area17 /
twill
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | { |
| 39 | 39 | collect($ability) |
| 40 | 40 | ->concat(static::ABILITY_ALIASES[$ability] ?? []) |
| 41 | - ->each(function ($alias) use ($callback) { |
|
| 41 | + ->each(function($alias) use ($callback) { |
|
| 42 | 42 | Gate::define($alias, $callback); |
| 43 | 43 | }); |
| 44 | 44 | } |
@@ -63,77 +63,77 @@ discard block |
||
| 63 | 63 | |
| 64 | 64 | public function boot() |
| 65 | 65 | { |
| 66 | - $this->define('list', function ($user, $item=null) { |
|
| 67 | - return $this->authorize($user, function ($user) { |
|
| 66 | + $this->define('list', function($user, $item = null) { |
|
| 67 | + return $this->authorize($user, function($user) { |
|
| 68 | 68 | return $this->userHasRole($user, [UserRole::VIEWONLY, UserRole::PUBLISHER, UserRole::ADMIN]); |
| 69 | 69 | }); |
| 70 | 70 | }); |
| 71 | 71 | |
| 72 | - $this->define('edit', function ($user, $item=null) { |
|
| 73 | - return $this->authorize($user, function ($user) { |
|
| 72 | + $this->define('edit', function($user, $item = null) { |
|
| 73 | + return $this->authorize($user, function($user) { |
|
| 74 | 74 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 75 | 75 | }); |
| 76 | 76 | }); |
| 77 | 77 | |
| 78 | - $this->define('reorder', function ($user) { |
|
| 79 | - return $this->authorize($user, function ($user) { |
|
| 78 | + $this->define('reorder', function($user) { |
|
| 79 | + return $this->authorize($user, function($user) { |
|
| 80 | 80 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 81 | 81 | }); |
| 82 | 82 | }); |
| 83 | 83 | |
| 84 | - $this->define('publish', function ($user) { |
|
| 85 | - return $this->authorize($user, function ($user) { |
|
| 84 | + $this->define('publish', function($user) { |
|
| 85 | + return $this->authorize($user, function($user) { |
|
| 86 | 86 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 87 | 87 | }); |
| 88 | 88 | }); |
| 89 | 89 | |
| 90 | - $this->define('feature', function ($user) { |
|
| 91 | - return $this->authorize($user, function ($user) { |
|
| 90 | + $this->define('feature', function($user) { |
|
| 91 | + return $this->authorize($user, function($user) { |
|
| 92 | 92 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 93 | 93 | }); |
| 94 | 94 | }); |
| 95 | 95 | |
| 96 | - $this->define('delete', function ($user) { |
|
| 97 | - return $this->authorize($user, function ($user) { |
|
| 96 | + $this->define('delete', function($user) { |
|
| 97 | + return $this->authorize($user, function($user) { |
|
| 98 | 98 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 99 | 99 | }); |
| 100 | 100 | }); |
| 101 | 101 | |
| 102 | - $this->define('duplicate', function ($user) { |
|
| 103 | - return $this->authorize($user, function ($user) { |
|
| 102 | + $this->define('duplicate', function($user) { |
|
| 103 | + return $this->authorize($user, function($user) { |
|
| 104 | 104 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 105 | 105 | }); |
| 106 | 106 | }); |
| 107 | 107 | |
| 108 | - $this->define('upload', function ($user) { |
|
| 109 | - return $this->authorize($user, function ($user) { |
|
| 108 | + $this->define('upload', function($user) { |
|
| 109 | + return $this->authorize($user, function($user) { |
|
| 110 | 110 | return $this->userHasRole($user, [UserRole::PUBLISHER, UserRole::ADMIN]); |
| 111 | 111 | }); |
| 112 | 112 | }); |
| 113 | 113 | |
| 114 | - $this->define('manage-users', function ($user) { |
|
