Merge pull request #47 from HashGateApp/main

Jurager · web-flow · commit 9e2b9ab73c60 · 2025-11-18T23:32:26.000+05:00
diff --git a/README.md b/README.md
@@ -283,6 +283,32 @@ To ensure that incoming requests initiated by a team member can be executed by t
 return $user->hasTeamPermission($team, 'server:update');
 ```
 
+### Wildcard Permissions
+
+You can choose to enable wildcard permissions in the config. Enabling wildcards will allow you to specify permission node(s) that grants a user all access if they have that permission attached to them.
+```php
+/*
+|--------------------------------------------------------------------------
+| Wildcard Permissions
+|--------------------------------------------------------------------------
+| Configure wildcard permission nodes, allowing you to specify super admin
+| permission node(s) that allows a user to perform all actions on a team.
+*/
+'wildcards' => [
+    'enabled' => false,
+    'nodes' => [
+        '*',
+        '*.*',
+        'all'
+    ]
+]
+```
+
+In the example configuration above, users with the permission nodes of "\*" or "\*.\*" or "all" would be allowed to perform all actions on their team.
+
+> [!NOTE]
+> This configuration does not grant global team access. It only allows you to grant all permissions to a user or role in the team 
+
 Abilities
 -------------------------------------------
 
diff --git a/config/teams.php b/config/teams.php
@@ -86,4 +86,21 @@
             'middleware' => 'web'
         ]
     ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Wildcard Permissions
+    |--------------------------------------------------------------------------
+    | Configure wildcard permission nodes, allowing you to specify super admin
+    | permission node(s) that allows a user to perform all actions on a team.
+    */
+    'wildcards' => [
+        'enabled' => false,
+        'nodes' => [
+            '*',
+            '*.*',
+            'all'
+        ]
+    ]
+
 ];
diff --git a/src/Traits/HasTeams.php b/src/Traits/HasTeams.php
@@ -463,10 +463,20 @@ private function checkPermissionWildcard(array $userPermissions, string $permiss
     {
         // Generate all possible wildcards from the permission segments
         $segments = collect(explode('.', $permission));
+
         $codes = $segments->map(function ($item, $key) use ($segments) {
             return $segments->take($key + 1)->implode('.') . ($key + 1 === $segments->count() ? '' : '.*') ;
         });
 
+        // Add in the optional wildcard permissions
+        if(Config::get('teams.wildcards.enabled', false)) {
+            // Build the code collection
+            $wildcardCodes = collect(Config::get('teams.wildcards.nodes', []));
+
+            // Replace codes with the new codes
+            $codes = $wildcardCodes->merge($codes);
+        }
+
         return !empty(array_intersect($codes->all(), $userPermissions));
     }
 }
