117 lines
3.1 KiB
PHP
117 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace App\Services;
|
|
|
|
use App\Models\Permission;
|
|
use App\Models\Role;
|
|
use App\Models\User;
|
|
|
|
class PermissionService
|
|
{
|
|
public function createPermission($name, $displayName = null, $description = null)
|
|
{
|
|
$isWildcard = str_contains($name, '*');
|
|
|
|
return Permission::create([
|
|
'name' => $name,
|
|
'display_name' => $displayName ?? $name,
|
|
'description' => $description,
|
|
'is_wildcard' => $isWildcard
|
|
]);
|
|
}
|
|
|
|
public function createRole($name, $displayName = null, $description = null)
|
|
{
|
|
return Role::create([
|
|
'name' => $name,
|
|
'display_name' => $displayName ?? $name,
|
|
'description' => $description
|
|
]);
|
|
}
|
|
|
|
public function assignPermissionToRole($permission, $role)
|
|
{
|
|
if (is_string($permission)) {
|
|
$permission = Permission::where('name', $permission)->firstOrFail();
|
|
}
|
|
|
|
if (is_string($role)) {
|
|
$role = Role::where('name', $role)->firstOrFail();
|
|
}
|
|
|
|
$role->permissions()->syncWithoutDetaching([$permission->id]);
|
|
|
|
return $role;
|
|
}
|
|
|
|
public function removePermissionFromRole($permission, $role)
|
|
{
|
|
if (is_string($permission)) {
|
|
$permission = Permission::where('name', $permission)->firstOrFail();
|
|
}
|
|
|
|
if (is_string($role)) {
|
|
$role = Role::where('name', $role)->firstOrFail();
|
|
}
|
|
|
|
$role->permissions()->detach($permission->id);
|
|
|
|
return $role;
|
|
}
|
|
|
|
public function getUserPermissions(User $user)
|
|
{
|
|
// Get direct permissions
|
|
$directPermissions = $user->permissions;
|
|
|
|
// Get role-based permissions
|
|
$rolePermissions = collect();
|
|
foreach ($user->roles as $role) {
|
|
$rolePermissions = $rolePermissions->merge($role->permissions);
|
|
}
|
|
|
|
// Merge and remove duplicates
|
|
return $directPermissions->merge($rolePermissions)->unique('id');
|
|
}
|
|
|
|
public function checkPermission(User $user, $permission)
|
|
{
|
|
return $user->hasPermission($permission);
|
|
}
|
|
|
|
public function getMatchingPermissions($permissionPattern)
|
|
{
|
|
$allPermissions = Permission::all();
|
|
$matchingPermissions = collect();
|
|
|
|
foreach ($allPermissions as $perm) {
|
|
if ($perm->is_wildcard && $perm->matches($permissionPattern)) {
|
|
$matchingPermissions->push($perm);
|
|
} elseif ($perm->name === $permissionPattern) {
|
|
$matchingPermissions->push($perm);
|
|
}
|
|
}
|
|
|
|
return $matchingPermissions;
|
|
}
|
|
|
|
public function syncRolePermissions(Role $role, array $permissions)
|
|
{
|
|
$permissionIds = [];
|
|
|
|
foreach ($permissions as $permission) {
|
|
if (is_string($permission)) {
|
|
$perm = Permission::where('name', $permission)->first();
|
|
if ($perm) {
|
|
$permissionIds[] = $perm->id;
|
|
}
|
|
} else {
|
|
$permissionIds[] = $permission->id;
|
|
}
|
|
}
|
|
|
|
$role->permissions()->sync($permissionIds);
|
|
|
|
return $role;
|
|
}
|
|
}
|