| 115 | - return $this->authorize($user, function ($user) { |
|
| 114 | + $this->define('manage-users', function($user) { |
|
| 115 | + return $this->authorize($user, function($user) { |
|
| 116 | 116 | return $this->userHasRole($user, [UserRole::ADMIN]); |
| 117 | 117 | }); |
| 118 | 118 | }); |
| 119 | 119 | |
| 120 | 120 | // As an admin, I can edit users, except superadmins |
| 121 | 121 | // As a non-admin, I can edit myself only |
| 122 | - $this->define('edit-user', function ($user, $editedUser = null) { |
|
| 123 | - return $this->authorize($user, function ($user) use ($editedUser) { |
|
| 122 | + $this->define('edit-user', function($user, $editedUser = null) { |
|
| 123 | + return $this->authorize($user, function($user) use ($editedUser) { |
|
| 124 | 124 | return ($this->userHasRole($user, [UserRole::ADMIN]) || $user->id == $editedUser->id) |
| 125 | 125 | && ($editedUser ? $editedUser->role !== self::SUPERADMIN : true); |
| 126 | 126 | }); |
| 127 | 127 | }); |
| 128 | 128 | |
| 129 | - $this->define('publish-user', function ($user) { |
|
| 130 | - return $this->authorize($user, function ($user) { |
|
| 129 | + $this->define('publish-user', function($user) { |
|
| 130 | + return $this->authorize($user, function($user) { |
|
| 131 | 131 | $editedUserObject = User::find(request('id')); |
| 132 | 132 | return $this->userHasRole($user, [UserRole::ADMIN]) && ($editedUserObject ? $user->id !== $editedUserObject->id && $editedUserObject->role !== self::SUPERADMIN : false); |
| 133 | 133 | }); |
| 134 | 134 | }); |
| 135 | 135 | |
| 136 | - $this->define('impersonate', function ($user) { |
|
| 136 | + $this->define('impersonate', function($user) { |
|
| 137 | 137 | return $user->role === self::SUPERADMIN; |
| 138 | 138 | }); |
| 139 | 139 | } |
@@ -233,11 +233,11 @@ discard block |
||
| 233 | 233 | |
| 234 | 234 | public function allPermissions() |
| 235 | 235 | { |
| 236 | - $permissions = Permission::whereHas('users', function ($query) { |
|
| 236 | + $permissions = Permission::whereHas('users', function($query) { |
|
| 237 | 237 | $query->where('id', $this->id); |
| 238 | - })->orWhereHas('roles', function ($query) { |
|
| 238 | + })->orWhereHas('roles', function($query) { |
|
| 239 | 239 | $query->where('id', $this->role->id); |
| 240 | - })->orWhereHas('groups', function ($query) { |
|
| 240 | + })->orWhereHas('groups', function($query) { |
|
| 241 | 241 | $query |
| 242 | 242 | ->join('group_twill_user', 'groups.id', '=', 'group_twill_user.group_id') |
| 243 | 243 | ->where('group_twill_user.twill_user_id', $this->id) |
@@ -250,8 +250,7 @@ discard block |
||
| 250 | 250 | public function getLastLoginColumnValueAttribute() |
| 251 | 251 | { |
| 252 | 252 | return $this->last_login_at ? |
| 253 | - $this->last_login_at->format('d M Y, H:i') : |
|
| 254 | - ($this->isActivated() ? '—' : twillTrans('twill::lang.user-management.activation-pending')); |
|
| 253 | + $this->last_login_at->format('d M Y, H:i') : ($this->isActivated() ? '—' : twillTrans('twill::lang.user-management.activation-pending')); |
|
| 255 | 254 | } |
| 256 | 255 | |
| 257 | 256 | public function setGoogle2faSecretAttribute($secret) |
@@ -348,7 +348,7 @@ discard block |
||
| 348 | 348 | { |
| 349 | 349 | if (config('twill.enabled.permissions-management')) { |
| 350 | 350 | return Group::with('permissions')->get() |
| 351 | - ->mapWithKeys(function ($group) { |
|
| 351 | + ->mapWithKeys(function($group) { |
|
| 352 | 352 | return [$group->id => $group->permissions]; |
| 353 | 353 | })->toArray(); |
| 354 | 354 | } |
@@ -369,12 +369,12 @@ discard block |
||
| 369 | 369 | private function getRoleList() |
| 370 | 370 | { |
| 371 | 371 | if (config('twill.enabled.permissions-management')) { |
| 372 | - return Role::accessible()->published()->get()->map(function ($role) { |
|
| 372 | + return Role::accessible()->published()->get()->map(function($role) { |
|
| 373 | 373 | return ['value' => $role->id, 'label' => $role->name]; |
| 374 | 374 | })->toArray(); |
| 375 | 375 | } |
| 376 | 376 | |
| 377 | - return collect(UserRole::toArray())->map(function ($item, $key) { |
|
| 377 | + return collect(UserRole::toArray())->map(function($item, $key) { |
|
| 378 | 378 | return ['value' => $key, 'label' => $item]; |
| 379 | 379 | })->values()->toArray(); |
| 380 | 380 | } |
@@ -24,7 +24,7 @@ discard block |
||
| 24 | 24 | } |
| 25 | 25 | |
| 26 | 26 | $userItemPermissions = twillModel('user')::notSuperAdmin()->get()->mapWithKeys( |
| 27 | - function ($user) use ($object, $moduleName) { |
|
| 27 | + function($user) use ($object, $moduleName) { |
|
| 28 | 28 | $permissionName = $this->getUserItemPermissionName($user, $object, $moduleName); |
| 29 | 29 | |
| 30 | 30 | return ["user_{$user->id}_permission" => $permissionName]; |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | |
| 52 | 52 | // Group-Item permissions |
| 53 | 53 | $userGroups = $user->groups()->where('is_everyone_group', false)->get(); |
| 54 | - foreach($userGroups as $group) { |
|
| 54 | + foreach ($userGroups as $group) { |
|
| 55 | 55 | if ($permission = $group->permissions()->ofItem($item)->first()) { |
| 56 | 56 | $allPermissionNames->push($permission->name); |
| 57 | 57 | } |
@@ -73,7 +73,7 @@ discard block |
||
| 73 | 73 | |
| 74 | 74 | $itemScopes = collect(Permission::available(Permission::SCOPE_ITEM)) |
| 75 | 75 | ->reverse() |
| 76 | - ->mapWithKeys(function ($scope) { return [$scope => 0]; }) |
|
| 76 | + ->mapWithKeys(function($scope) { return [$scope => 0]; }) |
|
| 77 | 77 | ->toArray(); |
| 78 | 78 | |
| 79 | 79 | foreach ($permissionNames as $name) { |
@@ -49,85 +49,85 @@ discard block |
||
| 49 | 49 | * |
| 50 | 50 | ***/ |
| 51 | 51 | |
| 52 | - $this->define('edit-settings', function ($user) { |
|
| 53 | - return $this->authorize($user, function ($user) { |
|
| 52 | + $this->define('edit-settings', function($user) { |
|
| 53 | + return $this->authorize($user, function($user) { |
|
| 54 | 54 | return $user->role->permissions()->global()->where('name', 'edit-settings')->exists(); |
| 55 | 55 | }); |
| 56 | 56 | }); |
| 57 | 57 | |
| 58 | - $this->define('edit-users', function ($user) { |
|
| 59 | - return $this->authorize($user, function ($user) { |
|
| 58 | + $this->define('edit-users', function($user) { |
|
| 59 | + return $this->authorize($user, function($user) { |
|
| 60 | 60 | return $user->role->permissions()->global()->where('name', 'edit-users')->exists(); |
| 61 | 61 | }); |
| 62 | 62 | }); |
| 63 | 63 | |
| 64 | - $this->define('edit-user', function ($user, $editedUser) { |
|
| 65 | - return $this->authorize($user, function ($user) use ($editedUser) { |
|
| 64 | + $this->define('edit-user', function($user, $editedUser) { |
|
| 65 | + return $this->authorize($user, function($user) use ($editedUser) { |
|
| 66 | 66 | return ($user->id === $editedUser->id) |
| 67 | 67 | || ($editedUser->role->position >= $user->role->position && $user->can('edit-users')); |
| 68 | 68 | }); |
| 69 | 69 | }); |
| 70 | 70 | |
| 71 | - $this->define('edit-user-roles', function ($user) { |
