|
1
|
|
|
<?php |
|
2
|
|
|
namespace Fabrica\Acl; |
|
3
|
|
|
|
|
4
|
|
|
use Fabrica\Acl\Eloquent\Role; |
|
5
|
|
|
use Fabrica\Acl\Eloquent\RolePermissions; |
|
6
|
|
|
use Fabrica\Acl\Eloquent\Roleactor; |
|
7
|
|
|
use Fabrica\Acl\Eloquent\Group; |
|
8
|
|
|
use Fabrica\Acl\Permissions; |
|
9
|
|
|
|
|
10
|
|
|
class Acl |
|
11
|
|
|
{ |
|
12
|
|
|
|
|
13
|
|
|
/** |
|
14
|
|
|
* get role list in the project. |
|
15
|
|
|
* |
|
16
|
|
|
* @var string $project_key |
|
17
|
|
|
* @return collection |
|
18
|
|
|
*/ |
|
19
|
|
|
public static function getRoles($project_key) |
|
20
|
|
|
{ |
|
21
|
|
|
return Roleactor::where('project_key', $project_key)->orwhere('project_key', '$_sys_$')->get(); |
|
22
|
|
|
} |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* get role list in the project by userid. |
|
26
|
|
|
* |
|
27
|
|
|
* @var string $project_key |
|
28
|
|
|
* @var string $user_id |
|
29
|
|
|
* @return collection |
|
30
|
|
|
*/ |
|
31
|
|
|
public static function getRolesByUid($project_key, $user_id) |
|
32
|
|
|
{ |
|
33
|
|
|
$role_ids = []; |
|
34
|
|
|
|
|
35
|
|
|
$groups = self::getBoundGroups($user_id); |
|
36
|
|
View Code Duplication |
foreach ($groups as $group) |
|
|
|
|
|
|
37
|
|
|
{ |
|
38
|
|
|
$role_actors = Roleactor::whereRaw([ 'group_ids' => $group['id'], 'project_key' => $project_key ]) |
|
39
|
|
|
->get([ 'role_id' ]) |
|
40
|
|
|
->toArray(); |
|
41
|
|
|
foreach($role_actors as $actor) |
|
42
|
|
|
{ |
|
43
|
|
|
$role_ids[] = $actor['role_id']; |
|
44
|
|
|
} |
|
45
|
|
|
} |
|
46
|
|
|
|
|
47
|
|
|
$role_actors = Roleactor::whereRaw([ 'user_ids' => $user_id, 'project_key' => $project_key ]) |
|
48
|
|
|
->get(['role_id']) |
|
49
|
|
|
->toArray(); |
|
50
|
|
|
foreach($role_actors as $actor) |
|
51
|
|
|
{ |
|
52
|
|
|
$role_ids[] = $actor['role_id']; |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
return array_values(array_unique($role_ids)); |
|
56
|
|
|
} |
|
57
|
|
|
|
|
58
|
|
|
/** |
|
59
|
|
|
* get user list who has the permission allow in the project. |
|
60
|
|
|
* |
|
61
|
|
|
* @var string permission |
|
62
|
|
|
* @var string project_key |
|
63
|
|
|
* @return array |
|
64
|
|
|
*/ |
|
65
|
|
|
public static function getUserIdsByPermission($permission, $project_key) |
|
66
|
|
|
{ |
|
67
|
|
|
$role_ids = []; |
|
68
|
|
|
$rps = RolePermissions::whereRaw([ 'permissions' => $permission, 'project_key' => $project_key ])->get(); |
|
69
|
|
|
foreach ($rps as $rp) |
|
70
|
|
|
{ |
|
71
|
|
|
$role_ids[] = $rp->role_id; |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
$local_role_ids = []; |
|
75
|
|
|
$local_rps = RolePermissions::whereRaw([ 'project_key' => $project_key ])->get(); |
|
76
|
|
|
foreach ($local_rps as $rp) |
|
77
|
|
|
{ |
|
78
|
|
|
$local_role_ids[] = $rp->role_id; |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
$rps = RolePermissions::whereRaw([ 'permissions' => $permission, 'project_key' => '$_sys_$', 'role_id' => [ '$nin' => $local_role_ids ] ])->get(); |
|
82
|
|
|
foreach ($rps as $rp) |
|
83
|
|
|
{ |
|
84
|
|
|
$role_ids[] = $rp->role_id; |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
$user_ids = []; |
|
88
|
|
|
$group_ids = []; |
|
89
|
|
|
$role_actors = Roleactor::whereRaw([ 'project_key' => $project_key, 'role_id' => [ '$in' => $role_ids ] ])->get(); |
|
90
|
|
|
foreach ($role_actors as $actor) |
|
91
|
|
|
{ |
|
92
|
|
|
if (isset($actor->user_ids) && $actor->user_ids) { |
|
93
|
|
|
$user_ids = array_merge($user_ids, $actor->user_ids); |
|
94
|
|
|
} |
|
95
|
|
|
if (isset($actor->group_ids) && $actor->group_ids) { |
|
96
|
|
|
$group_ids = array_merge($group_ids, $actor->group_ids); |
|
97
|
|
|
} |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
foreach ($group_ids as $group_id) |
|
101
|
|
|
{ |
|
102
|
|
|
$group = Group::find($group_id); |
|
103
|
|
|
if ($group && isset($group->users) && $group->users) { |
|
104
|
|
|
$user_ids = array_merge($user_ids, $group->users); |
|
105
|
|
|
} |
|
106
|
|
|
} |
|
107
|
|
|
|
|
108
|
|
|
return array_values(array_unique($user_ids)); |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* check if user has permission allow. |
|
113
|
|
|
* |
|
114
|
|
|
* @var string $user_id |
|
115
|
|
|
* @var string $permission |
|
116
|
|
|
* @var string $project_key |
|
117
|
|
|
* @return boolean |
|
118
|
|
|
*/ |
|
119
|
|
|
public static function isAllowed($user_id, $permission, $project_key) |
|
120
|
|
|
{ |
|
121
|
|
|
$permissions = self::getPermissions($user_id, $project_key); |
|
122
|
|
|
if ($permission == 'view_project') { |
|
123
|
|
|
return !!$permissions; |
|
124
|
|
|
} |
|
125
|
|
|
else |
|
126
|
|
|
{ |
|
127
|
|
|
return in_array($permission, $permissions); |
|
128
|
|
|
} |
|
129
|
|
|
} |
|
130
|
|
|
|
|
131
|
|
|
/** |
|
132
|
|
|
* get groups user is bound |
|
133
|
|
|
* |
|
134
|
|
|
* @var string $user_id |
|
135
|
|
|
* @return array |
|
136
|
|
|
*/ |
|
137
|
|
|
public static function getBoundGroups($user_id) |
|
138
|
|
|
{ |
|
139
|
|
|
$groups = []; |
|
140
|
|
|
$group_list = Group::where([ 'users' => $user_id ])->get(); |
|
141
|
|
|
foreach ($group_list as $group) { |
|
142
|
|
|
$groups[] = [ 'id' => $group->id, 'name' => $group->name ]; |
|
143
|
|
|
} |
|
144
|
|
|
return $groups; |
|
145
|
|
|
} |
|
146
|
|
|
|
|
147
|
|
|
/** |
|
148
|
|
|
* get user's all permissions in the project. |
|
149
|
|
|
* |
|
150
|
|
|
* @var string $user_id |
|
151
|
|
|
* @var string $project_key |
|
152
|
|
|
* @return array |
|
153
|
|
|
*/ |
|
154
|
|
|
public static function getPermissions($user_id, $project_key) |
|
155
|
|
|
{ |
|
156
|
|
|
$role_ids = []; |
|
157
|
|
|
$role_actors = Roleactor::whereRaw([ 'user_ids' => $user_id, 'project_key' => $project_key ]) |
|
158
|
|
|
->get([ 'role_id' ]) |
|
159
|
|
|
->toArray(); |
|
160
|
|
|
foreach($role_actors as $actor) |
|
161
|
|
|
{ |
|
162
|
|
|
$role_ids[] = $actor['role_id']; |
|
163
|
|
|
} |
|
164
|
|
|
|
|
165
|
|
|
$groups = self::getBoundGroups($user_id); |
|
166
|
|
View Code Duplication |
foreach ($groups as $group) |
|
|
|
|
|
|
167
|
|
|
{ |
|
168
|
|
|
$role_actors = Roleactor::whereRaw([ 'group_ids' => $group['id'], 'project_key' => $project_key ]) |
|
169
|
|
|
->get([ 'role_id' ]) |
|
170
|
|
|
->toArray(); |
|
171
|
|
|
foreach($role_actors as $actor) |
|
172
|
|
|
{ |
|
173
|
|
|
$role_ids[] = $actor['role_id']; |
|
174
|
|
|
} |
|
175
|
|
|
} |
|
176
|
|
|
|
|
177
|
|
|
$all_permissions = []; |
|
178
|
|
|
|
|
179
|
|
|
foreach ($role_ids as $role_id) |
|
180
|
|
|
{ |
|
181
|
|
|
$rp = RolePermissions::where('project_key', $project_key) |
|
182
|
|
|
->where('role_id', $role_id) |
|
183
|
|
|
->first(); |
|
184
|
|
|
|
|
185
|
|
|
if (!$rp) { |
|
186
|
|
|
$rp = RolePermissions::where('project_key', '$_sys_$') |
|
187
|
|
|
->where('role_id', $role_id) |
|
188
|
|
|
->first(); |
|
189
|
|
|
} |
|
190
|
|
|
|
|
191
|
|
|
if ($rp) { |
|
192
|
|
|
$all_permissions = array_merge($all_permissions, $rp->permissions ?: []); |
|
193
|
|
|
} |
|
194
|
|
|
} |
|
195
|
|
|
return array_values(array_unique($all_permissions)); |
|
196
|
|
|
} |
|
197
|
|
|
|
|
198
|
|
|
/** |
|
199
|
|
|
* get permission list. |
|
200
|
|
|
* |
|
201
|
|
|
* @return array |
|
202
|
|
|
*/ |
|
203
|
|
|
public static function getAllPermissions() |
|
204
|
|
|
{ |
|
205
|
|
|
return Permissions::all(); |
|
206
|
|
|
} |
|
207
|
|
|
} |
|
208
|
|
|
|
SierraTecnologia /
fabrica
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.