Add some roles and permisssions
This commit is contained in:
parent
4e265b8ade
commit
1f1f69df16
|
@ -62,6 +62,11 @@ class AuthController extends Controller
|
|||
|
||||
public function me(Request $request)
|
||||
{
|
||||
return $request->user();
|
||||
return [
|
||||
...$request->user()->toArray(),
|
||||
"permissions" => array_map(function($p) {
|
||||
return $p["name"];
|
||||
}, $request->user()->allPermissions()->toArray()),
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
/**
|
||||
* Control if the seeder should create a user per role while seeding the data.
|
||||
*/
|
||||
'create_users' => false,
|
||||
|
||||
/**
|
||||
* Control if all the laratrust tables should be truncated before running the seeder.
|
||||
*/
|
||||
'truncate_tables' => true,
|
||||
|
||||
'roles_structure' => [
|
||||
'superadmin' => [
|
||||
'users' => 'c,r,u,d',
|
||||
],
|
||||
'admin' => [
|
||||
'users' => 'c,r,u'
|
||||
],
|
||||
'chief' => [
|
||||
'users' => 'r'
|
||||
],
|
||||
'user' => [
|
||||
'users' => 'lr'
|
||||
]
|
||||
],
|
||||
|
||||
'permissions_map' => [
|
||||
'c' => 'create',
|
||||
'lr' => 'limitedRead',
|
||||
'r' => 'read',
|
||||
'u' => 'update',
|
||||
'd' => 'delete'
|
||||
]
|
||||
];
|
|
@ -0,0 +1,85 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
|
||||
class LaratrustSetupTables extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
// Create table for storing roles
|
||||
Schema::create('roles', function (Blueprint $table) {
|
||||
$table->bigIncrements('id');
|
||||
$table->string('name')->unique();
|
||||
$table->string('display_name')->nullable();
|
||||
$table->string('description')->nullable();
|
||||
$table->timestamps();
|
||||
});
|
||||
|
||||
// Create table for storing permissions
|
||||
Schema::create('permissions', function (Blueprint $table) {
|
||||
$table->bigIncrements('id');
|
||||
$table->string('name')->unique();
|
||||
$table->string('display_name')->nullable();
|
||||
$table->string('description')->nullable();
|
||||
$table->timestamps();
|
||||
});
|
||||
|
||||
// Create table for associating roles to users and teams (Many To Many Polymorphic)
|
||||
Schema::create('role_user', function (Blueprint $table) {
|
||||
$table->unsignedBigInteger('role_id');
|
||||
$table->unsignedBigInteger('user_id');
|
||||
$table->string('user_type');
|
||||
|
||||
$table->foreign('role_id')->references('id')->on('roles')
|
||||
->onUpdate('cascade')->onDelete('cascade');
|
||||
|
||||
$table->primary(['user_id', 'role_id', 'user_type']);
|
||||
});
|
||||
|
||||
// Create table for associating permissions to users (Many To Many Polymorphic)
|
||||
Schema::create('permission_user', function (Blueprint $table) {
|
||||
$table->unsignedBigInteger('permission_id');
|
||||
$table->unsignedBigInteger('user_id');
|
||||
$table->string('user_type');
|
||||
|
||||
$table->foreign('permission_id')->references('id')->on('permissions')
|
||||
->onUpdate('cascade')->onDelete('cascade');
|
||||
|
||||
$table->primary(['user_id', 'permission_id', 'user_type']);
|
||||
});
|
||||
|
||||
// Create table for associating permissions to roles (Many-to-Many)
|
||||
Schema::create('permission_role', function (Blueprint $table) {
|
||||
$table->unsignedBigInteger('permission_id');
|
||||
$table->unsignedBigInteger('role_id');
|
||||
|
||||
$table->foreign('permission_id')->references('id')->on('permissions')
|
||||
->onUpdate('cascade')->onDelete('cascade');
|
||||
$table->foreign('role_id')->references('id')->on('roles')
|
||||
->onUpdate('cascade')->onDelete('cascade');
|
||||
|
||||
$table->primary(['permission_id', 'role_id']);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::dropIfExists('permission_user');
|
||||