|
| 72 | - return $this->authorize($user, function ($user) { |
|
| 71 | + $this->define('edit-user-roles', function($user) { |
|
| 72 | + return $this->authorize($user, function($user) { |
|
| 73 | 73 | return $user->role->permissions()->global()->where('name', 'edit-user-roles')->exists(); |
| 74 | 74 | }); |
| 75 | 75 | }); |
| 76 | 76 | |
| 77 | - $this->define('edit-role', function ($user, $editedRole) { |
|
| 78 | - return $this->authorize($user, function ($user) use ($editedRole) { |
|
| 77 | + $this->define('edit-role', function($user, $editedRole) { |
|
| 78 | + return $this->authorize($user, function($user) use ($editedRole) { |
|
| 79 | 79 | return ($editedRole->position >= $user->role->position) && $user->can('edit-user-roles'); |
| 80 | 80 | }); |
| 81 | 81 | }); |
| 82 | 82 | |
| 83 | - $this->define('edit-user-groups', function ($user) { |
|
| 83 | + $this->define('edit-user-groups', function($user) { |
|
| 84 | 84 | if (!in_array(Config::get('twill.permissions.level'), ['roleGroup', 'roleGroupItem'])) { |
| 85 | 85 | return false; |
| 86 | 86 | } |
| 87 | 87 | |
| 88 | - return $this->authorize($user, function ($user) { |
|
| 88 | + return $this->authorize($user, function($user) { |
|
| 89 | 89 | return $user->role->permissions()->global()->where('name', 'edit-user-groups')->exists(); |
| 90 | 90 | }); |
| 91 | 91 | }); |
| 92 | 92 | |
| 93 | - $this->define('edit-group', function ($user, $editedGroup) { |
|
| 94 | - return $this->authorize($user, function ($user) use ($editedGroup) { |
|
| 93 | + $this->define('edit-group', function($user, $editedGroup) { |
|
| 94 | + return $this->authorize($user, function($user) use ($editedGroup) { |
|
| 95 | 95 | return !$editedGroup->isEveryoneGroup() && $user->can('edit-user-groups'); |
| 96 | 96 | }); |
| 97 | 97 | }); |
| 98 | 98 | |
| 99 | - $this->define('access-user-management', function ($user) { |
|
| 100 | - return $this->authorize($user, function ($user) { |
|
| 99 | + $this->define('access-user-management', function($user) { |
|
| 100 | + return $this->authorize($user, function($user) { |
|
| 101 | 101 | return $user->can('edit-users') || $user->can('edit-user-roles') || $user->can('edit-user-groups'); |
| 102 | 102 | }); |
| 103 | 103 | }); |
| 104 | 104 | |
| 105 | - $this->define('manage-modules', function ($user) { |
|
| 105 | + $this->define('manage-modules', function($user) { |
|
| 106 | 106 | if (self::$useCache && isset(self::$cache['manage-modules'])) { |
| 107 | 107 | return self::$cache['manage-modules']; |
| 108 | 108 | } |
| 109 | 109 | |
| 110 | - return self::$cache['manage-modules'] = $this->authorize($user, function ($user) { |
|
| 110 | + return self::$cache['manage-modules'] = $this->authorize($user, function($user) { |
|
| 111 | 111 | return $user->role->permissions()->global()->where('name', 'manage-modules')->exists() |
| 112 | 112 | || isUserGroupPermissionModuleExists($user, 'global', 'manage-modules'); |
| 113 | 113 | }); |
| 114 | 114 | }); |
| 115 | 115 | |
| 116 | - $this->define('access-media-library', function ($user) { |
|
| 117 | - return $this->authorize($user, function ($user) { |
|
| 116 | + $this->define('access-media-library', function($user) { |
|
| 117 | + return $this->authorize($user, function($user) { |
|
| 118 | 118 | return $user->can('edit-media-library') |
| 119 | 119 | || $user->role->permissions()->global()->where('name', 'access-media-library')->exists(); |
| 120 | 120 | }); |
| 121 | 121 | }); |
