Skip to content

Instantly share code, notes, and snippets.

@vinayakkulkarni

vinayakkulkarni/RolesAndPermissionsSeeder.php

Created November 14, 2017 11:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vinayakkulkarni/b9a3d60093296ce4eb7e75afa57f5d36 to your computer and use it in GitHub Desktop.
Save vinayakkulkarni/b9a3d60093296ce4eb7e75afa57f5d36 to your computer and use it in GitHub Desktop.
Download ZIP
User Roles & Permissions
Raw
RolesAndPermissionsSeeder.php
<?php
use App\User as User;
use App\Role as Role;
use App\Permission as Permission;
use Illuminate\Database\Seeder;
use Illuminate\Database\Eloquent\Model;
class RolesAndPermissionsSeeder extends Seeder {
protected $roles = [
'admin' => [
'display_name' => 'Administrator',
'description' => 'administer the website, basically God mode',
'permissions' => [
'can_add_users',
'can_edit_users',
'can_add_feature_comments',
'can_add_field_comments',
'can_edit_feature_comments',
'can_edit_field_comments',
'can_edit_own_comments',
'can_add_reviews',
'can_edit_reviews',
'can_edit_own_reviews'
]
],
'moderator' => [
'display_name' => 'Moderator',
'description' => 'moderate all the content, keeping things clean',
'permissions' => [
'can_edit_users',
'can_add_feature_comments',
'can_add_field_comments',
'can_edit_feature_comments',
'can_edit_field_comments',
'can_edit_own_comments',
'can_add_reviews',
'can_edit_reviews',
'can_edit_own_reviews'
],
],
'member' => [
'display_name' => 'Normal Public Signed-up User',
'description' => 'basic user with no "special" abilities',
'permissions' => [
'can_add_feature_comments',
'can_add_field_comments',
'can_edit_own_comments'
]
],
'reviewer' => [
'display_name' => 'A Reviewer Reviews Features',
'description' => 'special user with some "extra" permissions',
'permissions' => [
'can_add_feature_comments',
'can_add_field_comments',
'can_edit_own_comments',
'can_add_reviews',
'can_edit_own_reviews'
]
]
];
protected $permissions = [
'can_add_users' => [
'display_name' => 'Add New Users',
'description' => 'Has the ability to add new users',
],
'can_edit_users' => [
'display_name' => 'Edit Users',
'description' => 'Has the ability to add new users',
],
'can_add_feature_comments' => [
'display_name' => 'Add Feature Comments',
'description' => 'ability to add new comments',
],
'can_edit_feature_comments' => [
'display_name' => 'Edit Feature Comments',
'description' => 'edit other users comments',
],
'can_add_field_comments' => [
'display_name' => 'Add Field Comments',
'description' => 'ability to add new comments to a field',
],
'can_edit_field_comments' => [
'display_name' => 'Edit Feature Field Comments',
'description' => 'ability to add new comments to a field',
],
'can_edit_own_comments' => [
'display_name' => 'Edit Own Comment',
'description' => 'edit self made comment',
],
'can_add_reviews' => [
'display_name' => 'Add Feature Reviews',
'description' => 'ability to add new feature review',
],
'can_edit_reviews' => [
'display_name' => 'Edit Feature Reviews',
'description' => 'ability to edit a feature review',
],
'can_edit_own_reviews' => [
'display_name' => 'Edit Own Reviews',
'description' => 'ability to edit only self-made reviews',
],
];
/**
* Roles
*
* @return array()
*/
public function roles()
{
return $this->roles;
}
/**
* Permissions
*
* @param $name
* @return array()
*/
public function permissions($name = '')
{
$single = (array_key_exists($name,$this->permissions) ? array($name =>$this->permissions[$name]) : false );
return ($name ? $single : $this->permissions);
}
/**
* Run the Seeder
*
* @return void
*/
public function run()
{
DB::table(Config::get('entrust.permissions_table'))->delete();
foreach ($this->roles() as $key => $val) {
$this->command->info(" ");
$this->command->info('Creating/updating the \''.$key.'\' role');
$this->command->info('-----------------------------------------');
$val['name'] = $key;
$this->reset($val);
}
$this->cleanup();
}
/**
* Reset Role, Permissions & Users
*
* @param $role
* @return void
*/
public function reset($role)
{
$commandBullet = ' -> ';
// The Old Role
$originalRole = Role::where('name',$role['name'])->first();
if($originalRole) Role::where('id',$originalRole->id)->update(['name' => $role['name'].'__remove']);
// The New Role
$newRole = new Role();
$newRole->name = $role['name'];
if(isset($role['display_name'])) $newRole->display_name = $role['display_name']; // optional
if(isset($role['description'])) $newRole->description = $role['description']; // optional
$newRole->save();
$this->command->info($commandBullet."Created $role[name] role");
// Set the Permissions (if they exist)
$pcount = 0;
if(!empty($role['permissions']))
{
foreach ($role['permissions'] as $permission_name) {
$permission = $this->permissions($permission_name);
if($permission === false || (!$permission_name)) {
$this->command->error($commandBullet."Failed to attach permission '$permission_name'. It does not exist");
continue;
}
$newPermission = Permission::where('name',$permission_name)->first();
if (!$newPermission) {
$newPermission = new Permission();
$newPermission->name = key($permission);
if(isset($permission['display_name'])) $newPermission->display_name = $permission['display_name']; // optional
if(isset($permission['description'])) $newPermission->description = $permission['description']; // optional
$newPermission->save();
}
$newRole->attachPermission($newPermission);
$pcount++;
}
}
$this->command->info($commandBullet."Attached $pcount permissions to $role[name] role");
// Update old records
if ($originalRole)
{
$userCount = 0;
$RoleUsers = DB::table(Config::get('entrust.role_user_table'))->where('role_id',$originalRole->id)->get();
foreach ($RoleUsers as $user) {
$u = User::where('id',$user->user_id)->first();
$u->attachRole($newRole);
$userCount++;
}
$this->command->info($commandBullet."Updated role attachment for $userCount users");
Role::where('id',$originalRole->id)->delete(); // will also remove old role_user records
$this->command->info($commandBullet."Removed the original $role[name] role");
}
}
/**
* Cleanup()
* Remove any roles & permissions that have been removed
* @return void
*/
public function cleanup()
{
$commandBullet = ' -> ';
$this->command->info(" ");
$this->command->info('Cleaning up roles & permissions:');
$this->command->info('--------------------------------');
$storedRoles = Role::all();
if(!empty($storedRoles)) {
$definedRoles = $this->roles();
foreach ($storedRoles as $role) {
if ( !array_key_exists($role->name,$definedRoles) ) {
Role::where('name',$role->name)->delete();
$this->command->info($commandBullet.'The \''.$role->name.'\' role was removed');
}
}
}
$storedPerms = DB::table(Config::get('entrust.permissions_table'))->get();
if(!empty($storedPerms)) {
$definedPerms = $this->permissions();
foreach ($storedPerms as $perm) {
if ( !array_key_exists($perm->name,$definedPerms) ) {
DB::table(Config::get('entrust.permissions_table'))->where('name',$perm->name)->delete();
$this->command->info($commandBullet.'The \''.$perm->name.'\' permission was removed');
}
}
}
$this->command->info($commandBullet.'Done');
$this->command->info(" ");
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment