EmilMoe /
Guardian
@@ -5,7 +5,6 @@ |
||
| 5 | 5 | use EmilMoe\Guardian\Http\Models\Role; |
| 6 | 6 | use EmilMoe\Guardian\Support\Guardian; |
| 7 | 7 | use EmilMoe\Guardian\Http\Models\Permission; |
| 8 | - |
|
| 9 | 8 | use Illuminate\Support\Facades\DB; |
| 10 | 9 | use Illuminate\Support\Collection; |
| 11 | 10 | use Illuminate\Support\Facades\Auth; |
@@ -32,8 +32,9 @@ discard block |
||
| 32 | 32 | { |
| 33 | 33 | $p = collect([]); |
| 34 | 34 | |
| 35 | - foreach ($this->roles()->get() as $role) |
|
| 36 | - $p = $p->merge($role->permissions()->get()); |
|
| 35 | + foreach ($this->roles()->get() as $role) { |
|
| 36 | + $p = $p->merge($role->permissions()->get()); |
|
| 37 | + } |
|
| 37 | 38 | |
| 38 | 39 | return $p->unique(); |
| 39 | 40 | } |
@@ -49,14 +50,17 @@ discard block |
||
| 49 | 50 | */ |
| 50 | 51 | public function hasAccess($permission, $id = null) |
| 51 | 52 | { |
| 52 | - if ($this->hasGlobalAccess($permission)) |
|
| 53 | - return true; |
|
| 53 | + if ($this->hasGlobalAccess($permission)) { |
|
| 54 | + return true; |
|
| 55 | + } |
|
| 54 | 56 | |
| 55 | - if ($this->hasLocalAccess($permission, $id)) |
|
| 56 | - return true; |
|
| 57 | + if ($this->hasLocalAccess($permission, $id)) { |
|
| 58 | + return true; |
|
| 59 | + } |
|
| 57 | 60 | |
| 58 | - if ($this->hasInheritAccess($permission, $id)) |
|
| 59 | - return true; |
|
| 61 | + if ($this->hasInheritAccess($permission, $id)) { |
|
| 62 | + return true; |
|
| 63 | + } |
|
| 60 | 64 | |
| 61 | 65 | return false; |
| 62 | 66 | } |
@@ -72,13 +76,15 @@ discard block |
||
| 72 | 76 | */ |
| 73 | 77 | public function hasAccessAny($permission) |
| 74 | 78 | { |
| 75 | - if ($this->hasAccess($permission)) |
|
| 76 | - return true; |
|
| 79 | + if ($this->hasAccess($permission)) { |
|
| 80 | + return true; |
|
| 81 | + } |
|
| 77 | 82 | |
| 78 | 83 | $permission = Permission::where('name', $permission); |
| 79 | 84 | |
| 80 | - if ($permission->count() == 0 || $permission->first()->table == null) |
|
| 81 | - return false; |
|
| 85 | + if ($permission->count() == 0 || $permission->first()->table == null) { |
|
| 86 | + return false; |
|
| 87 | + } |
|
| 82 | 88 | |
| 83 | 89 | return DB::table(Permission::where('name', $permission)->first()->table) |
| 84 | 90 | ->where($permission->first()->user_id_column, Auth::id()) |
@@ -108,20 +114,23 @@ discard block |
||
| 108 | 114 | */ |
| 109 | 115 | private function hasLocalAccess($permission, $id) |
| 110 | 116 | { |
| 111 | - if (! $id) |
|
| 112 | - return false; |
|
| 117 | + if (! $id) { |
|
| 118 | + return false; |
|
| 119 | + } |
|
| 113 | 120 | |
| 114 | 121 | $permission = Permission::where('name', $permission); |
| 115 | 122 | |
| 116 | - if ($permission->count() == 0 || $permission->first()->table == null) |
|
| 117 | - return false; |
|
| 123 | + if ($permission->count() == 0 || $permission->first()->table == null) { |
|
| 124 | + return false; |
|
| 125 | + } |
|
| 118 | 126 | |
| 119 | 127 | if (DB::table($permission->first()->table) |
| 120 | 128 | ->where($permission->first()->user_id_column, Auth::id()) |
| 121 | 129 | ->where($permission->first()->foreign_id_column, $id) |
| 122 | 130 | ->where('is_privileged', true) |
| 123 | - ->count() > 0) |
|
| 124 | - return true; |
|
| 131 | + ->count() > 0) { |