| 122 | 122 | |
| 123 | - $this->define('edit-media-library', function ($user) { |
|
| 124 | - return $this->authorize($user, function ($user) { |
|
| 123 | + $this->define('edit-media-library', function($user) { |
|
| 124 | + return $this->authorize($user, function($user) { |
|
| 125 | 125 | return $user->role->permissions()->global()->where('name', 'edit-media-library')->exists(); |
| 126 | 126 | }); |
| 127 | 127 | }); |
| 128 | 128 | |
| 129 | - $this->define('impersonate', function ($user) { |
|
| 130 | - return $this->authorize($user, function ($user) { |
|
| 129 | + $this->define('impersonate', function($user) { |
|
| 130 | + return $this->authorize($user, function($user) { |
|
| 131 | 131 | return $user->is_superadmin; |
| 132 | 132 | }); |
| 133 | 133 | }); |
@@ -138,48 +138,48 @@ discard block |
||
| 138 | 138 | * |
| 139 | 139 | ***/ |
| 140 | 140 | |
| 141 | - $this->define('access-module-list', function ($user, $moduleName) { |
|
| 141 | + $this->define('access-module-list', function($user, $moduleName) { |
|
| 142 | 142 | if (self::$useCache && isset(self::$cache['access-module-list-' . $moduleName])) { |
| 143 | 143 | return self::$cache['access-module-list-' . $moduleName]; |
| 144 | 144 | } |
| 145 | 145 | |
| 146 | - return self::$cache['access-module-list-' . $moduleName] = $this->authorize($user, function ($user) use ($moduleName) { |
|
| 146 | + return self::$cache['access-module-list-' . $moduleName] = $this->authorize($user, function($user) use ($moduleName) { |
|
| 147 | 147 | return $user->can('view-module', $moduleName) |
| 148 | 148 | || $user->allPermissions()->ofModuleName($moduleName)->exists(); |
| 149 | 149 | }); |
| 150 | 150 | }); |
| 151 | 151 | |
| 152 | 152 | // The gate of accessing module list page, |
| 153 | - $this->define('view-module', function ($user, $moduleName) { |
|
| 153 | + $this->define('view-module', function($user, $moduleName) { |
|
| 154 | 154 | if (self::$useCache && isset(self::$cache['view-module-' . $moduleName])) { |
| 155 | 155 | return self::$cache['view-module-' . $moduleName]; |
| 156 | 156 | } |
| 157 | 157 | |
| 158 | - return self::$cache['view-module-' . $moduleName] = $this->authorize($user, function ($user) use ($moduleName) { |
|
| 158 | + return self::$cache['view-module-' . $moduleName] = $this->authorize($user, function($user) use ($moduleName) { |
|
| 159 | 159 | return $user->can('edit-module', $moduleName) |
| 160 | 160 | || $user->role->permissions()->ofModuleName($moduleName)->where('name', 'view-module')->exists() |
| 161 | 161 | || isUserGroupPermissionModuleExists($user, $moduleName, 'view-module'); |
| 162 | 162 | }); |
| 163 | 163 | }); |
| 164 | 164 | |
| 165 | - $this->define('edit-module', function ($user, $moduleName) { |
|
| 165 | + $this->define('edit-module', function($user, $moduleName) { |
|
| 166 | 166 | if (self::$useCache && isset(self::$cache['edit-module-' . $moduleName])) { |
| 167 | 167 | return self::$cache['edit-module-' . $moduleName]; |
| 168 | 168 | } |
| 169 | 169 | |
| 170 | - return self::$cache['edit-module-' . $moduleName] = $this->authorize($user, function ($user) use ($moduleName) { |
|
| 170 | + return self::$cache['edit-module-' . $moduleName] = $this->authorize($user, function($user) use ($moduleName) { |
|
| 171 | 171 | return $user->can('manage-module', $moduleName) |
| 172 | 172 | || $user->role->permissions()->module()->ofModuleName($moduleName)->where('name', 'edit-module')->exists() |
