/** * Run the database seeds. * * @return void */ public function run() { DB::table('roles')->delete(); /** * Role Attributes * * name: Unique name for the permission, used for looking up permission information in the * application layer. For example: "create-post", "edit-user", "post-payment", "mailing-list-subscribe". * * display_name: Human readable name for the permission. Not necessarily unique, and is optional. * For example "Create Posts", "Edit Users", "Post Payments", "Subscribe to mailing list". * * description: A more detailed explanation of the Role. This is also optional. * * permissions: A list of permission names to assign to the user. Optional. */ $roles = array(array('name' => 'owner', 'display_name' => 'Owner', 'description' => 'Owner of the management system. Has access to all aspects of the system.', 'permissions' => PermissionNames::AllGlobalPermissions())); foreach ($roles as $r) { $entry = new Role(); $entry->name = $r['name']; if (array_key_exists('permissions', $r)) { $permissions = $r['permissions']; unset($r['permissions']); } if (array_key_exists('display_name', $r)) { $entry->display_name = $r['display_name']; } if (array_key_exists('description', $r)) { $entry->description = $r['description']; } $entry->save(); if (isset($permissions)) { foreach ($permissions as $p) { $entry->attachPermission(Permission::where('name', $p)->get()->first()); } unset($permissions); } } $rolePermissions = Permission::whereIn('name', PermissionNames::AllGlobalPermissions())->get(); RoleCreate::createPermissionRoles($rolePermissions); }
/** * Remove the event given the eventID. * @param int $id * @return Response */ public function destroy($id) { if (!Entrust::hasRole(RoleNames::EventManager($id))) { return response("Permission not found", 403); } return DB::transaction(function () use($id) { $event = Event::find($id); if (is_null($event)) { return response("No event for id {$id}.", 404); } $event->delete(); Permission::whereIn('name', PermissionNames::AllEventPermissions($id))->delete(); RoleCreate::deleteEventRoles($id); return response()->json(['id' => $event->id]); }); }
/** * Deletes a conference. */ public function delete($id) { if (!Entrust::can(PermissionNames::ConferenceInfoEdit($id))) { return response("", 403); } DB::transaction(function () use($id) { $events = Event::where('conferenceID', $id)->get(); $pnames = array_merge(PermissionNames::AllConferencePermissions($id), PermissionNames::ExclusiveConferencePermissions($id)); $evtIds = []; foreach ($events as $e) { $pnames = array_merge($pnames, PermissionNames::AllEventPermissions($e->id)); echo $e; $evtIds[] = $e->id; } Permission::whereIn('name', $pnames)->delete(); RoleCreate::deleteConferenceRoles($id); RoleCreate::deleteEventRoles($evtIds); Conference::destroy($id); }); Log::info("Conference with ID {$id} deleted"); return ''; }
public function putPermissionsUpdate($id, Request $request) { $role = Role::findOrFail($id); $this->validate($request, ['permissions' => 'required|array']); // fetch an id list array of the permissions we need $permissions = Permission::whereIn('name', $request->get('permissions', []))->get(); $ids = []; foreach ($permissions as $permission) { $ids[] = $permission->id; } // sync to current role $role->permissions()->sync($ids); return response()->json(['status' => 'success', 'message' => trans('api.resource_updated', ['resource' => trans('global.role')])])->setStatusCode(200); }
/** * Reverse the migrations. * * @return void */ public function down() { Permission::whereIn('name', ['view.admin', 'update.application'])->delete(); Role::whereIn('name', ['administrator', 'manager'])->delete(); }
private static function findPermissions($permissionNames) { return Permission::whereIn("name", $permissionNames)->get(); }