Зуев Егор / wiki.dev

Go to a project
Toggle navigation
Toggle navigation pinning
Dan Brown
ea287ebf 1 parent 043cdeaf

Started creation of intermediate permission table

Inline Side-by-side
Showing 3 changed files with 140 additions and 1 deletions
1 +<?php
2 +
3 +namespace BookStack;
4 +
5 +use Illuminate\Database\Eloquent\Model;
6 +
7 +class EntityPermission extends Model
8 +{
9 + public $timestamps = false;
10 +
11 + /**
12 + * Get the role that this points to.
13 + * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
14 + */
15 + public function role()
16 + {
17 + return $this->belongsTo(Role::class);
18 + }
19 +
20 + /**
21 + * Get the entity this points to.
22 + * @return \Illuminate\Database\Eloquent\Relations\MorphOne
23 + */
24 + public function entity()
25 + {
26 + return $this->morphOne(Entity::class, 'entity');
27 + }
28 +}
1 <?php namespace BookStack\Services; 1 <?php namespace BookStack\Services;
2 2
3 +use BookStack\Book;
4 +use BookStack\Chapter;
3 use BookStack\Entity; 5 use BookStack\Entity;
6 +use BookStack\EntityPermission;
7 +use BookStack\Page;
8 +use BookStack\Permission;
9 +use BookStack\Role;
10 +use Illuminate\Database\Eloquent\Collection;
4 11
5 class RestrictionService 12 class RestrictionService
6 { 13 {
...@@ -10,14 +17,84 @@ class RestrictionService ...@@ -10,14 +17,84 @@ class RestrictionService
10 protected $currentAction; 17 protected $currentAction;
11 protected $currentUser; 18 protected $currentUser;
12 19
20 + public $book;
21 + public $chapter;
22 + public $page;
23 +
24 + protected $entityPermission;
25 + protected $role;
26 + protected $permission;
27 +
13 /** 28 /**
14 * RestrictionService constructor. 29 * RestrictionService constructor.
30 + * @param EntityPermission $entityPermission
31 + * @param Book $book
32 + * @param Chapter $chapter
33 + * @param Page $page
34 + * @param Role $role
35 + * @param Permission $permission
15 */ 36 */
16 - public function __construct() 37 + public function __construct(EntityPermission $entityPermission, Book $book, Chapter $chapter, Page $page, Role $role, Permission $permission)
17 { 38 {
18 $this->currentUser = auth()->user(); 39 $this->currentUser = auth()->user();
19 $this->userRoles = $this->currentUser ? $this->currentUser->roles->pluck('id') : []; 40 $this->userRoles = $this->currentUser ? $this->currentUser->roles->pluck('id') : [];
20 $this->isAdmin = $this->currentUser ? $this->currentUser->hasRole('admin') : false; 41 $this->isAdmin = $this->currentUser ? $this->currentUser->hasRole('admin') : false;
42 +
43 + $this->entityPermission = $entityPermission;
44 + $this->role = $role;
45 + $this->permission = $permission;
46 + $this->book = $book;
47 + $this->chapter = $chapter;
48 + $this->page = $page;
49 + }
50 +
51 +
52 + /**
53 + * Re-generate all entity permission from scratch.
54 + */
55 + public function buildEntityPermissions()
56 + {
57 + $this->entityPermission->truncate();
58 +
59 + // Get all roles (Should be the most limited dimension)
60 + $roles = $this->role->load('permissions')->all();
61 +
62 + // Chunk through all books
63 + $this->book->chunk(500, function ($books) use ($roles) {
64 + $this->createManyEntityPermissions($books, $roles);
65 + });
66 +
67 + // Chunk through all chapters
68 + $this->chapter->chunk(500, function ($books) use ($roles) {
69 + $this->createManyEntityPermissions($books, $roles);
70 + });
71 +
72 + // Chunk through all pages
73 + $this->page->chunk(500, function ($books) use ($roles) {
74 + $this->createManyEntityPermissions($books, $roles);
75 + });
76 + }
77 +
78 + /**
79 + * Create & Save entity permissions for many entities and permissions.
80 + * @param Collection $entities
81 + * @param Collection $roles
82 + */
83 + protected function createManyEntityPermissions($entities, $roles)
84 + {
85 + $entityPermissions = [];
86 + foreach ($entities as $entity) {
87 + foreach ($roles as $role) {
88 + $entityPermissions[] = $this->createEntityPermission($entity, $role);
89 + }
90 + }
91 + $this->entityPermission->insert($entityPermissions);
92 + }
93 +
94 +
95 + protected function createEntityPermissionData(Entity $entity, Role $role)
96 + {
97 + // TODO - Check the permission values and return an EntityPermission
21 } 98 }
22 99
23 /** 100 /**
......
1 +<?php
2 +
3 +use Illuminate\Database\Schema\Blueprint;
4 +use Illuminate\Database\Migrations\Migration;
5 +
6 +class CreateEntityPermissionsTable extends Migration
7 +{
8 + /**
9 + * Run the migrations.
10 + *
11 + * @return void
12 + */
13 + public function up()
14 + {
15 + Schema::create('entity_permissions', function (Blueprint $table) {
16 + $table->increments('id');
17 + $table->integer('role_id');
18 + $table->string('entity_type');
19 + $table->integer('entity_id');
20 + $table->string('action');
21 + $table->boolean('has_permission')->default(false);
22 + });
23 + }
24 +
25 + /**
26 + * Reverse the migrations.
27 + *
28 + * @return void
29 + */
30 + public function down()
31 + {
32 + Schema::drop('entity_permissions');
33 + }
34 +}