public static function updateRolePermissions(AclRole $role) { $group_resources = GroupResources::getGroupResources(); $perm_ids = []; /* @var $perm \Volicon\Acl\AclPermission */ foreach ($role->permissions as $key => $perm) { $permission_id = $group_resources->search($perm->resource); $perm_ids[] = $permission_id; $role->permissions[$key]->permission_id = $permission_id; if ($permission_id === FALSE) { throw new \Exception('Resource not exists: ' . $perm->resource); } } $db_role_perm = RolePermission::where('role_id', '=', $role->role_id)->get()->keyBy('permission_id'); $db_perm_ids = $db_role_perm->lists('permission_id'); $perm_to_delete = array_diff($db_perm_ids, $perm_ids); $perm_to_add = array_diff($perm_ids, $db_perm_ids); if ($perm_to_delete) { RolePermission::where('role_id', '=', $role->role_id)->whereIn('permission_id', $perm_to_delete)->delete(); } foreach ($role->permissions as $perm) { if (in_array($perm->permission_id, $perm_to_add)) { RolePermission::create(['role_id' => $role->role_id, 'permission_id' => $perm->permission_id, 'values' => json_encode($perm->values), 'allowed' => $perm->allowed]); } else { RolePermission::where('role_id', '=', $role->role_id)->where('permission_id', '=', $perm->permission_id)->update(['values' => json_encode($perm->values), 'allowed' => $perm->allowed]); } } }
public function getRoles(array $roleIds = [], $resources = []) { $roles = Role::getRoles($roleIds, [$this->role_type], false); $group_resources = GroupResources::getGroupResources(); $permissions = new Collection(); foreach ($group_resources as $resource) { $permissions[] = $this->getPermission($resource); } foreach ($roles as &$role) { $role->permissions = $permissions; } return $roles; }
public static function getRoles(array $roleIds = [], $types = [], $resources = []) { if (self::$use_cache) { $roles = Cache::rememberForever(self::$cache_key, function () { $roles = static::with('users', 'permissions')->get(); $result = new Collection(); foreach ($roles as $role) { $result[] = new AclRole($role); } $cache_prefix = Config::get('acl::cache_key', '_volicon_acl_'); Cache::forever($cache_prefix . '_last_role_update', new MicrotimeDate()); return $result; }); /* @var $roles \Illuminate\Support\Collection */ $need_filter = count($roles) || count($types) || count($resources); $roles = !$need_filter ? $roles : $roles->filter(function ($role) use($roleIds, $types, $resources) { return !($roleIds && !in_array($role->role_id, $roleIds) || $types && !in_array($role->type, $types) || $resources && !array_intersect($role->permissions->lists('resource'), $resources)); }); return $roles; } $roles = static::with('users'); $roles->with(['permissions' => function ($query) use($resources) { if (!$resources) { return; } $groupResources = GroupResources::getGroupResources(); $resourcesIds = []; foreach ($resources as $resource) { $resourcesIds[] = $groupResources->search($resource); } $query->whereIn('permission_id', $resourcesIds); }]); if ($types) { $roles->whereIn('type', $types); } if ($roleIds) { $roles->whereIn('role_id', $roleIds); } $result = new Collection(); foreach ($roles->get() as $role) { $result[] = new AclRole($role); } return $result; }
public function __construct($resource, $values = [], $allowed = null) { $data = []; $default_permission = Config::get("acl::config.default_permission"); if (is_array($resource)) { $resource = (object) $resource; } if (is_object($resource)) { /* @var $resource AclPermission */ if (!(isset($resource->resource) || isset($resource->permission_id))) { throw new InvalidArgumentException('permission must include resource'); } if (!isset($resource->resource)) { $group_resources = GroupResources::getGroupResources(); if (!isset($group_resources[$resource->permission_id])) { throw new InvalidArgumentException('permission id do not have resource: ' . $resource->permission_id); } $data['resource'] = $group_resources[$resource->permission_id]; } else { $data['resource'] = $resource->resource; } if (isset($resource->values)) { if (is_array($resource->values)) { $data['values'] = $resource->values; } else { if (is_string($resource->values)) { $data['values'] = json_decode($resource->values); } } } $data['allowed'] = !isset($resource->allowed) || is_null($resource->allowed) ? $default_permission : (bool) $resource->allowed; } else { $data['resource'] = $resource; $data['values'] = $values; $data['allowed'] = is_null($allowed) || !is_bool($allowed) ? $default_permission : $allowed; } parent::__construct($data); }