/**
* Get or create the role.
*
* @return \Silber\Bouncer\Database\Role
*/
protected function role()
{
if ($this->role instanceof Role) {
return $this->role;
}
return Role::firstOrCreate(['name' => $this->role]);
}
/**
* Get the model or create a role.
*
* @return \Illuminate\Database\Eloquent\Model
*/
protected function getModel()
{
if ($this->model instanceof Model) {
return $this->model;
}
return Role::firstOrCreate(['name' => $this->model]);
}
/**
* Get the model from which to remove the abilities.
*
* @return \Illuminate\Database\Eloquent\Model|null
*/
protected function getModel()
{
if ($this->model instanceof Model) {
return $this->model;
}
return Role::where('title', $this->model)->first();
}
/**
* Setup the database schema.
*
* @return void
*/
public function setUp()
{
Role::$userModel = User::class;
Ability::$userModel = User::class;
$this->schema()->create('users', function ($table) {
$table->increments('id');
$table->timestamps();
});
$this->schema()->create('abilities', function ($table) {
$table->increments('id');
$table->string('title');
$table->integer('entity_id')->unsigned()->nullable();
$table->string('entity_type')->nullable();
$table->timestamps();
$table->unique(['title', 'entity_id', 'entity_type']);
});
$this->schema()->create('roles', function ($table) {
$table->increments('id');
$table->string('title')->unique();
$table->timestamps();
});
$this->schema()->create('user_roles', function ($table) {
$table->integer('role_id')->unsigned();
$table->integer('user_id')->unsigned();
});
$this->schema()->create('user_abilities', function ($table) {
$table->integer('ability_id')->unsigned();
$table->integer('user_id')->unsigned();
});
$this->schema()->create('role_abilities', function ($table) {
$table->integer('ability_id')->unsigned();
$table->integer('role_id')->unsigned();
});
}
/**
* Get the role.
*
* @return \Silber\Bouncer\Database\Role|null
*/
protected function role()
{
if ($this->role instanceof Role) {
return $role;
}
return Role::where('name', $this->role)->first();
}
public function test_users_can_be_constrained_to_a_model_blanket_permission()
{
$bouncer = $this->bouncer($user = User::create());
$bouncer->allow('admin')->to('ban', User::class);
$bouncer->allow('moderator')->to('ban', $user);
$roles = Role::whereCan('ban', User::class)->get();
$this->assertCount(1, $roles);
$this->assertEquals('admin', $roles->first()->name);
}
/**
* Set the name of the user model on the role and Ability classes.
*
* @return void
*/
protected function setUserModel()
{
$model = $this->app->make('config')->get('auth.model');
Ability::$userModel = $model;
Role::$userModel = $model;
}
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
Role::create(['name' => 'admin', 'title' => 'System Administrator', 'description' => 'That guy with god mode']);
Role::create(['name' => 'manager', 'title' => 'Manager', 'description' => 'Some guy working for food']);
Role::create(['name' => 'user', 'title' => 'User', 'description' => 'Regular user']);
}
/**
* Assign the role to the users with the given ids.
*
* @param \Silber\Bouncer\Database\Role $role
* @param array $ids
* @return void
*/
protected function assignRole(Role $role, array $ids)
{
$existing = $role->users()->whereIn('id', $ids)->lists('id')->all();
$ids = array_diff($ids, $existing);
$role->users()->attach($ids);
}
/**
* Get the IDs of the users that already have the given role.
*
* @param \Silber\Bouncer\Database\Role $role
* @param array $ids
* @return \Illuminate\Support\Collection
*/
protected function getUsersWithRole(Role $role, array $ids)
{
$model = Models::user();
$column = $model->getTable() . '.' . $model->getKeyName();
return $role->users()->whereIn($column, $ids)->lists($column);
}