| 173 | 173 | || isUserGroupPermissionModuleExists($user, $moduleName, 'edit-module'); |
| 174 | 174 | }); |
| 175 | 175 | }); |
| 176 | 176 | |
| 177 | - $this->define('manage-module', function ($user, $moduleName) { |
|
| 177 | + $this->define('manage-module', function($user, $moduleName) { |
|
| 178 | 178 | if (self::$useCache && isset(self::$cache['manage-module-' . $moduleName])) { |
| 179 | 179 | return self::$cache['manage-module-' . $moduleName]; |
| 180 | 180 | } |
| 181 | 181 | |
| 182 | - return self::$cache['manage-module-' . $moduleName] = $this->authorize($user, function ($user) use ($moduleName) { |
|
| 182 | + return self::$cache['manage-module-' . $moduleName] = $this->authorize($user, function($user) use ($moduleName) { |
|
| 183 | 183 | if (!isPermissionableModule($moduleName)) { |
| 184 | 184 | return true; |
| 185 | 185 | } |
@@ -195,13 +195,13 @@ discard block |
||
| 195 | 195 | * |
| 196 | 196 | ***/ |
| 197 | 197 | |
| 198 | - $this->define('view-item', function ($user, $item) { |
|
| 198 | + $this->define('view-item', function($user, $item) { |
|
| 199 | 199 | $key = 'view-item-' . str_replace("\\", "-", get_class($item)) . '-' . $item->id; |
| 200 | 200 | if (self::$useCache && isset(self::$cache[$key])) { |
| 201 | 201 | return self::$cache[$key]; |
| 202 | 202 | } |
| 203 | 203 | |
| 204 | - return self::$cache[$key] = $this->authorize($user, function ($user) use ($item) { |
|
| 204 | + return self::$cache[$key] = $this->authorize($user, function($user) use ($item) { |
|
| 205 | 205 | return $item->public |
| 206 | 206 | || $user->can('edit-item', $item) |
| 207 | 207 | || $user->can('view-module', getModuleNameByModel(get_class($item))) |
@@ -210,13 +210,13 @@ discard block |
||
| 210 | 210 | }); |
| 211 | 211 | }); |
| 212 | 212 | |
| 213 | - $this->define('edit-item', function ($user, $item) { |
|
| 213 | + $this->define('edit-item', function($user, $item) { |
|
| 214 | 214 | $key = 'edit-item-' . str_replace("\\", "-", get_class($item)) . '-' . $item->id; |
| 215 | 215 | if (self::$useCache && isset(self::$cache[$key])) { |
| 216 | 216 | return self::$cache[$key]; |
| 217 | 217 | } |
| 218 | 218 | |
| 219 | - return self::$cache[$key] = $this->authorize($user, function ($user) use ($item) { |
|
| 219 | + return self::$cache[$key] = $this->authorize($user, function($user) use ($item) { |
|
| 220 | 220 | return $user->can('manage-item', $item) |
| 221 | 221 | || $user->can('edit-module', getModuleNameByModel(get_class($item))) |
| 222 | 222 | || $user->permissions()->ofItem($item)->where('name', 'edit-item')->exists() |
@@ -224,13 +224,13 @@ discard block |
||
| 224 | 224 | }); |
| 225 | 225 | }); |
| 226 | 226 | |
| 227 | - $this->define('manage-item', function ($user, $item) { |
|
| 227 | + $this->define('manage-item', function($user, $item) { |
|
| 228 | 228 | $key = 'manage-item-' . str_replace("\\", "-", get_class($item)) . '-' . $item->id; |
| 229 | 229 | if (self::$useCache && isset(self::$cache[$key])) { |
| 230 | 230 | return self::$cache[$key]; |
| 231 | 231 | } |
| 232 | 232 | |
| 233 | - return self::$cache[$key] = $this->authorize($user, function ($user) use ($item) { |
|
| 233 | + return self::$cache[$key] = $this->authorize($user, function($user) use ($item) { |
|
| 234 | 234 | return $user->can('manage-module', getModuleNameByModel(get_class($item))) |
| 235 | 235 | || $user->permissions()->ofItem($item)->where('name', 'manage-item')->exists() |
| 236 | 236 | || isUserGroupPermissionItemExists($user, $item, 'manage-item'); |
