public function transform(Menu $data)
{
$return = [];
$permission = \App\Api\Model\Permission::all();
foreach ($permission as $key => $value) {
$name = $value->name . 'ed';
$return[$value->name] = $data->{$name};
}
return ['id' => (int) $data->id, 'name' => $data->name, 'id_parent' => $data->id_parent, 'url' => $data->url, 'icon' => $data->icon] + $return;
}
/**
* get his permission
*/
public function MenuPermission($id_role)
{
$this->id_role = $id_role;
$data = new \App\Api\Model\Menu();
$permission = \App\Api\Model\Permission::all();
foreach ($permission as $key => $value) {
$this->value = $value;
$data = $data->leftJoin('role_permissions as ' . $value->name, function ($join) {
$join->on(DB::raw($this->value->name . '.id_menu'), '=', 'menus.id')->where(DB::raw($this->value->name . '.id_role'), '=', $this->id_role)->where(DB::raw($this->value->name . '.id_permission'), '=', $this->value->id);
})->addSelect(DB::raw($value->name . '.id as ' . $value->name . 'ed'));
}
return $data->addSelect('menus.id', 'menus.name', 'menus.id_parent', 'menus.url')->orderBy('menus.id_parent')->orderBy('menus.order')->get();
}
/**
* get his permission
*/
public function MenuRolePermission()
{
$user = JWTAuth::parseToken()->authenticate();
$this->id_role = $user->id_role;
$data = new \App\Api\Model\Menu();
$permission = \App\Api\Model\Permission::all();
foreach ($permission as $key => $value) {
$this->value = $value;
$data = $data->leftJoin('role_permissions as ' . $value->name, function ($join) {
$join->on(DB::raw($this->value->name . '.id_menu'), '=', 'menus.id')->where(DB::raw($this->value->name . '.id_role'), '=', $this->id_role)->where(DB::raw($this->value->name . '.id_permission'), '=', $this->value->id);
})->addSelect(DB::raw($value->name . '.id as ' . $value->name . 'ed'));
}
return $data->addSelect('menus.id', 'menus.name', 'menus.id_parent', 'menus.url', 'menus.icon', 'menus.order')->where('view.id', '>', '0')->orderBy('menus.id_parent')->orderBy('menus.order');
}
/**
* this method to verify permission api
* @param stirng $method [description]
* @param stirng $permission [description]
*/
public function authorize($permission)
{
if (empty($this->tempStorage->get('id_company'))) {
$this->invalidateToken();
throw $this->response->error('Un Authorized, Please Re-Login', 401);
}
$user = JWTAuth::parseToken()->authenticate();
$permission = Permission::where('name', $permission)->select('id')->first();
if (count($permission) == 0) {
throw $this->response->error('No Permission', 404);
}
//set dynamic url or static url controller
if (empty($this->url)) {
$arrUrl = explode('/', Input::path());
array_shift($arrUrl);
$url = '/' . $arrUrl['0'] . '/' . $arrUrl['1'];
$menu = Menu::where('url', $url)->select('id')->first();
if (count($menu) == 0) {
throw $this->response->error('No Menu ' . $url, 404);
}
$rolePermission = RolePermission::where('id_role', $user->id_role)->where('id_permission', $permission->id)->where('id_menu', $menu->id)->get();
if (count($rolePermission) == 0) {
throw $this->response->error('Unauthorized action page', 404);
}
} else {
$url = $this->url;
$menu = Menu::where('url', $url)->select('id')->first();
if (count($menu) == 0) {
throw $this->response->error('No Menu ' . $url, 404);
}
}
}
