Merge pull request #314 from nabeelio/issue/296-permissions

Add interface to additional roles/permissions #296
This commit is contained in:
Nabeel Shahzad 2019-06-21 14:51:43 -04:00 committed by GitHub
commit 6543728478
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
29 changed files with 674 additions and 45 deletions

View File

@ -74,11 +74,6 @@ class RolesPermissionsTables extends Migration
'name' => 'admin',
'display_name' => 'Administrators',
],
[
'id' => 2,
'name' => 'user',
'display_name' => 'Pilot',
],
];
$this->addData('roles', $roles);

View File

@ -0,0 +1,37 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddReadonlyToRoles extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up(): void
{
Schema::table('roles', static function (Blueprint $table) {
$table->boolean('read_only')->default(false);
});
// Set the two main roles as read-only
DB::table('roles')
->whereIn('name', ['admin', 'user'])
->update(['read_only' => true]);
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down(): void
{
Schema::table('roles', static function (Blueprint $table) {
$table->dropColumn('read_only');
});
}
}

View File

@ -5,17 +5,16 @@ use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder
{
/**
* Map these other environments to a specific seed file
*
* @var array
*/
public static $seed_mapper = [
private static $seed_mapper = [
'local' => 'dev',
'qa' => 'dev',
'staging' => 'dev',
];
private static $always_seed = [
'permissions',
];
/**
* Run the database seeds.
*
@ -28,6 +27,7 @@ class DatabaseSeeder extends Seeder
$env = self::$seed_mapper[$env];
}
Log::info('Seeding from environment '.$env);
$path = database_path('seeds/'.$env.'.yml');
if (!file_exists($path)) {
@ -36,5 +36,14 @@ class DatabaseSeeder extends Seeder
$svc = app(DatabaseService::class);
$svc->seed_from_yaml_file($path);
// Always seed/sync these
foreach (self::$always_seed as $file) {
Log::info('Importing '.$file);
$path = database_path('seeds/'.$file.'.yml');
if (file_exists($path)) {
$svc->seed_from_yaml_file($path);
}
}
}
}

View File

@ -0,0 +1,42 @@
# All of the different permissions that can be assigned to roles
---
permissions:
- name: admin-access
display_name: Admin Access
description: Access the admin panel
- name: airlines
display_name: Airlines
description: Create/edit airlines
- name: airports
display_name: Airports
description: Create/edit airports
- name: addons
display_name: Addons
description: Edit/view addons
- name: awards
display_name: Awards
description: Create/edit award classes
- name: flights
display_name: Flights
description: Create/edit flights
- name: fleet
display_name: Fleet
description: Create/edit subfleets and fleets
- name: fares
display_name: Fares
description: Create/edit fares
- name: finances
display_name: Finances
description: Create/view finance related items
- name: pireps
display_name: PIREPs
description: Accept/reject/edit PIREPs
- name: ranks
display_name: Ranks
description: Create/edit ranks
- name: users
display_name: Users
description: Create/edit users
- name: settings
display_name: Settings
description: Edit VA settings

View File

@ -9,6 +9,10 @@ airlines:
created_at: now
updated_at: now
roles:
- name: fleet-only
display_name: Edit Fleet
users:
- id: 1
name: Admin User

