public function run()
{
DB::table('cms_role_permissions')->delete();
$create_permission = Permission::where('alias', 'create')->first();
$read_permission = Permission::where('alias', 'read')->first();
$update_permission = Permission::where('alias', 'update')->first();
$delete_permission = Permission::where('alias', 'delete')->first();
$publish_permission = Permission::where('alias', 'publish')->first();
// define permissions for each of the roles
$admin_role = Role::where('alias', 'admin')->first();
$manager_role = Role::where('alias', 'manager')->first();
$editor_role = Role::where('alias', 'editor')->first();
$admin_role->permissions()->attach([$create_permission->id, $read_permission->id, $update_permission->id, $delete_permission->id, $publish_permission->id]);
$manager_role->permissions()->attach([$read_permission->id]);
$editor_role->permissions()->attach([$create_permission->id, $read_permission->id, $update_permission->id, $delete_permission->id]);
}
/**
* Grant a role for an AuthorableInterface over a resource.
*
* @todo Improve to accept authorization for multiple resources.
*
* @param string $role_alias The role to grant
* @param Agency\Cms\Authority\Contracts\PrivilegableInterface $resource
* @return Agency\Cms\Authority\Entities\Privilege
*/
public function grant($role_alias, PrivilegableInterface $resource)
{
// find role by alias
$role = Role::where('alias', $role_alias)->first();
if (!$role) {
throw new Exceptions\RoleNotFoundException($role_alias);
}
$role_id = $role->id;
$admin_id = $this->authorable->identifier();
// try finding privilege on that resource
$privilege_found = Privilege::where('admin_id', $admin_id)->where('resource_id', $resource->identifier())->where('resource_type', get_class($resource))->first();
if ($privilege_found) {
// the privilege exists already, update it
$privilege_found->fill(compact('admin_id', 'role_id'));
$privilege_found->save();
return $privilege_found;
}
return $resource->privileges()->create(['admin_id' => $admin_id, 'role_id' => $role->id]);
}
