flbxcup/app/Services/PermissionService.php
2025-06-23 23:12:40 +02:00

117 lines
3.1 KiB
PHP

<?php
namespace App\Services;
use App\Models\Permission;
use App\Models\Role;
use App\Models\User;
class PermissionService
{
public function createPermission($name, $displayName = null, $description = null)
{
$isWildcard = str_contains($name, '*');
return Permission::create([
'name' => $name,
'display_name' => $displayName ?? $name,
'description' => $description,
'is_wildcard' => $isWildcard
]);
}
public function createRole($name, $displayName = null, $description = null)
{
return Role::create([
'name' => $name,
'display_name' => $displayName ?? $name,
'description' => $description
]);
}
public function assignPermissionToRole($permission, $role)
{
if (is_string($permission)) {
$permission = Permission::where('name', $permission)->firstOrFail();
}
if (is_string($role)) {
$role = Role::where('name', $role)->firstOrFail();
}
$role->permissions()->syncWithoutDetaching([$permission->id]);
return $role;
}
public function removePermissionFromRole($permission, $role)
{
if (is_string($permission)) {
$permission = Permission::where('name', $permission)->firstOrFail();
}
if (is_string($role)) {
$role = Role::where('name', $role)->firstOrFail();
}
$role->permissions()->detach($permission->id);
return $role;
}
public function getUserPermissions(User $user)
{
// Get direct permissions
$directPermissions = $user->permissions;
// Get role-based permissions
$rolePermissions = collect();
foreach ($user->roles as $role) {
$rolePermissions = $rolePermissions->merge($role->permissions);
}
// Merge and remove duplicates
return $directPermissions->merge($rolePermissions)->unique('id');
}
public function checkPermission(User $user, $permission)
{
return $user->hasPermission($permission);
}
public function getMatchingPermissions($permissionPattern)
{
$allPermissions = Permission::all();
$matchingPermissions = collect();
foreach ($allPermissions as $perm) {
if ($perm->is_wildcard && $perm->matches($permissionPattern)) {
$matchingPermissions->push($perm);
} elseif ($perm->name === $permissionPattern) {
$matchingPermissions->push($perm);
}
}
return $matchingPermissions;
}
public function syncRolePermissions(Role $role, array $permissions)
{
$permissionIds = [];
foreach ($permissions as $permission) {
if (is_string($permission)) {
$perm = Permission::where('name', $permission)->first();
if ($perm) {
$permissionIds[] = $perm->id;
}
} else {
$permissionIds[] = $permission->id;
}
}
$role->permissions()->sync($permissionIds);
return $role;
}
}