Пример #1
0
 /**
  * Run the database seeds.
  *
  * @return void
  */
 public function run()
 {
     DB::table('permissions')->delete();
     /**
      * Permission Attributes
      *
      * name:    Unique name for the permission, used for looking up permission information in the
      *             application layer. For example: "create-post", "edit-user", "post-payment", "mailing-list-subscribe".
      *
      * display_name:    Human readable name for the permission. Not necessarily unique, and is optional.
      *                     For example "Create Posts", "Edit Users", "Post Payments", "Subscribe to mailing list".
      *
      * description:     A more detailed explanation of the Permission. This is also optional.
      */
     $permissions = array(self::pArray(PermissionNames::CreateConference(), "Create Conference"), self::pArray(PermissionNames::ManageGlobalPermissions(), "Manage Global Permissions"), self::pArray(PermissionNames::ApproveUserRegistration(), "Approve User Registration"), self::pArray(PermissionNames::ViewSiteStatistics(), "View Site Statistics"), self::pArray(PermissionNames::ManageAccounts(), "Manage Accounts"));
     foreach ($permissions as $p) {
         $entry = new Permission();
         $entry->name = $p['name'];
         if (array_key_exists('display_name', $p)) {
             $entry->display_name = $p['display_name'];
         }
         if (array_key_exists('description', $p)) {
             $entry->description = $p['description'];
         }
         $entry->save();
     }
 }
Пример #2
0
 public static function AllEventRoles($eventId)
 {
     return DB::transaction(function () use($eventId) {
         $permissionList = PermissionNames::AllEventPermissions($eventId);
         $permissions = self::createAllPermissions($permissionList);
         self::createPermissionRoles($permissions);
         $managerRole = self::EventManager($eventId, $permissions);
         return $managerRole;
     });
 }
Пример #3
0
 /**
  * Run the database seeds.
  *
  * @return void
  */
 public function run()
 {
     DB::table('roles')->delete();
     /**
      * Role Attributes
      *
      * name:    Unique name for the permission, used for looking up permission information in the
      *             application layer. For example: "create-post", "edit-user", "post-payment", "mailing-list-subscribe".
      *
      * display_name:    Human readable name for the permission. Not necessarily unique, and is optional.
      *                     For example "Create Posts", "Edit Users", "Post Payments", "Subscribe to mailing list".
      *
      * description:     A more detailed explanation of the Role. This is also optional.
      *
      * permissions: A list of permission names to assign to the user.  Optional.
      */
     $roles = array(array('name' => 'owner', 'display_name' => 'Owner', 'description' => 'Owner of the management system. Has access to all aspects of the system.', 'permissions' => PermissionNames::AllGlobalPermissions()));
     foreach ($roles as $r) {
         $entry = new Role();
         $entry->name = $r['name'];
         if (array_key_exists('permissions', $r)) {
             $permissions = $r['permissions'];
             unset($r['permissions']);
         }
         if (array_key_exists('display_name', $r)) {
             $entry->display_name = $r['display_name'];
         }
         if (array_key_exists('description', $r)) {
             $entry->description = $r['description'];
         }
         $entry->save();
         if (isset($permissions)) {
             foreach ($permissions as $p) {
                 $entry->attachPermission(Permission::where('name', $p)->get()->first());
             }
             unset($permissions);
         }
     }
     $rolePermissions = Permission::whereIn('name', PermissionNames::AllGlobalPermissions())->get();
     RoleCreate::createPermissionRoles($rolePermissions);
 }
Пример #4
0
 private function buildPermissionList($eventId)
 {
     $permissions = [];
