first commit

2025-10-29 11:42:25 +01:00
commit 703f50a09d
4595 changed files with 385164 additions and 0 deletions
--- a/common/Auth/Roles/CrupdateRole.php
+++ b/common/Auth/Roles/CrupdateRole.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace Common\Auth\Roles;
+
+use Common\Auth\Permissions\Traits\SyncsPermissions;
+use Illuminate\Support\Arr;
+
+class CrupdateRole
+{
+    use SyncsPermissions;
+
+    /**
+     * @var Role
+     */
+    private $role;
+
+    /**
+     * @param Role $role
+     */
+    public function __construct(Role $role)
+    {
+        $this->role = $role;
+    }
+
+    /**
+     * @param array $data
+     * @param Role $role
+     * @return Role
+     */
+    public function execute($data, $role = null)
+    {
+        if (!$role) {
+            $role = $this->role->newInstance([]);
+        }
+
+        $attributes = [
+            'name' => $data['name'],
+            'description' => $data['description'] ?? null,
+            'default' => $data['default'] ?? false,
+            'guests' => $data['guests'] ?? false,
+            'type' => $data['type'] ?? 'sitewide',
+        ];
+
+        $role->fill($attributes)->save();
+
+        // always sync permissions, detach all if "null" is given as permissions
+        $this->syncPermissions($role, Arr::get($data, 'permissions', []));
+
+        return $role;
+    }
+}
--- a/common/Auth/Roles/Role.php
+++ b/common/Auth/Roles/Role.php
@@ -0,0 +1,70 @@
+<?php namespace Common\Auth\Roles;
+
+use App\Models\User;
+use Common\Auth\Permissions\Traits\HasPermissionsRelation;
+use Common\Core\BaseModel;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+
+class Role extends BaseModel
+{
+    use HasPermissionsRelation;
+
+    const MODEL_TYPE = 'role';
+
+    protected $guarded = ['id'];
+
+    protected $hidden = ['pivot', 'legacy_permissions'];
+
+    protected $casts = [
+        'id' => 'integer',
+        'default' => 'boolean',
+        'guests' => 'boolean',
+        'internal' => 'boolean',
+    ];
+
+    /**
+     * Get default role for assigning to new users.
+     */
+    public function getDefaultRole(): ?Role
+    {
+        return $this->where('default', 1)->first();
+    }
+
+    public function users(): BelongsToMany
+    {
+        return $this->belongsToMany(User::class, 'user_role')->withPivot(
+            'created_at',
+        );
+    }
+
+    public function toNormalizedArray(): array
+    {
+        return [
+            'id' => $this->id,
+            'name' => $this->name,
+            'model_type' => self::MODEL_TYPE,
+        ];
+    }
+
+    public function toSearchableArray(): array
+    {
+        return [
+            'id' => $this->id,
+            'name' => $this->name,
+            'description' => $this->description,
+            'type' => $this->type,
+            'created_at' => $this->created_at->timestamp ?? '_null',
+            'updated_at' => $this->updated_at->timestamp ?? '_null',
+        ];
+    }
+
+    public static function filterableFields(): array
+    {
+        return ['id', 'type', 'created_at', 'updated_at'];
+    }
+
+    public static function getModelTypeAttribute(): string
+    {
+        return Role::MODEL_TYPE;
+    }
+}
--- a/common/Auth/Roles/RolesController.php
+++ b/common/Auth/Roles/RolesController.php
@@ -0,0 +1,146 @@
+<?php namespace Common\Auth\Roles;
+
+use App\Models\User;
+use Common\Core\BaseController;
+use Common\Database\Datasource\Datasource;
+use Illuminate\Http\Request;
+
+class RolesController extends BaseController
+{
+    /**
+     * @var User
+     */
+    private $user;
+
+    /**
+     * @var Role
+     */
+    private $role;
+
+    /**
+     * @var Request
+     */
+    private $request;
+
+    public function __construct(Request $request, Role $role, User $user)
+    {
+        $this->role = $role;
+        $this->user = $user;
+        $this->request = $request;
+    }
+
+    public function show(Role $role)
+    {
+        $this->authorize('show', Role::class);
