mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-11-23 11:22:33 +01:00
Started creation of intermediate permission table
This commit is contained in:
Dan Brown
parent
043cdeafb3
commit
ea287ebf86
28
app/EntityPermission.php
Normal file
28
app/EntityPermission.php
Normal file
@ -0,0 +1,28 @@
|
||||
<?php
|
||||
|
||||
namespace BookStack;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class EntityPermission extends Model
|
||||
{
|
||||
public $timestamps = false;
|
||||
|
||||
/**
|
||||
* Get the role that this points to.
|
||||
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
||||
*/
|
||||
public function role()
|
||||
{
|
||||
return $this->belongsTo(Role::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the entity this points to.
|
||||
* @return \Illuminate\Database\Eloquent\Relations\MorphOne
|
||||
*/
|
||||
public function entity()
|
||||
{
|
||||
return $this->morphOne(Entity::class, 'entity');
|
||||
}
|
||||
}
|
||||
@ -1,6 +1,13 @@
|
||||
<?php namespace BookStack\Services;
|
||||
|
||||
use BookStack\Book;
|
||||
use BookStack\Chapter;
|
||||
use BookStack\Entity;
|
||||
use BookStack\EntityPermission;
|
||||
use BookStack\Page;
|
||||
use BookStack\Permission;
|
||||
use BookStack\Role;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
|
||||
class RestrictionService
|
||||
{
|
||||
@ -10,14 +17,84 @@ class RestrictionService
|
||||
protected $currentAction;
|
||||
protected $currentUser;
|
||||
|
||||
public $book;
|
||||
public $chapter;
|
||||
public $page;
|
||||
|
||||
protected $entityPermission;
|
||||
protected $role;
|
||||
protected $permission;
|
||||
|
||||
/**
|
||||
* RestrictionService constructor.
|
||||
* @param EntityPermission $entityPermission
|
||||
* @param Book $book
|
||||
* @param Chapter $chapter
|
||||
* @param Page $page
|
||||
* @param Role $role
|
||||
* @param Permission $permission
|
||||
*/
|
||||
public function __construct()
|
||||
public function __construct(EntityPermission $entityPermission, Book $book, Chapter $chapter, Page $page, Role $role, Permission $permission)
|
||||
{
|
||||
$this->currentUser = auth()->user();
|
||||
$this->userRoles = $this->currentUser ? $this->currentUser->roles->pluck('id') : [];
|
||||
$this->isAdmin = $this->currentUser ? $this->currentUser->hasRole('admin') : false;
|
||||
|
||||
$this->entityPermission = $entityPermission;
|
||||
$this->role = $role;
|
||||
$this->permission = $permission;
|
||||
$this->book = $book;
|
||||
$this->chapter = $chapter;
|
||||
$this->page = $page;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Re-generate all entity permission from scratch.
|
||||
*/
|
||||
public function buildEntityPermissions()
|
||||
{
|
||||
$this->entityPermission->truncate();
|
||||
|
||||
// Get all roles (Should be the most limited dimension)
|
||||
$roles = $this->role->load('permissions')->all();
|
||||
|
||||
// Chunk through all books
|
||||
$this->book->chunk(500, function ($books) use ($roles) {
|
||||
$this->createManyEntityPermissions($books, $roles);
|
||||
});
|
||||
|
||||
// Chunk through all chapters
|
||||
$this->chapter->chunk(500, function ($books) use ($roles) {
|
||||
$this->createManyEntityPermissions($books, $roles);
|
||||
});
|
||||
|
||||
// Chunk through all pages
|
||||
$this->page->chunk(500, function ($books) use ($roles) {
|
||||
$this->createManyEntityPermissions($books, $roles);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Create & Save entity permissions for many entities and permissions.
|
||||
* @param Collection $entities
|
||||
* @param Collection $roles
|
||||
*/
|
||||
protected function createManyEntityPermissions($entities, $roles)
|
||||
{
|
||||
$entityPermissions = [];
|
||||
foreach ($entities as $entity) {
|
||||
foreach ($roles as $role) {
|
||||
$entityPermissions[] = $this->createEntityPermission($entity, $role);
|
||||
}
|
||||
}
|
||||
$this->entityPermission->insert($entityPermissions);
|
||||
}
|
||||
|
||||
|
||||
protected function createEntityPermissionData(Entity $entity, Role $role)
|
||||
{
|
||||
// TODO - Check the permission values and return an EntityPermission
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -0,0 +1,34 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
|
||||
class CreateEntityPermissionsTable extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::create('entity_permissions', function (Blueprint $table) {
|
||||
$table->increments('id');
|
||||
$table->integer('role_id');
|
||||
$table->string('entity_type');
|
||||
$table->integer('entity_id');
|
||||
$table->string('action');
|
||||
$table->boolean('has_permission')->default(false);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::drop('entity_permissions');
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user