     foreach (PermissionNames::AllEventPermissions($eventId) as $pname) {
         Log::debug("Checking permission {$pname} for " . Auth::user()->email);
         if (Entrust::can($pname)) {
             Log::debug("Permission enabled");
             $permissions[] = PermissionNames::normalizePermissionName($pname);
         }
     }
     return $permissions;
 }
Пример #5
0
 public function approveUser($id)
 {
     if (!Entrust::can(PermissionNames::ApproveUserRegistration())) {
         return response()->json(["message" => "cannot_approve_users"], 403);
     }
     $user = User::find($id);
     if (!isset($user)) {
         return response()->json(["message" => "user_does_not_exist", 404]);
     }
     $user->approved = 1;
     $user->save();
     //return 200 OKAY
     return "";
 }
Пример #6
0
 private function checkAddPermission($pname, &$permList)
 {
     if (Entrust::can($pname)) {
         $permList[] = PermissionNames::normalizePermissionName($pname);
     }
 }
Пример #7
0
 public function roomsInSet($confId, $setId)
 {
     if (!Entrust::can(PermissionNames::ConferenceRoomEdit($confId))) {
         return response("", 403);
     }
     $set = RoomSet::with("residence")->find($setId);
     if (is_null($set) || $set->residence->conferenceID != $confId) {
         return response()->json(["message" => "no_such_set"], 404);
     }
     return UserRoom::selectRaw('roomName, count(*) as currentUsers')->where('roomSetID', $set->id)->groupBy('roomName')->get();
 }
Пример #8
0
 public function deleteRoomSet($confId, $roomSetId)
 {
     if (!Entrust::can(PermissionNames::ConferenceRoomEdit($confId))) {
         return response("", 403);
     }
     $set = RoomSet::with("residence")->find($roomSetId);
     if (!isset($set) || $set->residence->conferenceID != $confId) {
         return response("", 404);
     }
     $set->delete();
     Log::info("Room set {$roomSetId} of conference {$confId} deleted");
 }
Пример #9
0
 private function manageableRolesForUser()
 {
     $roles = $this->roleResultToList(Role::with('perms')->get());
     if (Entrust::can(PermissionNames::ManageGlobalPermissions())) {
         return $roles;
     }
     //Filter out global permissions
     $roles = array_filter($roles, function ($r) {
         $globalPerms = PermissionNames::AllGlobalPermissions();
         foreach ($r->perms as $p) {
             if (in_array($p->name, $globalPerms)) {
                 return false;
             }
         }
         return true;
     });
     $confPermNamePart = PermissionNames::normalizePermissionName(PermissionNames::ConferencePermissionManagement(1));
     $evtPermNamePart = PermissionNames::normalizePermissionName(PermissionNames::EventPermissionManagement(1));
     //Get the permissions this user has which are permissions management
     //permissions
     $currentPermManagement = Permission::whereHas("roles", function ($query) {
         $query->whereHas("users", function ($query) {
             //on Account table
             $query->where("id", Auth::user()->id);
         });
     })->where(function ($query) use($confPermNamePart, $evtPermNamePart) {
         $query->where('name', 'like', $confPermNamePart . '%');
         $query->orWhere('name', 'like', $evtPermNamePart . '%');
     })->get();
     $conferences = [];
     $events = [];
     foreach ($currentPermManagement as $perm) {
         if (PermissionNames::isConferencePermission($perm->name)) {
             $conferences[] = PermissionNames::extractPermissionData($perm->name)->idPart;
         } else {
             $events[] = PermissionNames::extractPermissionData($perm->name)->idPart;
         }
     }
     $ownedEvents = Event::whereIn('conferenceID', $conferences)->select('id')->get();
     $ownedEvents = array_map(function ($e) {
         return $e['id'];
     }, $ownedEvents->toArray());
     $events = array_merge($events, $ownedEvents);
     //Filter out permissions not associated with the conferences/events
     //this user can control.
