Created
November 14, 2017 11:01
-
-
Save vinayakkulkarni/b9a3d60093296ce4eb7e75afa57f5d36 to your computer and use it in GitHub Desktop.
User Roles & Permissions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
use App\User as User; | |
use App\Role as Role; | |
use App\Permission as Permission; | |
use Illuminate\Database\Seeder; | |
use Illuminate\Database\Eloquent\Model; | |
class RolesAndPermissionsSeeder extends Seeder { | |
protected $roles = [ | |
'admin' => [ | |
'display_name' => 'Administrator', | |
'description' => 'administer the website, basically God mode', | |
'permissions' => [ | |
'can_add_users', | |
'can_edit_users', | |
'can_add_feature_comments', | |
'can_add_field_comments', | |
'can_edit_feature_comments', | |
'can_edit_field_comments', | |
'can_edit_own_comments', | |
'can_add_reviews', | |
'can_edit_reviews', | |
'can_edit_own_reviews' | |
] | |
], | |
'moderator' => [ | |
'display_name' => 'Moderator', | |
'description' => 'moderate all the content, keeping things clean', | |
'permissions' => [ | |
'can_edit_users', | |
'can_add_feature_comments', | |
'can_add_field_comments', | |
'can_edit_feature_comments', | |
'can_edit_field_comments', | |
'can_edit_own_comments', | |
'can_add_reviews', | |
'can_edit_reviews', | |
'can_edit_own_reviews' | |
], | |
], | |
'member' => [ | |
'display_name' => 'Normal Public Signed-up User', | |
'description' => 'basic user with no "special" abilities', | |
'permissions' => [ | |
'can_add_feature_comments', | |
'can_add_field_comments', | |
'can_edit_own_comments' | |
] | |
], | |
'reviewer' => [ | |
'display_name' => 'A Reviewer Reviews Features', | |
'description' => 'special user with some "extra" permissions', | |
'permissions' => [ | |
'can_add_feature_comments', | |
'can_add_field_comments', | |
'can_edit_own_comments', | |
'can_add_reviews', | |
'can_edit_own_reviews' | |
] | |
] | |
]; | |
protected $permissions = [ | |
'can_add_users' => [ | |
'display_name' => 'Add New Users', | |
'description' => 'Has the ability to add new users', | |
], | |
'can_edit_users' => [ | |
'display_name' => 'Edit Users', | |
'description' => 'Has the ability to add new users', | |
], | |
'can_add_feature_comments' => [ | |
'display_name' => 'Add Feature Comments', | |
'description' => 'ability to add new comments', | |
], | |
'can_edit_feature_comments' => [ | |
'display_name' => 'Edit Feature Comments', | |
'description' => 'edit other users comments', | |
], | |
'can_add_field_comments' => [ | |
'display_name' => 'Add Field Comments', | |
'description' => 'ability to add new comments to a field', | |
], | |
'can_edit_field_comments' => [ | |
'display_name' => 'Edit Feature Field Comments', | |
'description' => 'ability to add new comments to a field', | |
], | |
'can_edit_own_comments' => [ | |
'display_name' => 'Edit Own Comment', | |
'description' => 'edit self made comment', | |
], | |
'can_add_reviews' => [ | |
'display_name' => 'Add Feature Reviews', | |
'description' => 'ability to add new feature review', | |
], | |
'can_edit_reviews' => [ | |
'display_name' => 'Edit Feature Reviews', | |
'description' => 'ability to edit a feature review', | |
], | |
'can_edit_own_reviews' => [ | |
'display_name' => 'Edit Own Reviews', | |
'description' => 'ability to edit only self-made reviews', | |
], | |
]; | |
/** | |
* Roles | |
* | |
* @return array() | |
*/ | |
public function roles() | |
{ | |
return $this->roles; | |
} | |
/** | |
* Permissions | |
* | |
* @param $name | |
* @return array() | |
*/ | |
public function permissions($name = '') | |
{ | |
$single = (array_key_exists($name,$this->permissions) ? array($name =>$this->permissions[$name]) : false ); | |
return ($name ? $single : $this->permissions); | |
} | |
/** | |
* Run the Seeder | |
* | |
* @return void | |
*/ | |
public function run() | |
{ | |
DB::table(Config::get('entrust.permissions_table'))->delete(); | |