View File

@ -0,0 +1,182 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Requests\CreateRoleRequest;
use App\Http\Requests\UpdateRoleRequest;
use App\Interfaces\Controller;
use App\Repositories\PermissionsRepository;
use App\Repositories\RoleRepository;
use Flash;
use Illuminate\Http\Request;
use Prettus\Repository\Criteria\RequestCriteria;
use Response;
/**
* Class AirlinesController
*/
class RolesController extends Controller
{
private $permsRepo;
private $rolesRepo;
/**
* AirlinesController constructor.
*
* @param PermissionsRepository $permsRepo
* @param RoleRepository $rolesRepo
*/
public function __construct(PermissionsRepository $permsRepo, RoleRepository $rolesRepo)
{
$this->permsRepo = $permsRepo;
$this->rolesRepo = $rolesRepo;
}
/**
* Display a listing of the Airlines.
*
* @param Request $request
*
* @throws \Prettus\Repository\Exceptions\RepositoryException
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function index(Request $request)
{
$this->rolesRepo->pushCriteria(new RequestCriteria($request));
$roles = $this->rolesRepo->findWhere(['read_only' => false]);
return view('admin.roles.index', [
'roles' => $roles,
]);
}
/**
* Show the form for creating a new Airlines.
*/
public function create()
{
return view('admin.roles.create', [
'permissions' => $this->permsRepo->all(),
]);
}
/**
* Store a newly created Airlines in storage.
*
* @param CreateRoleRequest $request
*
* @throws \Prettus\Validator\Exceptions\ValidatorException
*
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function store(CreateRoleRequest $request)
{
$input = $request->all();
// Create a slug using the display name provided
$input['name'] = str_slug($input['display_name']);
$this->rolesRepo->create($input);
Flash::success('Role saved successfully.');
return redirect(route('admin.roles.index'));
}
/**
* Display the specified role
*
* @param int $id
*
* @return mixed
*/
public function show($id)
{
$roles = $this->rolesRepo->findWithoutFail($id);
if (empty($roles)) {
Flash::error('Role not found');
return redirect(route('admin.roles.index'));
}
return view('admin.roles.show', [
'roles' => $roles,
]);
}
/**
* Show the form for editing the specified roles
*
* @param int $id
*
* @return Response
*/
public function edit($id)
{
$role = $this->rolesRepo->findWithoutFail($id);
if (empty($role)) {
Flash::error('Role not found');
return redirect(route('admin.role.index'));
}
return view('admin.roles.edit', [
'role' => $role,
'permissions' => $this->permsRepo->all(),
]);
}
/**
* Update the specified Airlines in storage.
*
* @param int $id
* @param UpdateRoleRequest $request
*
* @throws \Prettus\Validator\Exceptions\ValidatorException
*
* @return Response
*/
public function update($id, UpdateRoleRequest $request)
{
$role = $this->rolesRepo->findWithoutFail($id);
if (empty($role)) {
Flash::error('Role not found');
return redirect(route('admin.roles.index'));
}
$this->rolesRepo->update($request->all(), $id);
// Update the permissions, filter out null/invalid values
$perms = collect($request->permissions)->filter(static function ($v, $k) {
return $v;
});
$role->permissions()->sync($perms);
Flash::success('Roles updated successfully.');
return redirect(route('admin.roles.index'));
}
/**
* Remove the specified Airlines from storage.
*
* @param int $id
*
* @return Response
*/
public function destroy($id)
{
$roles = $this->rolesRepo->findWithoutFail($id);
if (empty($roles)) {
Flash::error('Role not found');
return redirect(route('admin.roles.index'));
}
$this->rolesRepo->delete($id);
Flash::success('Role deleted successfully.');
return redirect(route('admin.roles.index'));
}
}

View File

@ -122,7 +122,7 @@ class RegisterController extends Controller
}
$user = User::create($opts);
$user = $this->userService->createPilot($user);
$user = $this->userService->createUser($user);
Log::info('User registered: ', $user->toArray());

View File

@ -0,0 +1,19 @@
<?php
namespace App\Http\Requests;
use App\Models\Role;
use Illuminate\Foundation\Http\FormRequest;
class CreateRoleRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return Role::$rules;
}
}

View File

@ -0,0 +1,32 @@
<?php
namespace App\Http\Requests;
use App\Models\Role;
use Illuminate\Foundation\Http\FormRequest;
/**
* @property array permissions
*/
class UpdateRoleRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize(): bool
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules(): array
{
return Role::$rules;
}
}

View File

@ -4,6 +4,28 @@ namespace App\Models;
use Laratrust\Models\LaratrustRole;
/**
* @method static where(string $string, $group)
*/
class Role extends LaratrustRole
{
protected $fillable = [
'id',
'name',
'display_name',
'read_only',
];
protected $casts = [
'read_only' => 'boolean',
];
/**
* Validation rules
*
* @var array
*/
public static $rules = [
'display_name' => 'required',
];
}

View File

@ -0,0 +1,48 @@
<?php
namespace App\Repositories;
use App\Interfaces\Repository;
use App\Models\Permission;
use Prettus\Repository\Contracts\CacheableInterface;
use Prettus\Repository\Traits\CacheableRepository;
/**
* Class RoleRepository
*/
class PermissionsRepository extends Repository implements CacheableInterface
{
use CacheableRepository;
protected $fieldSearchable = [
'name' => 'like',
];
public function model(): string
{
return Permission::class;
}
/**
* Return the list of roles formatted for a select box
*
* @param bool $add_blank
*
* @return array
*/
public function selectBoxList($add_blank = false): array
{
$retval = [];
$items = $this->all();
if ($add_blank) {
$retval[''] = '';
}
foreach ($items as $i) {
$retval[$i->id] = $i->name;
}
return $retval;
}
}