|
| 132 | + return true; |
|
| 133 | + } |
|
| 125 | 134 | |
| 126 | 135 | return false; |
| 127 | 136 | } |
@@ -138,11 +147,13 @@ discard block |
||
| 138 | 147 | */ |
| 139 | 148 | private function hasInheritAccess($permission, $id) |
| 140 | 149 | { |
| 141 | - if (! $id) |
|
| 142 | - return false; |
|
| 150 | + if (! $id) { |
|
| 151 | + return false; |
|
| 152 | + } |
|
| 143 | 153 | |
| 144 | - if (method_exists(Auth::user(), $permission .'Privilege')) |
|
| 145 | - return Auth::user()->{$permission .'Privilege'}($id); |
|
| 154 | + if (method_exists(Auth::user(), $permission .'Privilege')) { |
|
| 155 | + return Auth::user()->{$permission .'Privilege'}($id); |
|
| 156 | + } |
|
| 146 | 157 | |
| 147 | 158 | return false; |
| 148 | 159 | } |
@@ -28,16 +28,18 @@ |
||
| 28 | 28 | $table->string('name'); |
| 29 | 29 | $table->boolean('locked')->default(false); |
| 30 | 30 | |
| 31 | - if (Guardian::hasClients()) |
|
| 32 | - $table->integer(Guardian::getClientColumn())->unsigned(); |
|
| 31 | + if (Guardian::hasClients()) { |
|
| 32 | + $table->integer(Guardian::getClientColumn())->unsigned(); |
|
| 33 | + } |
|
| 33 | 34 | |
| 34 | 35 | $table->timestamps(); |
| 35 | 36 | |
| 36 | - if (Guardian::hasClients()) |
|
| 37 | - $table->foreign(Guardian::getClientColumn()) |
|
| 37 | + if (Guardian::hasClients()) { |
|
| 38 | + $table->foreign(Guardian::getClientColumn()) |
|
| 38 | 39 | ->references(Guardian::getClientKey()) |
| 39 | 40 | ->on(Guardian::getClientTable()) |
| 40 | 41 | ->onDelete('cascade'); |
| 42 | + } |
|
| 41 | 43 | }); |
| 42 | 44 | |
| 43 | 45 | Schema::create(config('guardian.table.role') .'_'. config('guardian.table.permission'), function (Blueprint $table) { |
@@ -65,8 +65,9 @@ |
||
| 65 | 65 | { |
| 66 | 66 | return Auth::user()->{config('guardian.client.relation')}; |
| 67 | 67 | |
| 68 | - foreach (config('guardian.client') as $step) |
|
| 69 | - $user = $user->{$step}; |
|
| 68 | + foreach (config('guardian.client') as $step) { |
|
| 69 | + $user = $user->{$step}; |
|
| 70 | + } |
|
| 70 | 71 | |
| 71 | 72 | return $user; |
| 72 | 73 | } |
@@ -22,8 +22,9 @@ discard block |
||
| 22 | 22 | { |
| 23 | 23 | $this->toCollection($permission); |
| 24 | 24 | |
| 25 | - if (! $this->hasAccess($request, $permission)) |
|
| 26 | - return Guardian::restricted(); |
|
| 25 | + if (! $this->hasAccess($request, $permission)) { |
|
| 26 | + return Guardian::restricted(); |
|
| 27 | + } |
|
| 27 | 28 | |
| 28 | 29 | return $next($request); |
| 29 | 30 | } |
@@ -50,11 +51,13 @@ discard block |
||
| 50 | 51 | */ |
| 51 | 52 | private function hasAccess($request, $permission) |
| 52 | 53 | { |
| 53 | - if (! Auth::check()) |
|
| 54 | - return false; |
|
| 54 | + if (! Auth::check()) { |
|
| 55 | + return false; |
|
| 56 | + } |
|
| 55 | 57 | |
| 56 | - if ($this->hasGlobalAccess($permission) || $this->hasLocalAccess($request, $permission)) |
|
| 57 | - return true; |
|
| 58 | + if ($this->hasGlobalAccess($permission) || $this->hasLocalAccess($request, $permission)) { |
|
| 59 | + return true; |
|
| 60 | + } |
|
| 58 | 61 | |
| 59 | 62 | return false; |
| 60 | 63 | } |
@@ -67,12 +70,14 @@ discard block |
||
| 67 | 70 | */ |
| 68 | 71 | private function hasGlobalAccess($permission) |
| 69 | 72 | { |
| 70 | - if (is_string($permission)) |
|
| 71 | - return Auth::user()->hasAccess($permission); |
|
| 73 | + if (is_string($permission)) { |
|
| 74 | + return Auth::user()->hasAccess($permission); |
|
| 75 | + } |
|
| 72 | 76 | |
| 73 | - foreach ($permission as $perm) |
|
| 74 | - if ($this->hasGlobalAccess($perm->getName())) |
|
| 77 | + foreach ($permission as $perm) { |
|
| 78 | + if ($this->hasGlobalAccess($perm->getName())) |
|
| 75 | 79 | return true; |
| 80 | + } |
|
| 76 | 81 | |
| 77 | 82 | return false; |
| 78 | 83 | } |
@@ -87,12 +92,14 @@ discard block |
||
| 87 | 92 | */ |
| 88 | 93 | private function hasLocalAccess($request, $permission, $id = null) |
| 89 | 94 | { |
| 90 | - if (is_string($permission)) |
|
| 91 | - return Auth::user()->hasAccess($permission, $id); |
|
| 95 | + if (is_string($permission)) { |
|
| 96 | + return Auth::user()->hasAccess($permission, $id); |
|
| 97 | + } |
|
| 92 | 98 | |
| 93 | - foreach ($permission as $perm) |
|
| 94 | - if ($this->hasLocalAccess($request, $perm->getName(), $request->{$perm->getColumn()})) |
|
| 99 | + foreach ($permission as $perm) { |
|
| 100 | + if ($this->hasLocalAccess($request, $perm->getName(), $request->{$perm->getColumn()})) |
|
| 95 | 101 | return true; |
| 102 | + } |
|
| 96 | 103 | |
| 97 | 104 | return false; |
| 98 | 105 | } |
@@ -37,8 +37,9 @@ discard block |
||
| 37 | 37 | */ |
| 38 | 38 | public static function create(array $attributes = []) |
| 39 | 39 | { |
| 40 | - if (Guardian::hasClients()) |
|
| 41 | - $attributes[Guardian::getClientColumn()] = Guardian::getClientId(); |
|
| 40 | + if (Guardian::hasClients()) { |
|
| 41 | + $attributes[Guardian::getClientColumn()] = Guardian::getClientId(); |
|
| 42 | + } |
|
| 42 | 43 | |
| 43 | 44 | return parent::create($attributes); |
| 44 | 45 | } |
@@ -85,11 +86,13 @@ discard block |
||
| 85 | 86 | */ |
| 86 | 87 | public function update(array $attributes = [], array $options = []) |
| 87 | 88 | { |
| 88 | - if (Guardian::hasClients()) |
|
| 89 | - $attributes[Guardian::getClientColumn()] = Guardian::getClientId(); |
|
| 89 | + if (Guardian::hasClients()) { |
|
| 90 | + $attributes[Guardian::getClientColumn()] = Guardian::getClientId(); |
|
| 91 | + } |
|
| 90 | 92 | |
| 91 | - if ($this->locked) |
|
| 92 | - return false; |
|
| 93 | + if ($this->locked) { |
|
| 94 | + return false; |
|
| 95 | + } |
|
| 93 | 96 | |
| 94 | 97 | return parent::update($attributes, $options); |
| 95 | 98 | } |
@@ -104,15 +107,18 @@ discard block |
||
| 104 | 107 | */ |
| 105 | 108 | public function addUser($userid) |
| 106 | 109 | { |
| 107 | - if ($this->locked == true) |
|
| 108 | - return; |
|
| 110 | + if ($this->locked == true) { |
|
| 111 | + return; |
|
| 112 | + } |
|
| 109 | 113 | |
| 110 | - if (Guardian::hasClients()) |
|
| 111 | - if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 114 | + if (Guardian::hasClients()) { |
|
| 115 | + if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 112 | 116 | return; |
| 117 | + } |
|
| 113 | 118 | |
| 114 | - if (! $this->users()->get()->contains($userid)) |
|
| 115 | - $this->users()->attach($userid); |
|
| 119 | + if (! $this->users()->get()->contains($userid)) { |
|
| 120 | + $this->users()->attach($userid); |
|
| 121 | + } |
|
| 116 | 122 | } |
| 117 | 123 | |
| 118 | 124 | /** |
@@ -125,12 +131,14 @@ discard block |
||
| 125 | 131 | */ |
| 126 | 132 | public function removeUser($userid) |
| 127 | 133 | { |
| 128 | - if ($this->locked == true) |
|
| 129 | - return; |
|
| 134 | + if ($this->locked == true) { |
|
| 135 | + return; |
|
| 136 | + } |
|
| 130 | 137 | |
| 131 | - if (Guardian::hasClients()) |
|
| 132 | - if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 138 | + if (Guardian::hasClients()) { |
|
| 139 | + if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 133 | 140 | return; |
| 141 | + } |
|
| 134 | 142 | |
| 135 | 143 | $this->users()->detach($userid); |
| 136 | 144 | } |
@@ -145,17 +153,20 @@ discard block |
||
| 145 | 153 | */ |
| 146 | 154 | public function addPermission($permission) |
| 147 | 155 | { |
| 148 | - if ($this->locked == true) |
|
| 149 | - return; |
|
| 156 | + if ($this->locked == true) { |
|
| 157 | + return; |
|
| 158 | + } |
|
| 150 | 159 | |
| 151 | - if (Guardian::hasClients()) |
|
| 152 | - if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 160 | + if (Guardian::hasClients()) { |
|
| 161 | + if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 153 | 162 | return; |
| 163 | + } |
|
| 154 | 164 | |
| 155 | 165 | $id = Permission::where('name', $permission)->first()->id; |
| 156 | 166 | |
| 157 | - if (! $this->permissions()->get()->contains($id)) |
|
| 158 | - $this->permissions()->attach($id); |
|
| 167 | + if (! $this->permissions()->get()->contains($id)) { |
|
| 168 | + $this->permissions()->attach($id); |
|
| 169 | + } |
|
| 159 | 170 | } |
| 160 | 171 | |
| 161 | 172 | /** |
@@ -168,12 +179,14 @@ discard block |
||
| 168 | 179 | */ |
| 169 | 180 | public function removePermission($permission) |
| 170 | 181 | { |
| 171 | - if ($this->locked == true) |
|
| 172 | - return; |
|
| 182 | + if ($this->locked == true) { |
|
| 183 | + return; |
|
| 184 | + } |
|
| 173 | 185 | |
| 174 | - if (Guardian::hasClients()) |
|
| 175 | - if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 186 | + if (Guardian::hasClients()) { |
|
| 187 | + if (Guardian::getClientId() != $this->{Guardian::getClientColumn()}) |
|
| 176 | 188 | return; |
| 189 | + } |
|
| 177 | 190 | |
| 178 | 191 | $id = Permission::where('name', $permission)->first()->id; |
| 179 | 192 | |
@@ -188,8 +201,9 @@ discard block |
||
| 188 | 201 | */ |
| 189 | 202 | public function scopeClient($query) |
| 190 | 203 | { |
| 191 | - if (! Guardian::hasClients()) |
|
| 192 | - return $query; |
|
| 204 | + if (! Guardian::hasClients()) { |
|
| 205 | + return $query; |
|
| 206 | + } |
|
| 193 | 207 | |
| 194 | 208 | return $query->where('client_id', Guardian::getClientId()); |
| 195 | 209 | } |
@@ -35,13 +35,14 @@ |
||
| 35 | 35 | $router = $this->app['router']; |
| 36 | 36 | $router->middleware('guard', GuardianMiddleware::class); |
| 37 | 37 | |
| 38 | - if (config('guardian.api.enabled')) |
|
| 39 | - $router->group([ |
|
| 38 | + if (config('guardian.api.enabled')) { |
|
| 39 | + $router->group([ |
|
| 40 | 40 | 'namespace' => 'EmilMoe\Guardian\Http\Controllers', |
| 41 | 41 | 'prefix' => config('guardian.api.url'), |
| 42 | 42 | 'middleware' => 'auth' |
| 43 | 43 | ], function () { |
| 44 | 44 | require __DIR__ .'/Http/routes.php'; |
| 45 | + } |
|
| 45 | 46 | }); |
| 46 | 47 | } |
| 47 | 48 | } |
| 48 | 49 | \ No newline at end of file |
