissions this user has which are permissions management //permissions $currentPermManagement = Permission::whereHas("roles", function ($query) { $query->whereHas("users", function ($query) { //on Account table $query->where("id", Auth::user()->id); }); })->where(function ($query) use($confPermNamePart, $evtPermNamePart) { $query->where('name', 'like', $confPermNamePart . '%'); $query->orWhere('name', 'like', $evtPermNamePart . '%'); })->get(); $conferences = []; $events = []; foreach ($currentPermManagement as $perm) { if (PermissionNames::isConferencePermission($perm->name)) { $conferences[] = PermissionNames::extractPermissionData($perm->name)->idPart; } else { $events[] = PermissionNames::extractPermissionData($perm->name)->idPart; } } $ownedEvents = Event::whereIn('conferenceID', $conferences)->select('id')->get(); $ownedEvents = array_map(function ($e) { return $e['id']; }, $ownedEvents->toArray()); $events = array_merge($events, $ownedEvents); //Filter out permissions not associated with the conferences/events //this user can control. $roles = array_filter($roles, function ($r) use($events, $conferences) { foreach ($r->perms as $p) { if (PermissionNames::isConferencePermission($p->name)) { $confId = PermissionNames::extractPermissionData($p->name)->idPart; if (!in_array($confId, $conferences)) { return false; } } else { if (PermissionNames::isEventPermission($p->name)) { $evtId = PermissionNames::extractPermissionData($p->name)->idPart; if (!in_array($evtId, $events)) { return false; } } } return true; } }); return $roles; }
private function buildPermissionsJson() { $permissions = []; $this->checkPermission(PermissionNames::CreateConference(), $permissions); $this->checkPermission(PermissionNames::ManageGlobalPermissions(), $permissions); $this->checkPermission(PermissionNames::ApproveUserRegistration(), $permissions); $this->checkPermission(PermissionNames::ViewSiteStatistics(), $permissions); if (!is_null(Auth::user())) { $pnames = Permission::whereHas("roles", function ($query) { $query->whereHas("users", function ($query) { $query->where("id", Auth::user()->id); }); })->select("name")->get()->toArray(); $pnames = array_map(function ($p) { return $p['name']; }, $pnames); $lookFor = PermissionNames::permissionManagementPermissionBases(); foreach ($pnames as $permName) { $normal = PermissionNames::normalizePermissionName($permName); if (in_array($normal, $lookFor)) { $permissions[] = "manage-some-permissions"; break; } } } return $permissions; }