public function patchIndex(Role $role) { if (!$this->user->canAdminRoles() || !$this->user->canAdminPermissions()) { return abort(403); } $input = Input::all(); $permissions = Permission::all(); $rolePermissions = []; $nullPermissions = []; foreach ($permissions as $permission) { if ($this->user->can($permission->permission_id)) { $nullPermissions[] = $permission->permission_id; foreach ($input as $permission_id => $permission_value) { $permission_id = str_replace("_", ".", $permission_id); if ($permission->permission_id == $permission_id) { switch ($permission_value) { case "allow": case "deny": $rolePermissions[] = ['role_id' => $role->role_id, 'permission_id' => $permission_id, 'value' => $permission_value == "allow"]; break; } break; } } } } RolePermission::where(['role_id' => $role->role_id])->whereIn('permission_id', $nullPermissions)->delete(); RolePermission::insert($rolePermissions); return $this->view(static::VIEW_PERMISSIONS, ['role' => $role, 'permissions' => Permission::all()]); }
public function run() { $this->command->info('Seeding permission to role associations.'); $permissions = Permission::get()->modelKeys(); // Insert default permissions. foreach ($this->slugs() as $role_id => $slugs) { foreach ($slugs as $slug_key => $slug_value) { if (!is_numeric($slug_key) && (is_numeric($slug_value) || is_bool($slug_value))) { $permission_id = $slug_key; $permission_value = !!$slug_value; } else { $permission_id = $slug_value; $permission_value = true; } if (in_array($permission_id, $permissions)) { RolePermission::firstOrCreate(['role_id' => $role_id, 'permission_id' => $permission_id, 'value' => $permission_value]); } else { $this->command->error("Attempting to assign non-existant permission id `{$permission_id}` to role_id `{$role_id}`."); } } } // Give admin permissions. if (count($permissions)) { foreach ($permissions as $permission_id) { $permission = RolePermission::firstOrNew(['role_id' => Role::ID_ADMIN, 'permission_id' => $permission_id]); $permission->value = 1; $permission->save(); } } }
/** * Returns board uris with this permission. * * @param \App\Contracts\PermissionUser|null $user User roles must belong to. Defaults to null. * @param bool $anonymous Determines if we should allow generic, unassigned roles. Defaults true. * @return Collection of \App\Board->board_uri strings */ public function getBoardsWithPermissions(PermissionUser $user = null, $anonymous = true) { // Identify roles which affect this user. // Sometimes we will only want direct assignments. // This includes null user_id assignments for anonymouse users. $userRoles = UserRole::select('role_id')->where(function ($query) use($user, $anonymous) { if ($anonymous) { $query->whereNull('user_id'); } if ($user instanceof PermissionUser && !$user->isAnonymous()) { $query->orWhere('user_id', $user->user_id); } else { if (!$anonymous) { $query->where(\DB::raw('0'), '1'); } } })->get()->pluck('role_id'); if (!$userRoles) { return collect(); } $inheritRoles = Role::select('role_id', 'inherit_id')->whereIn('role_id', $userRoles)->get()->pluck('inherit_id')->filter(function ($item) { return !is_null($item); }); // Identify roles which use this permission, // or which borrow inherited roles. $validRoles = RolePermission::select('role_id', 'permission_id')->where(function ($query) use($userRoles, $inheritRoles) { $query->orWhereIn('role_id', $userRoles); if ($inheritRoles) { $query->orWhereIn('role_id', $inheritRoles); } })->where('permission_id', $this->permission_id)->get()->pluck('role_id'); if (!$validRoles) { return collect(); } // Find the intersection of roles we have and roles we want. $intersectIdents = collect($userRoles)->intersect(collect($validRoles)); $inheritIdents = collect($inheritRoles)->intersect(collect($validRoles)); $intersectRoles = collect(); if ($intersectIdents) { // These are only roles which are directly assigned to us with // this permission. $intersectRoles = collect(Role::select('role_id', 'board_uri')->whereIn('role_id', $intersectIdents)->get()->pluck('board_uri')); } if ($inheritIdents) { $intersectRoles = collect(Role::select('role_id', 'board_uri')->whereIn('inherit_id', $inheritIdents)->whereIn('role_id', $userRoles)->get()->pluck('board_uri'))->merge($intersectRoles); } return $intersectRoles; }
public function run() { $this->command->info('Seeding permission to role associations.'); // Insert default permissions. foreach ($this->slugs() as $slug) { RolePermission::firstOrCreate(['role_id' => $slug['role_id'], 'permission_id' => $slug['permission_id'], 'value' => $slug['value']]); } // Give admin permissions. $permissions = Permission::get(); if (count($permissions)) { foreach ($permissions as $permission) { $permission = RolePermission::firstOrNew(['role_id' => Role::$ROLE_ADMIN, 'permission_id' => $permission->permission_id]); $permission->value = 1; $permission->save(); } } }
public function run() { $this->command->info('Seeding permission to role associations.'); RolePermission::truncate(); $permissions = Permission::get()->modelKeys(); // Insert default permissions. foreach ($this->slugs() as $role_id => $slugs) { foreach ($slugs as $slug_key => $slug_value) { if (!is_numeric($slug_key) && (is_numeric($slug_value) || is_bool($slug_value))) { $permission_id = $slug_key; $permission_value = !!$slug_value; } else { $permission_id = $slug_value; $permission_value = true; } if (in_array($permission_id, $permissions)) { (new RolePermission(['role_id' => $role_id, 'permission_id' => $permission_id, 'value' => $permission_value]))->save(); } else { $this->command->error("Attempting to assign non-existant permission id `{$permission_id}` to role_id `{$role_id}`."); } } } // Give admin permissions. if (count($permissions)) { $role = Role::find(Role::ID_ADMIN); $role->permissions()->detach(); $attachments = []; foreach ($permissions as $permission_id) { $attachments[] = ['permission_id' => $permission_id, 'value' => 1]; } $role->permissions()->attach($attachments); } }
public function __construct($user) { foreach (RolePermission::where('profileid', $user->getAttribute("profileid"))->get() as $value) { $this->roles[$value->getAttribute("action")] = $value->getAttribute("permission"); } }