public function testResolveUserGroupAndUser() { $this->assertTrue($this->role->exists); $this->assertTrue($this->user->exists); $this->assertTrue($this->group->exists); $this->assertTrue($this->permissionFirst->exists); $this->assertTrue($this->permissionSecond->exists); $this->groupRepository->addPermission($this->group, $this->permissionFirst); $this->roleRepository->addPermission($this->role, $this->permissionSecond); $this->groupRepository->addRole($this->group, $this->role); $this->userRepository->setGroup($this->user, $this->group); $this->userRepository->addPermission($this->user, $this->permissionFirst); $this->resolver->setGroup($this->user->group); $this->resolver->setRoles($this->user->roles); $this->resolver->setPermissions($this->user->permissions); $permissions = $this->resolver->resolve(); $this->assertEquals(2, $permissions->count()); $this->assertTrue($permissions->get($this->permissionFirst->getAction()), json_encode($permissions)); $this->assertTrue($permissions->get($this->permissionSecond->getAction()), json_encode($permissions)); }
/** * Store a newly created resource in storage. * * @return Response * * @apiVersion 1.0.0 * @api {get} /:id/permissions Get User permissions * @apiGroup Users * @apiUse getPermissions * @apiUse userParams * @apiUse ApiOAuth */ public function permissions($id) { $this->addUserCriteria(); /** @var \App\User $user */ $user = $this->repository->find($id); $permissionResolver = new PermissionResolver(); // super admin has all permissions if (!$user->isSuperAdmin()) { $id = intval(Authorizer::getResourceOwnerId()); // if not admin we can only check own permissions if ($id !== $user->id) { return response()->json([], 401); } if ($user->group !== null) { $permissionResolver->setGroup($user->group); } $permissionResolver->setPermissions($user->permissions); $permissionResolver->setRoles($user->roles); } else { $permissionResolver->setPermissions($this->permissionRepository->all()); } // resolve permissions $permissions = $permissionResolver->resolve(); // keep only granted permission name $permissions = array_keys(array_filter($permissions->toArray())); // fetch permission objects in DB return response()->json($this->permissionRepository->getPermissionsByStringRepresentation($permissions), 200); }
/** * @param GrantableInterface $grantable */ public function initialize(GrantableInterface $grantable) { $this->resolver->setPermissions($grantable->permissions); $this->permissions = $this->resolver->resolve(); }