foreach ($this->roles() as $key => $val) { | |
$this->command->info(" "); | |
$this->command->info('Creating/updating the \''.$key.'\' role'); | |
$this->command->info('-----------------------------------------'); | |
$val['name'] = $key; | |
$this->reset($val); | |
} | |
$this->cleanup(); | |
} | |
/** | |
* Reset Role, Permissions & Users | |
* | |
* @param $role | |
* @return void | |
*/ | |
public function reset($role) | |
{ | |
$commandBullet = ' -> '; | |
// The Old Role | |
$originalRole = Role::where('name',$role['name'])->first(); | |
if($originalRole) Role::where('id',$originalRole->id)->update(['name' => $role['name'].'__remove']); | |
// The New Role | |
$newRole = new Role(); | |
$newRole->name = $role['name']; | |
if(isset($role['display_name'])) $newRole->display_name = $role['display_name']; // optional | |
if(isset($role['description'])) $newRole->description = $role['description']; // optional | |
$newRole->save(); | |
$this->command->info($commandBullet."Created $role[name] role"); | |
// Set the Permissions (if they exist) | |
$pcount = 0; | |
if(!empty($role['permissions'])) | |
{ | |
foreach ($role['permissions'] as $permission_name) { | |
$permission = $this->permissions($permission_name); | |
if($permission === false || (!$permission_name)) { | |
$this->command->error($commandBullet."Failed to attach permission '$permission_name'. It does not exist"); | |
continue; | |
} | |
$newPermission = Permission::where('name',$permission_name)->first(); | |
if (!$newPermission) { | |
$newPermission = new Permission(); | |
$newPermission->name = key($permission); | |
if(isset($permission['display_name'])) $newPermission->display_name = $permission['display_name']; // optional | |
if(isset($permission['description'])) $newPermission->description = $permission['description']; // optional | |
$newPermission->save(); | |
} | |
$newRole->attachPermission($newPermission); | |
$pcount++; | |
} | |
} | |
$this->command->info($commandBullet."Attached $pcount permissions to $role[name] role"); | |
// Update old records | |
if ($originalRole) | |
{ | |
$userCount = 0; | |
$RoleUsers = DB::table(Config::get('entrust.role_user_table'))->where('role_id',$originalRole->id)->get(); | |
foreach ($RoleUsers as $user) { | |
$u = User::where('id',$user->user_id)->first(); | |
$u->attachRole($newRole); | |
$userCount++; | |
} | |
$this->command->info($commandBullet."Updated role attachment for $userCount users"); | |
Role::where('id',$originalRole->id)->delete(); // will also remove old role_user records | |
$this->command->info($commandBullet."Removed the original $role[name] role"); | |
} | |
} | |
/** | |
* Cleanup() | |
* Remove any roles & permissions that have been removed | |
* @return void | |
*/ | |
public function cleanup() | |
{ | |
$commandBullet = ' -> '; | |
$this->command->info(" "); | |
$this->command->info('Cleaning up roles & permissions:'); | |
$this->command->info('--------------------------------'); | |
$storedRoles = Role::all(); | |
if(!empty($storedRoles)) { | |
$definedRoles = $this->roles(); | |
foreach ($storedRoles as $role) { | |
if ( !array_key_exists($role->name,$definedRoles) ) { | |
Role::where('name',$role->name)->delete(); | |
$this->command->info($commandBullet.'The \''.$role->name.'\' role was removed'); | |
} | |
} | |
} | |
$storedPerms = DB::table(Config::get('entrust.permissions_table'))->get(); | |
if(!empty($storedPerms)) { | |
$definedPerms = $this->permissions(); | |
foreach ($storedPerms as $perm) { | |
if ( !array_key_exists($perm->name,$definedPerms) ) { | |
DB::table(Config::get('entrust.permissions_table'))->where('name',$perm->name)->delete(); | |
$this->command->info($commandBullet.'The \''.$perm->name.'\' permission was removed'); | |
} | |
} | |
} | |
$this->command->info($commandBullet.'Done'); | |
$this->command->info(" "); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment