shihaam/akaunting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improved permissions trait

Browse Source
This commit is contained in:
denisdulici 2020-02-06 17:08:20 +03:00
parent 9fd64ad696
commit ac4fd86ab3
7 changed files with 262 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Listeners/Update/V20/Version200.php
View File

@ -774,7 +774,7 @@ class Version200 extends Listener
public function updatePermissions() public function updatePermissions()
{ {
$this->attachPermissions([ $this->attachPermissionsByRoleNames([
'admin' => [ 'admin' => [
'common-dashboards' => 'c,r,u,d', 'common-dashboards' => 'c,r,u,d',
'common-reports' => 'c,r,u,d', 'common-reports' => 'c,r,u,d',
@ -833,7 +833,7 @@ class Version200 extends Listener
], ],
]); ]);
$this->detachPermissions([ $this->detachPermissionsByRoleNames([
'admin' => [ 'admin' => [
'read-modules-token', 'read-modules-token',
'update-modules-token', 'update-modules-token',
@ -970,6 +970,7 @@ class Version200 extends Listener
'config/menus.php', 'config/menus.php',
'config/modules.php', 'config/modules.php',
'docker-compose.yml', 'docker-compose.yml',
'database/seeds/Roles.php',
'Dockerfile', 'Dockerfile',
'modules/PaypalStandard/Http/Controllers/PaypalStandard.php', 'modules/PaypalStandard/Http/Controllers/PaypalStandard.php',
'modules/PaypalStandard/Http/routes.php', 'modules/PaypalStandard/Http/routes.php',

