/** * Create permission route action * * @param Request $request * @return Response */ public function store(Request $request, $id = null) { // validate $validator = Validator::make($request->all(), ['route_name' => 'required|max:255|string', 'route_method' => 'required|max:255|string']); if ($validator->fails()) { return response()->json(arrayView('gcl.gclusers::errors/validation', ['errors' => $validator->errors()]), 400); } if (!NodePermission::find($id)) { return response()->json(null, 404); } // add permissions and roles for the route $routePermission = PermissionRoute::setRoutePermissionsRoles($id, $request['route_name'], $request['route_method']); return response()->json(arrayView('gcl.gclusers::routePermission/read', ['routePermission' => $routePermission]), 201); }
public function testHasManyPermission() { // assign new roles with name $modify = factory(Role::class)->create(['name' => 'modify', 'active' => 1]); $editor = factory(Role::class)->create(['name' => 'editor', 'active' => 1]); $user = factory(App\User::class)->create(['password' => bcrypt('123456')]); $credentials = ['email' => $user->email, 'password' => '123456']; $token = JWTAuth::attempt($credentials); // add roles to user $user->attachRole($modify); $user->attachRole($editor); // Post permission tree NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"3","children":[{"id":4, "name":"4","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]'); // add route to permission PermissionRoute::setRoutePermissionsRoles(2, '/password', 'PATCH'); PermissionRoute::setRoutePermissionsRoles(2, '/blog/{id}', 'POST'); // set permissons PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]); PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(403, $res->getStatusCode()); // set permissons PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 1]); PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 0]); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(200, $res->getStatusCode()); // set permissons PermissionRole::create(['permission_id' => 2, 'role_id' => $modify->id, 'status' => 0]); PermissionRole::create(['permission_id' => 2, 'role_id' => $editor->id, 'status' => 1]); $res = $this->call('POST', '/blog/1', [], [], [], ['HTTP_Authorization' => "Bearer {$token}"]); $this->assertEquals(200, $res->getStatusCode()); }