View File

@ -0,0 +1,55 @@
<?php
namespace App\Repositories;
use App\Interfaces\Repository;
use App\Models\Role;
use Prettus\Repository\Contracts\CacheableInterface;
use Prettus\Repository\Traits\CacheableRepository;
/**
* Class RoleRepository
*/
class RoleRepository extends Repository implements CacheableInterface
{
use CacheableRepository;
protected $fieldSearchable = [
'name' => 'like',
];
public function model(): string
{
return Role::class;
}
/**
* Return the list of roles formatted for a select box
*
* @param bool $include_read_only
* @param bool $add_blank
*
* @return array
*/
public function selectBoxList($include_read_only = true, $add_blank = false): array
{
$retval = [];
$where = [];
if ($include_read_only) {
$where['read_only'] = true;
}
$items = $this->findWhere($where);
if ($add_blank) {
$retval[''] = '';
}
foreach ($items as $i) {
$retval[$i->id] = $i->name;
}
return $retval;
}
}

View File

@ -4,10 +4,14 @@
*/
Route::group([
'namespace' => 'Admin', 'prefix' => 'admin', 'as' => 'admin.',
'middleware' => ['role:admin'],
], function () {
'middleware' => ['ability:admin,admin-access'],
], static function () {
// CRUD for airlines
Route::resource('airlines', 'AirlinesController');
// CRUD for roles
Route::resource('roles', 'RolesController');
Route::get('airports/export', 'AirportController@export')->name('airports.export');
Route::match(['get', 'post', 'put'], 'airports/fuel', 'AirportController@fuel');
Route::match(['get', 'post'], 'airports/import', 'AirportController@import')->name('airports.import');

View File

@ -51,7 +51,7 @@ class UserService extends Service
*
* @return mixed
*/
public function createPilot(User $user, array $groups = null)
public function createUser(User $user, array $groups = null)
{
// Determine if we want to auto accept
if (setting('pilots.auto_accept') === true) {
@ -63,9 +63,10 @@ class UserService extends Service
$user->save();
// Attach the user roles
$role = Role::where('name', 'user')->first();
$user->attachRole($role);
// $role = Role::where('name', 'user')->first();
// $user->attachRole($role);
// Attach any additional roles
if (!empty($groups) && \is_array($groups)) {
foreach ($groups as $group) {
$role = Role::where('name', $group)->first();

View File

@ -1,6 +1,5 @@
---
version: '3'
services:
app:
build:

View File

@ -124,6 +124,10 @@ class InstallerController extends Controller
/**
* Step 1. Check the modules and permissions
*
* @param Request $request
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function step1(Request $request)
{
@ -151,6 +155,10 @@ class InstallerController extends Controller
/**
* Step 2. Database Setup
*
* @param Request $request
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function step2(Request $request)
{
@ -186,13 +194,13 @@ class InstallerController extends Controller
// Now write out the env file
$attrs = [
'SITE_NAME' => $request->post('site_name'),
'SITE_URL' => $request->post('site_url'),
'DB_CONN' => $request->post('db_conn'),
'DB_HOST' => $request->post('db_host'),
'DB_PORT' => $request->post('db_port'),
'DB_NAME' => $request->post('db_name'),
'DB_USER' => $request->post('db_user'),
'DB_PASS' => $request->post('db_pass'),
'SITE_URL' => $request->post('site_url'),
'DB_CONN' => $request->post('db_conn'),
'DB_HOST' => $request->post('db_host'),
'DB_PORT' => $request->post('db_port'),
'DB_NAME' => $request->post('db_name'),
'DB_USER' => $request->post('db_user'),
'DB_PASS' => $request->post('db_pass'),
'DB_PREFIX' => $request->post('db_prefix'),
];
@ -264,12 +272,12 @@ class InstallerController extends Controller
public function usersetup(Request $request)
{
$validator = Validator::make($request->all(), [
'airline_name' => 'required',
'airline_icao' => 'required|unique:airlines,icao',
'airline_name' => 'required',
'airline_icao' => 'required|unique:airlines,icao',
'airline_country' => 'required',
'name' => 'required',
'email' => 'required|email|unique:users,email',
'password' => 'required|confirmed'
'name' => 'required',
'email' => 'required|email|unique:users,email',
'password' => 'required|confirmed'
]);
if ($validator->fails()) {
@ -283,8 +291,8 @@ class InstallerController extends Controller
*/
$attrs = [
'icao' => $request->get('airline_icao'),
'name' => $request->get('airline_name'),
'icao' => $request->get('airline_icao'),
'name' => $request->get('airline_name'),
'country' => $request->get('airline_country'),
];
@ -297,17 +305,17 @@ class InstallerController extends Controller
*/
$attrs = [
'name' => $request->get('name'),
'email' => $request->get('email'),
'api_key' => Utils::generateApiKey(),
'airline_id' => $airline->id,
'name' => $request->get('name'),
'email' => $request->get('email'),
'api_key' => Utils::generateApiKey(),
'airline_id' => $airline->id,
'home_airport_id' => 'KAUS',
'curr_airport_id' => 'KAUS',
'password' => Hash::make($request->get('password'))
'password' => Hash::make($request->get('password'))
];
$user = User::create($attrs);
$user = $this->userService->createPilot($user, ['admin']);
$user = $this->userService->createUser($user, ['admin']);
Log::info('User registered: ', $user->toArray());
# Set the intial admin e-mail address

