/**
* Grant a role for an AuthorableInterface over a resource.
*
* @todo Improve to accept authorization for multiple resources.
*
* @param string $role_alias The role to grant
* @param mixed $resource You can send out anything that represents a resource, or the resource itself.
* @return Agency\Cms\Auth\Authorization\Entities\Privilege
*/
public function grant($role_alias, $resources, $for_artists = null)
{
// Check the validity of the claimed role
$role = Role::where('alias', $role_alias)->where('for_artists', $for_artists)->first();
if (!$role) {
throw new Exceptions\RoleNotFoundException($role_alias);
}
// In case the passed resources is not an iterable type we make it an array
// so that we work with them in one way, not much of an overhead here anyway...
if (!is_array($resources) && !$resources instanceof Collection) {
$resources = [$resources];
}
return $this->createAndUpdate($role, $resources, $for_artists);
}
public function run()
{
// Create permissions so that we relate them while creating the roles.
$create = Permission::create(['title' => 'Create Content', 'alias' => 'create']);
$read = Permission::create(['title' => 'Read Content', 'alias' => 'read']);
$update = Permission::create(['title' => 'Update Content', 'alias' => 'update']);
$delete = Permission::create(['title' => 'Delete Content', 'alias' => 'delete']);
$publish = Permission::create(['title' => 'Publish Content', 'alias' => 'publish']);
$admin = Role::createWith(['title' => 'Admin', 'alias' => 'admin'], ['permissions' => [$create, $read, $update, $delete, $publish]]);
$manager = Role::createWith(['title' => 'Content Manager', 'alias' => 'content-manager'], ['permissions' => [$create, $read, $update, $delete, $publish]]);
$editor = Role::createWith(['title' => 'Content Editor', 'alias' => 'content-editor'], ['permissions' => [$create, $read, $update, $delete]]);
$publisher = Role::createWith(['title' => 'Content Publisher', 'alias' => 'content-publisher'], ['permissions' => [$read, $publish]]);
$artist_admin = Role::createWith(['title' => 'Admin', 'alias' => 'admin', 'for_artists' => true], ['permissions' => [$create, $read, $update, $delete, $publish]]);
$artist_manager = Role::createWith(['title' => 'Content Manager', 'alias' => 'manager', 'for_artists' => true], ['permissions' => [$create, $read, $update, $delete, $publish]]);
$artist_editor = Role::createWith(['title' => 'Content Editor', 'alias' => 'editor', 'for_artists' => true], ['permissions' => [$create, $read, $update, $delete]]);
$artist_published = Role::createWith(['title' => 'Content Published', 'alias' => 'published', 'for_artists' => true], ['permissions' => [$read, $publish]]);
}
public function allWithArtistsPermissions()
{
return $this->role->with('permissions')->where('for_artists', true)->get();
}
