public function run() { DB::table('cms_role_permissions')->delete(); $create_permission = Permission::where('alias', 'create')->first(); $read_permission = Permission::where('alias', 'read')->first(); $update_permission = Permission::where('alias', 'update')->first(); $delete_permission = Permission::where('alias', 'delete')->first(); $publish_permission = Permission::where('alias', 'publish')->first(); // define permissions for each of the roles $admin_role = Role::where('alias', 'admin')->first(); $manager_role = Role::where('alias', 'manager')->first(); $editor_role = Role::where('alias', 'editor')->first(); $admin_role->permissions()->attach([$create_permission->id, $read_permission->id, $update_permission->id, $delete_permission->id, $publish_permission->id]); $manager_role->permissions()->attach([$read_permission->id]); $editor_role->permissions()->attach([$create_permission->id, $read_permission->id, $update_permission->id, $delete_permission->id]); }
/** * Grant a role for an AuthorableInterface over a resource. * * @todo Improve to accept authorization for multiple resources. * * @param string $role_alias The role to grant * @param Agency\Cms\Authority\Contracts\PrivilegableInterface $resource * @return Agency\Cms\Authority\Entities\Privilege */ public function grant($role_alias, PrivilegableInterface $resource) { // find role by alias $role = Role::where('alias', $role_alias)->first(); if (!$role) { throw new Exceptions\RoleNotFoundException($role_alias); } $role_id = $role->id; $admin_id = $this->authorable->identifier(); // try finding privilege on that resource $privilege_found = Privilege::where('admin_id', $admin_id)->where('resource_id', $resource->identifier())->where('resource_type', get_class($resource))->first(); if ($privilege_found) { // the privilege exists already, update it $privilege_found->fill(compact('admin_id', 'role_id')); $privilege_found->save(); return $privilege_found; } return $resource->privileges()->create(['admin_id' => $admin_id, 'role_id' => $role->id]); }