/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
DB::table('roles')->delete();
/**
* Role Attributes
*
* name: Unique name for the permission, used for looking up permission information in the
* application layer. For example: "create-post", "edit-user", "post-payment", "mailing-list-subscribe".
*
* display_name: Human readable name for the permission. Not necessarily unique, and is optional.
* For example "Create Posts", "Edit Users", "Post Payments", "Subscribe to mailing list".
*
* description: A more detailed explanation of the Role. This is also optional.
*
* permissions: A list of permission names to assign to the user. Optional.
*/
$roles = array(array('name' => 'owner', 'display_name' => 'Owner', 'description' => 'Owner of the management system. Has access to all aspects of the system.', 'permissions' => PermissionNames::AllGlobalPermissions()));
foreach ($roles as $r) {
$entry = new Role();
$entry->name = $r['name'];
if (array_key_exists('permissions', $r)) {
$permissions = $r['permissions'];
unset($r['permissions']);
}
if (array_key_exists('display_name', $r)) {
$entry->display_name = $r['display_name'];
}
if (array_key_exists('description', $r)) {
$entry->description = $r['description'];
}
$entry->save();
if (isset($permissions)) {
foreach ($permissions as $p) {
$entry->attachPermission(Permission::where('name', $p)->get()->first());
}
unset($permissions);
}
}
$rolePermissions = Permission::whereIn('name', PermissionNames::AllGlobalPermissions())->get();
RoleCreate::createPermissionRoles($rolePermissions);
}
private function manageableRolesForUser()
{
$roles = $this->roleResultToList(Role::with('perms')->get());
if (Entrust::can(PermissionNames::ManageGlobalPermissions())) {
return $roles;
}
//Filter out global permissions
$roles = array_filter($roles, function ($r) {
$globalPerms = PermissionNames::AllGlobalPermissions();
foreach ($r->perms as $p) {
if (in_array($p->name, $globalPerms)) {
return false;
}
}
return true;
});
$confPermNamePart = PermissionNames::normalizePermissionName(PermissionNames::ConferencePermissionManagement(1));
$evtPermNamePart = PermissionNames::normalizePermissionName(PermissionNames::EventPermissionManagement(1));
//Get the permissions this user has which are permissions management
//permissions
$currentPermManagement = Permission::whereHas("roles", function ($query) {
$query->whereHas("users", function ($query) {
//on Account table
$query->where("id", Auth::user()->id);
});
})->where(function ($query) use($confPermNamePart, $evtPermNamePart) {
$query->where('name', 'like', $confPermNamePart . '%');
$query->orWhere('name', 'like', $evtPermNamePart . '%');
})->get();
$conferences = [];
$events = [];
foreach ($currentPermManagement as $perm) {
if (PermissionNames::isConferencePermission($perm->name)) {
$conferences[] = PermissionNames::extractPermissionData($perm->name)->idPart;
} else {
$events[] = PermissionNames::extractPermissionData($perm->name)->idPart;
}
}
$ownedEvents = Event::whereIn('conferenceID', $conferences)->select('id')->get();
$ownedEvents = array_map(function ($e) {
return $e['id'];
}, $ownedEvents->toArray());
$events = array_merge($events, $ownedEvents);
//Filter out permissions not associated with the conferences/events
//this user can control.
$roles = array_filter($roles, function ($r) use($events, $conferences) {
foreach ($r->perms as $p) {
if (PermissionNames::isConferencePermission($p->name)) {
$confId = PermissionNames::extractPermissionData($p->name)->idPart;
if (!in_array($confId, $conferences)) {
return false;
}
} else {
if (PermissionNames::isEventPermission($p->name)) {
$evtId = PermissionNames::extractPermissionData($p->name)->idPart;
if (!in_array($evtId, $events)) {
return false;
}
}
}
return true;
}
});
return $roles;
}