     $roles = array_filter($roles, function ($r) use($events, $conferences) {
         foreach ($r->perms as $p) {
             if (PermissionNames::isConferencePermission($p->name)) {
                 $confId = PermissionNames::extractPermissionData($p->name)->idPart;
                 if (!in_array($confId, $conferences)) {
                     return false;
                 }
             } else {
                 if (PermissionNames::isEventPermission($p->name)) {
                     $evtId = PermissionNames::extractPermissionData($p->name)->idPart;
                     if (!in_array($evtId, $events)) {
                         return false;
                     }
                 }
             }
             return true;
         }
     });
     return $roles;
 }
Пример #10
0
 private function isUserRegistrationApprover($conferenceID)
 {
     return Entrust::can(PermissionNames::ConferenceRegistrationApproval($conferenceID));
 }
Пример #11
0
 public function approveRequest($conferenceId, $userInventoryId)
 {
     if (!Entrust::can(PermissionNames::ConferenceInventoryEdit($conferenceId))) {
         return response()->json(['message' => 'inventory_list_edit_denied'], 403);
     }
     $item = UserInventory::with('inventory')->find($userInventoryId);
     if (!isset($item)) {
         return response()->json(['message' => 'request_not_found'], 404);
     }
     if ($item->inventory->conferenceID != $conferenceId) {
         return response()->json(['message' => 'request_not_found_for_conference'], 404);
     }
     $item->approved = 1;
     if ($item->save()) {
         return response()->json(['message' => 'item_approved'], 200);
     } else {
         return response()->json(['message' => 'item_could_not_be_approved'], 500);
     }
 }
Пример #12
0
 public function allUnapproved()
 {
     if (!Entrust::can(PermissionNames::ApproveUserRegistration()) && Auth::user()->id != $accountID) {
         return response()->json(["message" => "no_user_approval_access"]);
     }
     $dependents = User::where('approved', 0)->get();
     return response()->json(['message' => 'returned_unapproved_dependents', 'dependents' => $dependents]);
 }
Пример #13
0
 public function transportSummary($confId, Request $req)
 {
     if (!Entrust::can(PermissionNames::ConferenceTransportationEdit($confId))) {
         return response()->json(['message' => 'cannot_manage_transport'], 403);
     }
     if (!$this->isValidConference($confId)) {
         return response()->json(['message' => 'conference_not_found'], 404);
     }
     $userConfs = UserConference::where('needsTransportation', '=', true)->where('conferenceID', $confId)->where('approved', 1)->with(array('user' => function ($q) {
         $q->select('id', 'firstName', 'lastName', 'accountID');
     }))->with('userTransportation');
     $transports = [];
     foreach ($userConfs->get() as &$userConf) {
         $ut = $userConf->userTransportation;
         if ($ut != null) {
             $transport = Transportation::where('id', $ut->transportationID)->first();
             $transports[$transport->id] = $transport;
         }
     }
     $flightsList = $userConfs->distinct()->lists('flightID');
     $flights = Flight::whereIn('id', $flightsList)->get()->keyBy('id')->toArray();
     $conference = Conference::where('id', $confId)->get()->toArray();
     $summary = $this->buildSummaryJson($conference, $flights, $userConfs->get()->toArray(), $transports);
     return response()->json($summary, 200);
 }
Пример #14
0
 private function buildPermissionsJson()
 {
     $permissions = [];
     $this->checkPermission(PermissionNames::CreateConference(), $permissions);
     $this->checkPermission(PermissionNames::ManageGlobalPermissions(), $permissions);
     $this->checkPermission(PermissionNames::ApproveUserRegistration(), $permissions);
     $this->checkPermission(PermissionNames::ViewSiteStatistics(), $permissions);
     if (!is_null(Auth::user())) {
         $pnames = Permission::whereHas("roles", function ($query) {
             $query->whereHas("users", function ($query) {
                 $query->where("id", Auth::user()->id);
             });
         })->select("name")->get()->toArray();
         $pnames = array_map(function ($p) {
             return $p['name'];
         }, $pnames);
         $lookFor = PermissionNames::permissionManagementPermissionBases();
         foreach ($pnames as $permName) {
             $normal = PermissionNames::normalizePermissionName($permName);
             if (in_array($normal, $lookFor)) {
                 $permissions[] = "manage-some-permissions";
                 break;
             }
         }
     }
     return $permissions;
 }