public function testAllowGuestPermission() { // Post permission tree NodePermission::model()->tree('[{"id":2, "name":"2"},{"id":3, "name":"3","children":[{"id":4, "name":"4","children":[{"id":5, "name":"5"},{"id":6, "name":"6"}]}]},{"id":7, "name":"7"}]'); // add routes to permission PermissionRoute::setRoutePermissionsRoles(2, '/password', 'PATCH'); PermissionRoute::setRoutePermissionsRoles(2, '/blog/{id}', 'POST'); $guestRoleId = Role::where('name', 'guest')->lists('id'); // set a permisson PermissionRole::create(['permission_id' => 2, 'role_id' => $guestRoleId[0], 'status' => 1]); $res = $this->call('POST', '/blog/1'); $this->assertEquals(200, $res->getStatusCode()); }
public function testBrowseWithOrderRightParams() { $this->withoutMiddleware(); $roles = []; for ($i = 0; $i < 10; ++$i) { $roles[] = factory(Role::class)->create(['name' => 'admin ' . $i, 'display_name' => 'Administrator ' . $i]); } $rolesID = Role::select('*')->orderBy('id', 'desc')->get(); // add ->where('name', '<>', 'guest') if not get guest $rolesDisplayName = Role::select('*')->orderBy('display_name', 'asc')->get(); // add ->where('name', '<>', 'guest') if not get guest $rolesName = Role::select('*')->orderBy('name', 'desc')->get(); // add ->where('name', '<>', 'guest') if not get guest // check order roles with full input $res = $this->call('GET', '/roles?sort=name&direction=desc'); $this->assertEquals(200, $res->getStatusCode()); $results = json_decode($res->getContent()); for ($i = 0; $i < count($rolesName); ++$i) { $this->assertEquals($rolesName[$i]->id, $results->entities[$i]->id); } $res = $this->call('GET', '/roles?sort=display_name&direction=asc'); $this->assertEquals(200, $res->getStatusCode()); $results = json_decode($res->getContent()); for ($i = 0; $i < count($results->entities); ++$i) { $this->assertEquals($rolesDisplayName[$i]->id, $results->entities[$i]->id); } // check order roles with equals value of order field, roles is sorted follow id field with desc $roles = []; for ($i = 0; $i < 10; ++$i) { if (in_array($i, [2, 4, 6])) { $roles[] = factory(Role::class)->create(['display_name' => 'Administrator']); } $roles[] = factory(Role::class)->create(); } $roles1 = Role::where('display_name', '=', 'Administrator')->orderBy('id', 'desc')->get(); $roles2 = Role::where('display_name', '<>', 'Administrator')->orderBy('order', 'asc')->get(); $roles = array_merge((array) $roles1, (array) $roles2); $res = $this->call('GET', '/roles?sort=display_name&direction=asc'); $this->assertEquals(200, $res->getStatusCode()); $results = json_decode($res->getContent()); for ($i = 1; $i < count($roles); ++$i) { $this->assertEquals($roles[$i]->id, $results->entities[$i]->id); } }
public function assignRole($id, Request $request) { $user = AppUser::find($id); if (!$user) { return response()->json(null, 404); } $roleIdOrName = $request->roleIdOrName; $field = is_numeric($roleIdOrName) ? 'id' : 'name'; $role = Role::where($field, $roleIdOrName)->first(); if (!$role) { return response()->json(arrayView('gcl.gclusers::errors/validation', ['errors' => ['Role does not exist.']]), 400); } $hasRole = $user->hasRole($role->name); if ($hasRole) { return response()->json(null, 204); } $user->attachRole($role); return response()->json(null, 204); }
/** * Check guest roles have a permission * * @param $route * @return boolean */ public static function isAllowGuest(array $route = []) { // Get param $route_method = $route['route_method']; $route_name = $route['route_name']; // Get roles $guestRole = Role::where('name', 'guest')->lists('id'); if (!$guestRole->count()) { return false; } // Get permission $permissions = parent::where(['route_method' => $route_method, 'route_name' => $route_name])->lists('permission_id')->toArray(); if (empty($permissions)) { return false; } // Get permission status $rolePerm = PermissionRole::whereIn('role_id', $guestRole)->whereIn('permission_id', $permissions)->get(); if (!$rolePerm->count()) { return false; } foreach ($rolePerm as $perm) { if ($perm->status == 1) { return true; } } return false; }