277
app/Traits/Permissions.php
View File

@ -4,6 +4,8 @@ namespace App\Traits;
use App\Models\Auth\Permission; use App\Models\Auth\Permission;
use App\Models\Auth\Role; use App\Models\Auth\Role;
use App\Utilities\Reports;
use App\Utilities\Widgets;
use Illuminate\Support\Str; use Illuminate\Support\Str;
trait Permissions trait Permissions
@ -18,46 +20,41 @@ trait Permissions
]; ];
} }
public function attachPermissions($roles) public function attachPermissionsByRoleNames($roles)
{ {
$actions_map = collect($this->getActionsMap());
foreach ($roles as $role_name => $permissions) { foreach ($roles as $role_name => $permissions) {
$role_display_name = Str::title($role_name); $role = $this->createRole($role_name);
$role = Role::firstOrCreate([ foreach ($permissions as $id => $permission) {
'name' => $role_name, $this->attachPermissionsByAction($role, $id, $permission);
], [
'display_name' => $role_display_name,
'description' => $role_display_name,
]);
foreach ($permissions as $page => $action_list) {
$actions = explode(',', $action_list);
foreach ($actions as $short_action) {
$action = $actions_map->get($short_action);
$display_name = Str::title($action . ' ' . str_replace('-', ' ', $page));
$permission = Permission::firstOrCreate([
'name' => $action . '-' . $page,
], [
'display_name' => $display_name,
'description' => $display_name,
]);
if ($role->hasPermission($permission->name)) {
continue;
}
$role->attachPermission($permission);
} }
} }
} }
public function attachPermissionsToAdminRoles($permissions)
{
$this->attachPermissionsToAllRoles($permissions, 'read-admin-panel');
} }
public function detachPermissions($roles) public function attachPermissionsToPortalRoles($permissions)
{
$this->attachPermissionsToAllRoles($permissions, 'read-client-portal');
}
public function attachPermissionsToAllRoles($permissions, $require = 'read-admin-panel')
{
$roles = Role::all()->filter(function ($r) use ($require) {
return $require ? $r->hasPermission($require) : true;
});
foreach ($roles as $role) {
foreach ($permissions as $permission) {
$this->attachPermission($role, $permission);
}
}
}
public function detachPermissionsByRoleNames($roles)
{ {
foreach ($roles as $role_name => $permissions) { foreach ($roles as $role_name => $permissions) {
$role = Role::where('name', $role_name)->first(); $role = Role::where('name', $role_name)->first();
@ -67,14 +64,7 @@ trait Permissions
} }
foreach ($permissions as $permission_name) { foreach ($permissions as $permission_name) {
$permission = Permission::where('name', $permission_name)->first(); $this->detachPermission($role, $permission_name);
if (empty($permission)) {
continue;
}
$role->detachPermission($permission);
$permission->delete();
} }
} }
} }
@ -94,7 +84,7 @@ trait Permissions
} }
$new_name = $action . '-' . $new; $new_name = $action . '-' . $new;
$new_display_name = Str::title(str_replace('-', ' ', $new_name)); $new_display_name = $this->getPermissionDisplayName($new_name);
$permission->update([ $permission->update([
'name' => $new_name, 'name' => $new_name,
@ -103,4 +93,209 @@ trait Permissions
} }
} }
} }
public function attachDefaultModulePermissions($module, $require = 'read-admin-panel')
{
$this->attachModuleReportPermissions($module, $require);
$this->attachModuleWidgetPermissions($module, $require);
$this->attachModuleSettingPermissions($module, $require);
}
public function attachModuleReportPermissions($module, $require = 'read-admin-panel')
{
if (is_string($module)) {
$module = module($module);
}
if (empty($module->get('reports'))) {
return;
}
$permissions = [];
foreach ($module->get('reports') as $class) {
if (!class_exists($class)) {
continue;
}
$permissions[] = $this->createModuleReportPermission($module, $class);
}
$this->attachPermissionsToAllRoles($permissions, $require);
}
public function attachModuleWidgetPermissions($module, $require = 'read-admin-panel')
{
if (is_string($module)) {
$module = module($module);
}
if (empty($module->get('widgets'))) {
return;
}
$permissions = [];
foreach ($module->get('widgets') as $class) {
if (!class_exists($class)) {
continue;
}
$permissions[] = $this->createModuleWidgetPermission($module, $class);
}
$this->attachPermissionsToAllRoles($permissions, $require);
}
public function attachModuleSettingPermissions($module, $require = 'read-admin-panel')
{
if (is_string($module)) {
$module = module($module);
}
if (empty($module->get('settings'))) {
return;
}
$permissions = [];
$permissions[] = $this->createModuleSettingPermission($module, 'read');
$permissions[] = $this->createModuleSettingPermission($module, 'update');
$this->attachPermissionsToAllRoles($permissions, $require);
}
public function createModuleReportPermission($module, $class)
{
if (is_string($module)) {
$module = module($module);
}
if (!class_exists($class)) {
return;
}
$name = Reports::getPermission($class);
$display_name = 'Read ' . $module->getName() . ' Reports ' . Reports::getDefaultName($class);
return $this->createPermission($name, $display_name);
}
public function createModuleWidgetPermission($module, $class)
{
if (is_string($module)) {
$module = module($module);
}
if (!class_exists($class)) {
return;
}
$name = Widgets::getPermission($class);
$display_name = 'Read ' . $module->getName() . ' Widgets ' . Widgets::getDefaultName($class);
return $this->createPermission($name, $display_name);
}
public function createModuleSettingPermission($module, $action)
{
if (is_string($module)) {
$module = module($module);
}
$name = $action . '-' . $module->getAlias() . '-settings';
$display_name = Str::title($action) . ' ' . $module->getName() . ' Settings';
return $this->createPermission($name, $display_name);
}
public function createRole($name, $display_name = null, $description = null)
{
$display_name = $display_name ?? Str::title($name);
return Role::firstOrCreate([
'name' => $name,
], [
'display_name' => $display_name,
'description' => $description ?? $display_name,
]);
}
public function createPermission($name, $display_name = null, $description = null)
{
$display_name = $display_name ?? $this->getPermissionDisplayName($name);
return Permission::firstOrCreate([
'name' => $name,
], [
'display_name' => $display_name,
'description' => $description ?? $display_name,
]);
}
public function attachPermission($role, $permission)
{
if (is_string($permission)) {
$permission = $this->createPermission($permission);
}
if ($role->hasPermission($permission->name)) {
return;
}
$role->attachPermission($permission);
}
public function detachPermission($role, $permission)
{
if (is_string($role)) {
$role = Role::where('name', $role)->first();
}
if (empty($role)) {
return;
}
if (is_string($permission)) {
$permission = Permission::where('name', $permission)->first();
}
if (empty($permission)) {
return;
}
$role->detachPermission($permission);
$permission->delete();
}
public function isActionList($permission)
{
if (!is_string($permission)) {
return false;
}
return (strlen($permission) == '1') || Str::contains($permission, ',');
}
public function attachPermissionsByAction($role, $page, $action_list)
{
$actions_map = collect($this->getActionsMap());
$actions = explode(',', $action_list);
foreach ($actions as $short_action) {
$action = $actions_map->get($short_action);
$name = $action . '-' . $page;
$this->attachPermission($role, $name);
}
}
public function getPermissionDisplayName($name)
{
return Str::title(str_replace('-', ' ', $name));
}
} }

4
app/Utilities/Installer.php
View File

@ -151,8 +151,8 @@ class Installer
// Create tables // Create tables
Artisan::call('migrate', ['--force' => true]); Artisan::call('migrate', ['--force' => true]);
// Create Roles // Create Permissions
Artisan::call('db:seed', ['--class' => 'Database\Seeds\Roles', '--force' => true]); Artisan::call('db:seed', ['--class' => 'Database\Seeds\Permissions', '--force' => true]);
return true; return true;
} }

7
app/Utilities/Reports.php
View File

@ -35,7 +35,7 @@ class Reports
continue; continue;
} }
$classes[$class] = (new $class())->getDefaultName(); $classes[$class] = static::getDefaultName($class);
} }
return $classes; return $classes;
@ -80,4 +80,9 @@ class Reports
return str_replace('--', '-', $permission); return str_replace('--', '-', $permission);
} }
public static function getDefaultName($class)
{
return (new $class())->getDefaultName();
}
} }