Schema::dropIfExists('permission_role');
|
||||
Schema::dropIfExists('permissions');
|
||||
Schema::dropIfExists('role_user');
|
||||
Schema::dropIfExists('roles');
|
||||
}
|
||||
}
|
|
@ -12,6 +12,8 @@ class DatabaseSeeder extends Seeder
|
|||
*/
|
||||
public function run(): void
|
||||
{
|
||||
$this->call(LaratrustSeeder::class);
|
||||
|
||||
// \App\Models\User::factory(10)->create();
|
||||
|
||||
// \App\Models\User::factory()->create([
|
||||
|
|
|
@ -0,0 +1,103 @@
|
|||
<?php
|
||||
|
||||
namespace Database\Seeders;
|
||||
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
use Illuminate\Database\Seeder;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Config;
|
||||
|
||||
class LaratrustSeeder extends Seeder
|
||||
{
|
||||
/**
|
||||
* Run the database seeds.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function run()
|
||||
{
|
||||
$this->truncateLaratrustTables();
|
||||
|
||||
$config = Config::get('laratrust_seeder.roles_structure');
|
||||
|
||||
if ($config === null) {
|
||||
$this->command->error("The configuration has not been published. Did you run `php artisan vendor:publish --tag=\"laratrust-seeder\"`");
|
||||
$this->command->line('');
|
||||
return false;
|
||||
}
|
||||
|
||||
$mapPermission = collect(config('laratrust_seeder.permissions_map'));
|
||||
|
||||
foreach ($config as $key => $modules) {
|
||||
|
||||
// Create a new role
|
||||
$role = \App\Models\Role::firstOrCreate([
|
||||
'name' => $key,
|
||||
'display_name' => ucwords(str_replace('_', ' ', $key)),
|
||||
'description' => ucwords(str_replace('_', ' ', $key))
|
||||
]);
|
||||
$permissions = [];
|
||||
|
||||
$this->command->info('Creating Role '. strtoupper($key));
|
||||
|
||||
// Reading role permission modules
|
||||
foreach ($modules as $module => $value) {
|
||||
|
||||
foreach (explode(',', $value) as $p => $perm) {
|
||||
|
||||
$permissionValue = $mapPermission->get($perm);
|
||||
|
||||
$permissions[] = \App\Models\Permission::firstOrCreate([
|
||||
'name' => $module . '-' . $permissionValue,
|
||||
'display_name' => ucfirst($permissionValue) . ' ' . ucfirst($module),
|
||||
'description' => ucfirst($permissionValue) . ' ' . ucfirst($module),
|
||||
])->id;
|
||||
|
||||
$this->command->info('Creating Permission to '.$permissionValue.' for '. $module);
|
||||
}
|
||||
}
|
||||
|
||||
// Attach all permissions to the role
|
||||
$role->permissions()->sync($permissions);
|
||||
|
||||
if (Config::get('laratrust_seeder.create_users')) {
|
||||
$this->command->info("Creating '{$key}' user");
|
||||
// Create default user for each role
|
||||
$user = \App\Models\User::create([
|
||||
'name' => ucwords(str_replace('_', ' ', $key)),
|
||||
'email' => $key.'@app.com',
|
||||
'password' => bcrypt('password')
|
||||
]);
|
||||
$user->attachRole($role);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Truncates all the laratrust tables and the users table
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function truncateLaratrustTables()
|
||||
{
|
||||
$this->command->info('Truncating User, Role and Permission tables');
|
||||
Schema::disableForeignKeyConstraints();
|
||||
|
||||
DB::table('permission_role')->truncate();
|
||||
DB::table('permission_user')->truncate();
|
||||
DB::table('role_user')->truncate();
|
||||
|
||||
if (Config::get('laratrust_seeder.truncate_tables')) {
|
||||
DB::table('roles')->truncate();
|
||||
DB::table('permissions')->truncate();
|
||||
|
||||
if (Config::get('laratrust_seeder.create_users')) {
|
||||
$usersTable = (new \App\Models\User)->getTable();
|
||||
DB::table($usersTable)->truncate();
|
||||
}
|
||||
}
|
||||
|
||||
Schema::enableForeignKeyConstraints();
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue