public function transform(Menu $data) { $return = []; $permission = \App\Api\Model\Permission::all(); foreach ($permission as $key => $value) { $name = $value->name . 'ed'; $return[$value->name] = $data->{$name}; } return ['id' => (int) $data->id, 'name' => $data->name, 'id_parent' => $data->id_parent, 'url' => $data->url, 'icon' => $data->icon] + $return; }
/** * get his permission */ public function MenuPermission($id_role) { $this->id_role = $id_role; $data = new \App\Api\Model\Menu(); $permission = \App\Api\Model\Permission::all(); foreach ($permission as $key => $value) { $this->value = $value; $data = $data->leftJoin('role_permissions as ' . $value->name, function ($join) { $join->on(DB::raw($this->value->name . '.id_menu'), '=', 'menus.id')->where(DB::raw($this->value->name . '.id_role'), '=', $this->id_role)->where(DB::raw($this->value->name . '.id_permission'), '=', $this->value->id); })->addSelect(DB::raw($value->name . '.id as ' . $value->name . 'ed')); } return $data->addSelect('menus.id', 'menus.name', 'menus.id_parent', 'menus.url')->orderBy('menus.id_parent')->orderBy('menus.order')->get(); }
/** * get his permission */ public function MenuRolePermission() { $user = JWTAuth::parseToken()->authenticate(); $this->id_role = $user->id_role; $data = new \App\Api\Model\Menu(); $permission = \App\Api\Model\Permission::all(); foreach ($permission as $key => $value) { $this->value = $value; $data = $data->leftJoin('role_permissions as ' . $value->name, function ($join) { $join->on(DB::raw($this->value->name . '.id_menu'), '=', 'menus.id')->where(DB::raw($this->value->name . '.id_role'), '=', $this->id_role)->where(DB::raw($this->value->name . '.id_permission'), '=', $this->value->id); })->addSelect(DB::raw($value->name . '.id as ' . $value->name . 'ed')); } return $data->addSelect('menus.id', 'menus.name', 'menus.id_parent', 'menus.url', 'menus.icon', 'menus.order')->where('view.id', '>', '0')->orderBy('menus.id_parent')->orderBy('menus.order'); }
/** * this method to verify permission api * @param stirng $method [description] * @param stirng $permission [description] */ public function authorize($permission) { if (empty($this->tempStorage->get('id_company'))) { $this->invalidateToken(); throw $this->response->error('Un Authorized, Please Re-Login', 401); } $user = JWTAuth::parseToken()->authenticate(); $permission = Permission::where('name', $permission)->select('id')->first(); if (count($permission) == 0) { throw $this->response->error('No Permission', 404); } //set dynamic url or static url controller if (empty($this->url)) { $arrUrl = explode('/', Input::path()); array_shift($arrUrl); $url = '/' . $arrUrl['0'] . '/' . $arrUrl['1']; $menu = Menu::where('url', $url)->select('id')->first(); if (count($menu) == 0) { throw $this->response->error('No Menu ' . $url, 404); } $rolePermission = RolePermission::where('id_role', $user->id_role)->where('id_permission', $permission->id)->where('id_menu', $menu->id)->get(); if (count($rolePermission) == 0) { throw $this->response->error('Unauthorized action page', 404); } } else { $url = $this->url; $menu = Menu::where('url', $url)->select('id')->first(); if (count($menu) == 0) { throw $this->response->error('No Menu ' . $url, 404); } } }