Parent Roles version

ribedesign · ribedesign · commit 7dd7c205c8aa · 2017-11-15T20:52:31.000+01:00
Roles parent - child relationship implemented.
diff --git a/src/Contracts/Role.php b/src/Contracts/Role.php
@@ -18,6 +18,13 @@ public function permissions();
      */
     public function users();
 
+    /**
+     * A role can have een parent role.
+     *
+     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
+     */
+    public function parentrole();
+
     /**
      * Find a role by its name.
      *
@@ -35,4 +42,27 @@ public static function findByName($name);
      * @return bool
      */
     public function hasPermissionTo($permission);
+
+    /**
+     * Get all parent roles.
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function getParentRoles();
+
+    /**
+     * Get permissions from all parent roles.
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function parentPermissions();
+
+    /**
+     * Determine if the user may perform the given permission for any parent role.
+     *
+     * @param string|Permission $permission
+     *
+     * @return bool
+     */
+    public function parentsHavePermissionTo($permission);
 }
diff --git a/src/Models/Action.php b/src/Models/Action.php
@@ -38,7 +38,7 @@ public function __construct(array $attributes = [])
     public function permissions()
     {
         return $this->belongsToMany(
-            config('laravel-authorisation.models.permission'),
+            config('laravel-authorisation.models.permission')
         );
     }
 
diff --git a/src/Models/Permission.php b/src/Models/Permission.php
@@ -18,13 +18,22 @@ class Permission extends Model implements PermissionContract
      */
     public $guarded = ['id'];
 
+    /**
+     * @var array
+     */
+    protected $defaults = array(
+        'object_id' => 0,
+        'action_id' => 0,
+    );
+
     /**
      * Create a new Eloquent model instance.
      *
      * @param array $attributes
      */
     public function __construct(array $attributes = [])
     {
+        $this->setRawAttributes($this->defaults, true);
         parent::__construct($attributes);
 
         $this->setTable(config('laravel-authorisation.table_names.permissions'));
@@ -69,7 +78,7 @@ public static function findByName($name)
     {
         $permission = static::getPermissions()->where('name', $name)->first();
 
-        if (! $permission) {
+        if (!$permission) {
             throw new PermissionDoesNotExist();
         }
 
diff --git a/src/Models/Role.php b/src/Models/Role.php
@@ -8,6 +8,10 @@
 use Ribedesign\Authorisation\Contracts\Role as RoleContract;
 use Ribedesign\Authorisation\Traits\RefreshesAuthorisationCache;
 
+/**
+ * Class Role
+ * @package Ribedesign\Authorisation\Models
+ */
 class Role extends Model implements RoleContract
 {
     use HasPermissions;
@@ -58,6 +62,16 @@ public function users()
         );
     }
 
+    /**
+     * A role can have een parent role.
+     *
+     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
+     */
+    public function parentrole()
+    {
+        return $this->belongsTo(self::class, 'parent_id');
+    }
+
     /**
      * Find a role by its name.
      *
@@ -71,7 +85,7 @@ public static function findByName($name)
     {
         $role = static::where('name', $name)->first();
 
-        if (! $role) {
+        if (!$role) {
             throw new RoleDoesNotExist();
         }
 
@@ -93,4 +107,67 @@ public function hasPermissionTo($permission)
 
         return $this->permissions->contains('id', $permission->id);
     }
+
+    /**
+     * Get all parent roles.
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function getParentRoles()
+    {
+        $parents = collect([]);
+
+        $parent = $this->parent;
+
+        while (!is_null($parent)) {
+            $parents->push($parent);
+            $parent = $parent->parent;
+        }
+
+        return $parents;
+    }
+
+    /**
+     * Get permissions from all parent roles.
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function parentPermissions()
+    {
+        $parentPermissions = collect([]);
+
+        $parent = $this->parentrole;
+
+        while (!is_null($parent)) {
+            if ($parent->permissions->count()) {
+                $parentPermissions->push($parent->permissions);
+            }
+            $parent = $parent->parentrole;
+        }
+
+        return $parentPermissions;
+    }
+
+    /**
+     * Determine if the user may perform the given permission for any parent role.
+     *
+     * @param string|Permission $permission
+     *
+     * @return bool
+     */
+    public function parentsHavePermissionTo($permission)
+    {
+        if (is_string($permission)) {
+            $permission = app(Permission::class)->findByName($permission);
+        }
+
+        $parent = $this->parent;
+        while (!is_null($parent)) {
+            if ($parent->permissions->contains('id', $permission->id)) {
+                return true;
+            }
+            $parent = $parent->parent;
+        }
+        return false;
+    }
 }
diff --git a/src/Traits/HasRoles.php b/src/Traits/HasRoles.php
@@ -50,7 +50,7 @@ public function scopeRole($query, $roles)
             $roles = $roles->toArray();
         }
 