7
app/Utilities/Widgets.php
View File

@ -39,7 +39,7 @@ class Widgets
continue; continue;
} }
$classes[$class] = (new $class())->getDefaultName(); $classes[$class] = static::getDefaultName($class);
} }
return $classes; return $classes;
@ -112,4 +112,9 @@ class Widgets
return str_replace('--', '-', $permission); return str_replace('--', '-', $permission);
} }
public static function getDefaultName($class)
{
return (new $class())->getDefaultName();
}
} }

8
database/seeds/Roles.php → database/seeds/Permissions.php
View File

@ -2,12 +2,12 @@
namespace Database\Seeds; namespace Database\Seeds;
use App\Abstracts\Model; use App\Abstracts\Model;
use App\Traits\Permissions; use App\Traits\Permissions as Helper;
use Illuminate\Database\Seeder; use Illuminate\Database\Seeder;
class Roles extends Seeder class Permissions extends Seeder
{ {
use Permissions; use Helper;
/** /**
* Run the database seeds. * Run the database seeds.
@ -144,6 +144,6 @@ class Roles extends Seeder
] ]
]; ];
$this->attachPermissions($rows); $this->attachPermissionsByRoleNames($rows);
} }
} }

83
overrides/akaunting/module/Commands/InstallCommand.php
View File

@ -2,18 +2,17 @@
namespace Akaunting\Module\Commands; namespace Akaunting\Module\Commands;
use App\Models\Auth\Permission;
use App\Models\Auth\Role;
use App\Models\Module\Module; use App\Models\Module\Module;
use App\Models\Module\ModuleHistory; use App\Models\Module\ModuleHistory;
use App\Utilities\Reports; use App\Traits\Permissions;
use App\Utilities\Widgets;
use Illuminate\Console\Command; use Illuminate\Console\Command;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Symfony\Component\Console\Input\InputArgument; use Symfony\Component\Console\Input\InputArgument;
class InstallCommand extends Command class InstallCommand extends Command
{ {
use Permissions;
/** /**
* The name and signature of the console command. * The name and signature of the console command.
* *
@ -68,9 +67,7 @@ class InstallCommand extends Command
event(new \App\Events\Module\Installed($alias, $company_id)); event(new \App\Events\Module\Installed($alias, $company_id));
if (!empty($module->get('reports')) || !empty($module->get('widgets')) || !empty($module->get('settings'))) { $this->attachDefaultModulePermissions($module);
$this->updatePermissions($module);
}
session()->forget('company_id'); session()->forget('company_id');
@ -93,76 +90,4 @@ class InstallCommand extends Command
array('company_id', InputArgument::REQUIRED, 'Company ID.'), array('company_id', InputArgument::REQUIRED, 'Company ID.'),
); );
} }
protected function updatePermissions($module)
{
$permissions = [];
if (!empty($module->get('reports'))) {
foreach ($module->get('reports') as $class) {
if (!class_exists($class)) {
continue;
}
$name = Reports::getPermission($class);
$display_name = (new $class())->getDefaultName();
$permissions[] = Permission::firstOrCreate([
'name' => $name
], [
'display_name' => 'Read ' . $module->getName() . ' Reports ' . $display_name,
'description' => 'Read ' . $module->getName() . ' Reports ' . $display_name,
]);
}
}
if (!empty($module->get('widgets'))) {
foreach ($module->get('widgets') as $class) {
if (!class_exists($class)) {
continue;
}
$name = Widgets::getPermission($class);
$display_name = (new $class())->getDefaultName();
$permissions[] = Permission::firstOrCreate([
'name' => $name
], [
'display_name' => 'Read ' . $module->getName() . ' Widgets ' . $display_name,
'description' => 'Read ' . $module->getName() . ' Widgets ' . $display_name,
]);
}
}
if (!empty($module->get('settings'))) {
$permissions[] = Permission::firstOrCreate([
'name' => 'read-' . $module->getAlias() . '-settings'
], [
'display_name' => 'Read ' . $module->getName() . ' Settings',
'description' => 'Read ' . $module->getName() . ' Settings',
]);
$permissions[] = Permission::firstOrCreate([
'name' => 'update-' . $module->getAlias() . '-settings'
], [
'display_name' => 'Update ' . $module->getName() . ' Settings',
'description' => 'Update ' . $module->getName() . ' Settings',
]);
}
// Attach permission to roles
$roles = Role::all()->filter(function ($r) {
return $r->hasPermission('read-admin-panel');
});
foreach ($roles as $role) {
foreach ($permissions as $permission) {
if ($role->hasPermission($permission->name)) {
continue;
}
$role->attachPermission($permission);
}
}
}
} }