Esempio n. 1
0
 public function testPermissionUserNotAdmin()
 {
     // Create user is not admin
     $user = factory(App\User::class)->create();
     $login = Auth::login($user);
     // Create role
     $creator = new Role();
     $creator->name = 'creator';
     $creator->save();
     // Create permission
     $createPost = new Permission();
     $createPost->name = 'create-post';
     $createPost->display_name = 'Create Posts';
     $createPost->description = 'create new blog posts';
     $createPost->save();
     // Attach creator role for user
     $user->attachRole($creator);
     // Attach createPost for creator role
     $creator->attachPermission($createPost);
     $controller = new Controller();
     // Check user hasn't permission
     $hasPermission = $controller->checkPermission('edit-profile');
     $this->assertEquals(false, $hasPermission);
     // Check user has permission
     $hasPermission = $controller->checkPermission('create-post');
     $this->assertEquals(true, $hasPermission);
 }
 public function registerValidators()
 {
     Validator::extend('rolePermission', function ($attribute, $array) {
         $flag = true;
         if (is_array($array)) {
             foreach ($array as $value) {
                 if ($attribute == "roles") {
                     if ($value == '@') {
                         continue;
                     }
                     $check = Role::where('name', $value);
                 } else {
                     $check = Permission::where('name', $value);
                 }
                 if (!$check->count()) {
                     $flag = false;
                     break;
                 }
             }
         } else {
             $flag = false;
         }
         return $flag;
     }, 'Roles or permissions are invalid.');
 }
Esempio n. 3
0
 public function testUserHavePermission()
 {
     // create role creator
     $creator = new Role();
     $creator->name = 'creator';
     $creator->save();
     // create permission
     $createPost = new Permission();
     $createPost->name = 'create-post';
     $createPost->save();
     $creator->attachPermission($createPost);
     $user = factory(App\User::class)->create();
     $user->attachRole($creator);
     Auth::login($user);
     $res = $this->call('POST', '/posts');
     $this->assertEquals(200, $res->getStatusCode());
 }
 public function testRouteRequirePermissionUserHavePermission()
 {
     RoutePermission::setRoutePermissions('POST /blog/{id}', ['create-blog']);
     // create role creator
     $creator = new Role();
     $creator->name = 'creator';
     $creator->save();
     // create permission
     $createPost = new Permission();
     $createPost->name = 'create-blog';
     $createPost->save();
     $creator->attachPermission($createPost);
     $user = factory(App\User::class)->create(['password' => bcrypt('123456')]);
     $user->attachRole($creator);
     $credentials = ['email' => $user->email, 'password' => '123456'];
     $token = JWTAuth::attempt($credentials);
     $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]);
     $this->assertEquals(200, $res->getStatusCode());
 }
Esempio n. 5
0
 /**
  * Browse items
  * 
  * @param  array  $options
  * @return array
  */
 public static function browse($options = [])
 {
     $find = new Permission();
     $fillable = $find->fillable;
     $total = $find->count();
     if (!empty($options['order'])) {
         foreach ($options['order'] as $field => $direction) {
             if (in_array($field, $fillable)) {
                 $find = $find->orderBy($field, $direction);
             }
             $find = $find->orderBy('id', 'DESC');
         }
     }
     if (!empty($options['offset'])) {
         $find = $find->skip($options['offset']);
     }
     if (!empty($options['limit'])) {
         $find = $find->take($options['limit']);
     }
     return ['total' => $total, 'offset' => empty($options['offset']) ? 0 : $options['offset'], 'limit' => empty($options['limit']) ? 0 : $options['limit'], 'data' => $find->get()];
 }
 /**
  * index
  * @return json
  */
 public function index(Request $request)
 {
     $permissions = Permission::browse(['order' => [Input::get('sort', 'id') => Input::get('direction', 'desc')], 'limit' => $limit = (int) Input::get('limit', 25), 'offset' => (Input::get('page', 1) - 1) * $limit, 'filters' => $request->all()]);
     return response()->json(arrayView('phpsoft.users::permission/browse', ['permissions' => $permissions]), 200);
 }
 public function testBrowseWithOrderRightParams()
 {
     $permissions = [];
     for ($i = 0; $i < 10; ++$i) {
         $permissions[] = factory(Permission::class)->create(['name' => 'Name ' . $i, 'display_name' => 'Display name ' . $i]);
     }
     $permissionsID = Permission::select('*')->orderBy('id', 'desc')->get();
     $permissionsDisplayName = Permission::select('*')->orderBy('display_name', 'desc')->get();
     $permissionsName = Permission::select('*')->orderBy('name', 'desc')->get();
     // check order permissions with full input
     $res = $this->call('GET', '/permissions?sort=name&direction=desc');
     $this->assertEquals(200, $res->getStatusCode());
     $results = json_decode($res->getContent());
     for ($i = 0; $i < count($permissionsName); ++$i) {
         $this->assertEquals($permissionsName[$i]->id, $results->entities[$i]->id);
     }
     $res = $this->call('GET', '/permissions?sort=name&direction=asc');
     $this->assertEquals(200, $res->getStatusCode());
     $results = json_decode($res->getContent());
     for ($i = 0; $i < count($permissionsName); ++$i) {
         $this->assertEquals($permissionsName[9 - $i]->id, $results->entities[$i]->id);
     }
     // check order permission with other fields
     $res = $this->call('GET', '/permissions?sort=display_name');
     $this->assertEquals(200, $res->getStatusCode());
     $results = json_decode($res->getContent());
     for ($i = 0; $i < count($permissionsDisplayName); ++$i) {
         $this->assertEquals($permissionsDisplayName[$i]->id, $results->entities[$i]->id);
     }
     // check order permissions with equals value of order field, permission is sorted follow id field with desc
     $permissions = [];
     for ($i = 0; $i < 10; ++$i) {
         if (in_array($i, [2, 4, 6])) {
             $permissions[] = factory(Permission::class)->create(['display_name' => 'A']);
         }
         $permissions[] = factory(Permission::class)->create();
     }
     $permissions1 = Permission::where('display_name', '=', 'A')->orderBy('id', 'desc')->get();
     $permissions2 = Permission::where('display_name', '<>', 'A')->orderBy('order', 'asc')->get();
     $permissions = array_merge((array) $permissions1, (array) $permissions2);
     $res = $this->call('GET', '/permissions?sort=display_name&direction=asc');
     $this->assertEquals(200, $res->getStatusCode());
     $results = json_decode($res->getContent());
     for ($i = 1; $i < count($permissions); ++$i) {
         $this->assertEquals($permissions[$i]->id, $results->entities[$i]->id);
     }
 }