-        if (! is_array($roles)) {
+        if (!is_array($roles)) {
             $roles = [$roles];
         }
 
@@ -65,7 +65,7 @@ public function scopeRole($query, $roles)
         return $query->whereHas('roles', function ($query) use ($roles) {
             $query->where(function ($query) use ($roles) {
                 foreach ($roles as $role) {
-                    $query->orWhere(config('laravel-authorisation.table_names.roles').'.id', $role->id);
+                    $query->orWhere(config('laravel-authorisation.table_names.roles') . '.id', $role->id);
                 }
             });
         });
@@ -127,12 +127,24 @@ public function syncRoles(...$roles)
      */
     public function hasRole($roles)
     {
+        $allroles = new Collection();
+        if ($this->roles instanceof Collection) {
+            foreach ($this->roles as $role) {
+                $parent = $role->parentrole;
+                while (!is_null($parent)) {
+                    $allroles->push($parent);
+                    $parent = $parent->parentrole;
+                }
+            }
+            $allroles = $allroles->merge($this->roles)->unique('id')->values();
+        }
+
         if (is_string($roles)) {
-            return $this->roles->contains('name', $roles);
+            return $allroles->contains('name', $roles);
         }
 
         if ($roles instanceof Role) {
-            return $this->roles->contains('id', $roles->id);
+            return $allroles->contains('id', $roles->id);
         }
 
         if (is_array($roles)) {
@@ -145,7 +157,7 @@ public function hasRole($roles)
             return false;
         }
 
-        return (bool) $roles->intersect($this->roles)->count();
+        return (bool)$roles->intersect($allroles)->count();
     }
 
     /**
@@ -169,19 +181,31 @@ public function hasAnyRole($roles)
      */
     public function hasAllRoles($roles)
     {
+        $allroles = new Collection();
+        if ($this->roles instanceof Collection) {
+            foreach ($this->roles as $role) {
+                $parent = $role->parentrole;
+                while (!is_null($parent)) {
+                    $allroles->push($parent);
+                    $parent = $parent->parentrole;
+                }
+            }
+            $allroles = $allroles->merge($this->roles)->unique('id')->values();
+        }
+
         if (is_string($roles)) {
-            return $this->roles->contains('name', $roles);
+            return $allroles->contains('name', $roles);
         }
 
         if ($roles instanceof Role) {
-            return $this->roles->contains('id', $roles->id);
+            return $allroles->contains('id', $roles->id);
         }
 
         $roles = collect()->make($roles)->map(function ($role) {
             return $role instanceof Role ? $role->name : $role;
         });
 
-        return $roles->intersect($this->roles->pluck('name')) == $roles;
+        return $roles->intersect($allroles->pluck('name')) == $roles;
     }
 
     /**
@@ -256,7 +280,7 @@ public function hasDirectPermission($permission)
         if (is_string($permission)) {
             $permission = app(Permission::class)->findByName($permission);
 
-            if (! $permission) {
+            if (!$permission) {
                 return false;
             }
         }

Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ public function __construct(array $attributes = [])`
`38`	`38`	`public function permissions()`
`39`	`39`	`{`
`40`	`40`	`return $this->belongsToMany(`
`41`		`- config('laravel-authorisation.models.permission'),`
	`41`	`+ config('laravel-authorisation.models.permission')`
`42`	`42`	`);`
`43`	`43`	`}`
`44`	`44`