View File

@ -10,15 +10,28 @@
<div class="collapse" id="operations_menu" aria-expanded="true">
<ul class="nav">
@ability('admin', 'pireps')
<li><a href="{{ url('/admin/pireps') }}"><i class="pe-7s-cloud-upload"></i>pireps
<span data-toggle="tooltip" title="3 New"
class="badge bg-light-blue pull-right">3</span>
<span data-toggle="tooltip" title="3 New" class="badge bg-light-blue pull-right">3</span>
</a>
</li>
@endability
@ability('admin', 'flights')
<li><a href="{{ url('/admin/flights') }}"><i class="pe-7s-vector"></i>flights</a></li>
@endability
@ability('admin', 'fleet')
<li><a href="{{ url('/admin/subfleets') }}"><i class="pe-7s-plane"></i>fleet</a></li>
@endability
@ability('admin', 'fares')
<li><a href="{{ url('/admin/fares') }}"><i class="pe-7s-graph2"></i>fares</a></li>
@endability
@ability('admin', 'finances')
<li><a href="{{ url('/admin/finances') }}"><i class="pe-7s-display1"></i>finances</a></li>
@endability
</ul>
</div>
</li>
@ -30,15 +43,37 @@
<div class="collapse" id="config_menu" aria-expanded="true">
<ul class="nav">
<li><a href="{{ url('/admin/airlines') }}"><i
class="pe-7s-paper-plane"></i>airlines</a></li>
<li><a href="{{ url('/admin/airports') }}"><i
class="pe-7s-map-marker"></i>airports</a></li>
@ability('admin', 'airlines')
<li><a href="{{ url('/admin/airlines') }}"><i class="pe-7s-paper-plane"></i>airlines</a></li>
@endability
@ability('admin', 'airports')
<li><a href="{{ url('/admin/airports') }}"><i class="pe-7s-map-marker"></i>airports</a></li>
@endability
@ability('admin', 'finances')
<li><a href="{{ url('/admin/expenses') }}"><i class="pe-7s-cash"></i>expenses</a></li>
@endability
@ability('admin', 'users')
<li><a href="{{ url('/admin/users') }}"><i class="pe-7s-users"></i>users</a></li>
@endability
@ability('admin', 'ranks')
<li><a href="{{ url('/admin/ranks') }}"><i class="pe-7s-graph1"></i>ranks</a></li>
@endability
@ability('admin', 'awards')
<li><a href="{!! url('/admin/awards') !!}"><i class="pe-7s-diamond"></i>awards</a></li>
@endability
@ability('admin', 'users')
<li><a href="{!! url('/admin/roles') !!}"><i class="pe-7s-network"></i>roles</a></li>
@endability
@ability('admin', 'settings')
<li><a href="{{ url('/admin/settings') }}"><i class="pe-7s-config"></i>settings</a></li>
@endability
</ul>
</div>
</li>
@ -50,9 +85,11 @@
<div class="collapse" id="addons_menu" aria-expanded="true">
<ul class="nav">
@ability('admin', 'addons')
@foreach($moduleSvc->getAdminLinks() as &$link)
<li><a href="{{ url($link['url']) }}"><i class="{{ $link['icon'] }}"></i>{{ $link['title'] }}</a></li>
@endforeach
@endability
</ul>
</div>
</li>

View File

@ -0,0 +1,11 @@
@extends('admin.app')
@section('title', 'Add Airline')
@section('content')
<div class="card border-blue-bottom">
<div class="content">
{{ Form::open(['route' => 'admin.airlines.store']) }}
@include('admin.airlines.fields')
{{ Form::close() }}
</div>
</div>
@endsection