+
+        $role->load(['permissions']);
+
+        return $this->success(['role' => $role]);
+    }
+
+    public function index()
+    {
+        $this->authorize('index', Role::class);
+
+        $pagination = (new Datasource(
+            $this->role,
+            request()->all(),
+        ))->paginate();
+
+        return $this->success(['pagination' => $pagination]);
+    }
+
+    public function store()
+    {
+        $this->authorize('store', Role::class);
+
+        $this->validate($this->request, [
+            'name' => 'required|unique:roles|min:2|max:255',
+            'default' => 'nullable|boolean',
+            'guests' => 'nullable|boolean',
+            'permissions' => 'nullable|array',
+        ]);
+
+        $role = app(CrupdateRole::class)->execute($this->request->all());
+
+        return $this->success(['role' => $role], 201);
+    }
+
+    public function update(int $id)
+    {
+        $this->authorize('update', Role::class);
+
+        $this->validate($this->request, [
+            'name' => "min:2|max:255|unique:roles,name,$id",
+            'default' => 'boolean',
+            'guests' => 'boolean',
+            'permissions' => 'array',
+        ]);
+
+        $role = $this->role->findOrFail($id);
+
+        $role = app(CrupdateRole::class)->execute($this->request->all(), $role);
+
+        return $this->success(['role' => $role]);
+    }
+
+    public function destroy(int $id)
+    {
+        $role = $this->role->findOrFail($id);
+
+        $this->authorize('destroy', $role);
+
+        $role->users()->detach();
+        $role->delete();
+
+        return $this->success([], 204);
+    }
+
+    public function addUsers(int $roleId)
+    {
+        $this->authorize('update', Role::class);
+
+        $this->validate($this->request, [
+            'userIds' => 'required|array|min:1|max:25',
+            'userIds.*' => 'required|int',
+        ]);
+
+        $role = $this->role->findOrFail($roleId);
+
+        $users = $this->user
+            ->with('roles')
+            ->whereIn('id', $this->request->get('userIds'))
+            ->get(['email', 'id']);
+
+        if ($users->isEmpty()) {
+            return $this->error(
+                __('Could not attach specified users to role.'),
+            );
+        }
+
+        //filter out users that are already attached to this role
+        $users = $users->filter(function ($user) use ($roleId) {
+            return !$user->roles->contains('id', $roleId);
+        });
+
+        $role->users()->attach($users->pluck('id')->toArray());
+
+        return $this->success(['users' => $users]);
+    }
+
+    public function removeUsers(int $roleId)
+    {
+        $this->authorize('update', Role::class);
+
+        $this->validate($this->request, [
+            'userIds' => 'required|array|min:1',
+            'userIds.*' => 'required|integer',
+        ]);
+
+        $role = $this->role->findOrFail($roleId);
+
+        $role->users()->detach($this->request->get('userIds'));
+
+        return $this->success();
+    }
+}
--- a/common/Auth/Roles/UserRolesController.php
+++ b/common/Auth/Roles/UserRolesController.php
@@ -0,0 +1,36 @@
+<?php namespace Common\Auth\Roles;
+
+use App\Models\User;
+use Common\Core\BaseController;
+
+class UserRolesController extends BaseController
+{
+    public function attach(int $userId)
+    {
+        $user = User::findOrFail($userId);
+
+        $this->authorize('update', $user);
+
+        $data = $this->validate(request(), [
+            'roles' => 'array',
+            'roles.*' => 'integer|exists:roles,id',
+        ]);
+
+        $user->roles()->attach($data['roles']);
+
+        return $this->success();
+    }
+
+    public function detach(int $userId)
+    {
+        $user = User::findOrFail($userId);
+
+        $this->authorize('update', $user);
+
+        $data = $this->validate(request(), [
+            'roles' => 'array',
+        ]);
+
+        return $user->roles()->detach($data['roles']);
+    }
+}