View File

@ -0,0 +1,17 @@
@extends('admin.app')
@section('title', "Edit \"$role->display_name\"")
@section('content')
<div class="card border-blue-bottom">
<div class="content">
{{ Form::model($role, ['route' => ['admin.roles.update', $role->id], 'method' => 'patch']) }}
@include('admin.roles.fields')
{{ Form::close() }}
</div>
</div>
<div class="card border-blue-bottom">
<div class="content">
@include('admin.roles.users')
</div>
</div>
@endsection

View File

@ -0,0 +1,51 @@
<div class="row">
<!-- Code Field -->
<div class="form-group col-sm-4">
<div class="form-container">
<h6><i class="fas fa-keyboard"></i>
&nbsp;Name
</h6>
<div class="form-container-body">
<div class="row">
<div class="form-group col-sm-12">
{{ Form::text('display_name', null, ['class' => 'form-control']) }}
<p class="text-danger">{{ $errors->first('display_name') }}</p>
</div>
</div>
</div>
</div>
</div>
<!-- Permissions Field -->
<div class="form-group col-sm-8">
<div class="form-container">
<h6><i class="fas fa-check-square"></i>
&nbsp;Permissions
</h6>
<div class="form-container-body">
<div class="row">
<div class="form-group col-sm-12">
@foreach($permissions as $p)
<div class="checkbox">
<label class="checkbox-inline">
{{ Form::hidden('permissions[]', false) }}
{{ Form::checkbox('permissions[]', $p->id) }}
{{ Form::label('permissions[]', $p->display_name) }} - <span class="description">{{$p->description}}</span>
</label>
</div>
@endforeach
</div>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<!-- Submit Field -->
<div class="form-group col-sm-12">
<div class="pull-right">
{{ Form::button('Save', ['type' => 'submit', 'class' => 'btn btn-success']) }}
<a href="{{ route('admin.roles.index') }}" class="btn btn-default">Cancel</a>
</div>
</div>
</div>

View File

@ -0,0 +1,19 @@
@extends('admin.app')
@section('title', 'Roles')
@section('actions')
<li>
<a href="{{ route('admin.roles.create') }}">
<i class="ti-plus"></i>
Add New</a>
</li>
@endsection
@section('content')
<div class="card border-blue-bottom">
<div class="content">
@include('admin.roles.table')
</div>
</div>
@endsection

View File

@ -0,0 +1,20 @@
<table class="table table-hover table-responsive" id="roles-table">
<thead>
<th>Name</th>
<th></th>
</thead>
<tbody>
@foreach($roles as $role)
<tr>
<td>{{ $role->display_name }}</td>
<td class="text-right">
{{ Form::open(['route' => ['admin.roles.destroy', $role->id], 'method' => 'delete']) }}
<a href="{{ route('admin.roles.edit', [$role->id]) }}"
class='btn btn-sm btn-success btn-icon'><i class="fas fa-pencil-alt"></i></a>
{{ Form::button('<i class="fa fa-times"></i>', ['type' => 'submit', 'class' => 'btn btn-sm btn-danger btn-icon', 'onclick' => "return confirm('Are you sure?')"]) }}
{{ Form::close() }}
</td>
</tr>
@endforeach
</tbody>
</table>

View File

@ -0,0 +1,17 @@
<div class="row">
<!-- Code Field -->
<div class="form-group col-sm-12">
<div class="form-container">
<h6><i class="fas fa-users"></i>
&nbsp;Users
</h6>
<div class="form-container-body">
<div class="row">
<div class="col-sm-12">
TO DO
</div>
</div>
</div>
</div>
</div>
</div>

0
storage/debugbar/.gitignore vendored Normal file → Executable file
View File

0
storage/docker/.gitignore vendored Normal file → Executable file
View File

0
storage/framework/cache/.gitignore vendored Normal file → Executable file
View File

0
storage/framework/sessions/.gitignore vendored Normal file → Executable file
View File

0
storage/framework/views/.gitignore vendored Normal file → Executable file
View File

View File

@ -22,7 +22,7 @@ class RegistrationTest extends TestCase
setting('pilots.auto_accept', true);
$user = factory(App\Models\User::class)->create();
$user = $userSvc->createPilot($user);
$user = $userSvc->createUser($user);
$this->assertEquals(UserState::ACTIVE, $user->state);