diff --git a/src/Database/Seeds/CreateRoleAdmin.php b/src/Database/Seeds/CreateRoleAdmin.php index 175ca6f..2268f31 100644 --- a/src/Database/Seeds/CreateRoleAdmin.php +++ b/src/Database/Seeds/CreateRoleAdmin.php @@ -9,8 +9,11 @@ namespace UserFrosting\Sprinkle\UFTweaks\Database\Seeds; +use UserFrosting\Sprinkle\Account\Database\Seeds\DefaultPermissions as UFDefaultPermissions; +use UserFrosting\Sprinkle\Account\Database\Models\Permission; use UserFrosting\Sprinkle\Account\Database\Models\Role; use UserFrosting\Sprinkle\Core\Database\Seeder\BaseSeed; +use UserFrosting\Sprinkle\Core\Facades\Seeder; /** * Seeder to create the role admin @@ -22,14 +25,13 @@ class CreateRoleAdmin extends BaseSeed */ public function run() { - $roles = $this->getRoles(); + Seeder::execute('DefaultPermissions'); - foreach ($roles as $role) { - // Don't save if already exist - if (Role::where('slug', $role->slug)->first() == null) { - $role->save(); - } - } + $roles = $this->getRoles(); + $this->saveRoles($roles); + + $permissions = $this->getPermissions(); + $this->syncPermissionsRole($roles, $permissions); } /** @@ -38,11 +40,107 @@ class CreateRoleAdmin extends BaseSeed protected function getRoles() { return [ - new Role([ + 'role-admin' => new Role([ 'slug' => 'role-admin', 'name' => 'Role Administrator', 'description' => 'This role is meant for "role administrators", who can basically do anything related to roles and their permissions.', ]), ]; } -} + + /** + * Save roles. + * + * @param array $roles + */ + protected function saveRoles(array &$roles) + { + foreach ($roles as $slug => $role) { + // Trying to find if the role already exist + $existingRole = Role::where(['slug' => $role->slug])->first(); + + // Don't save if already exist, use existing role reference + // otherwise to re-sync permissions and roles + if ($existingRole == null) { + $role->save(); + } else { + $roles[$slug] = $existingRole; + } + } + } + + /** + * @return array Permissions to seed + */ + protected function getPermissions() + { + return [ + 'uri_dashboard' => Permission::where([ + ['slug', 'uri_dashboard'], + ['conditions', 'always()'] + ])->first(), + + 'uri_role' => Permission::where([ + ['slug', 'uri_role'], + ['conditions', 'always()'] + ])->first(), + 'uri_roles' => Permission::where([ + ['slug', 'uri_roles'], + ['conditions', 'always()'] + ])->first(), + 'uri_permission' => Permission::where([ + ['slug', 'uri_permission'], + ['conditions', 'always()'] + ])->first(), + 'uri_permissions' => Permission::where([ + ['slug', 'uri_permissions'], + ['conditions', 'always()'] + ])->first(), + + 'create_role' => Permission::where([ + ['slug', 'create_role'], + ['conditions', 'always()'] + ])->first(), + 'view_role_field' => Permission::where([ + ['slug', 'view_role_field'], + ['conditions', "in(property,['slug','name','description','permissions','users'])"] + ])->first(), + 'update_role_field' => Permission::where([ + ['slug', 'update_role_field'], + ['conditions', "is_master(self.id) || subset(fields,['slug','name','description'])"] + ])->first(), + 'update_role_permissions' => Permission::where([ + ['slug', 'update_role_permissions'], + ['conditions', "is_master(self.id) || subset(fields,['permissions'])"] + ])->first(), + 'delete_role' => Permission::where([ + ['slug', 'delete_role'], + ['conditions', 'always()'] + ])->first(), + ]; + } + + + /** + * Sync permissions with default roles. + * + * @param array $permissions + */ + protected function syncPermissionsRole(array $roles, array $permissions) + { + $roles['role-admin']->permissions()->syncWithoutDetaching([ + $permissions['uri_dashboard']->id, + + $permissions['uri_role']->id, + $permissions['uri_roles']->id, + $permissions['uri_permission']->id, + $permissions['uri_permissions']->id, + + $permissions['create_role']->id, + $permissions['view_role_field']->id, + $permissions['update_role_field']->id, + $permissions['update_role_permissions']->id, + $permissions['delete_role']->id, + ]); + } +} \ No newline at end of file diff --git a/src/Database/Seeds/DefaultPermissions.php b/src/Database/Seeds/DefaultPermissions.php index 226397b..742fbaf 100644 --- a/src/Database/Seeds/DefaultPermissions.php +++ b/src/Database/Seeds/DefaultPermissions.php @@ -26,7 +26,6 @@ class DefaultPermissions extends UFDefaultPermissions { // We require the default roles Seeder::execute('DefaultRoles'); - Seeder::execute('RoleAdminRole'); // Get and save permissions $permissions = $this->getPermissions(); @@ -47,7 +46,6 @@ class DefaultPermissions extends UFDefaultPermissions 'user' => Role::where('slug', 'user')->first()->id, 'group-admin' => Role::where('slug', 'group-admin')->first()->id, 'site-admin' => Role::where('slug', 'site-admin')->first()->id, - 'role-admin' => Role::where('slug', 'role-admin')->first()->id, ]; return array_merge( @@ -142,23 +140,6 @@ class DefaultPermissions extends UFDefaultPermissions { parent::syncPermissionsRole($permissions); - $roleRoleAdmin = Role::where('slug', 'role-admin')->first(); - if ($roleRoleAdmin) { - $roleRoleAdmin->permissions()->syncWithoutDetaching([ - $permissions['uri_dashboard']->id, - $permissions['uri_role']->id, - $permissions['uri_roles']->id, - $permissions['uri_permission']->id, - $permissions['uri_permissions']->id, - - $permissions['create_role']->id, - $permissions['view_role_field']->id, - $permissions['update_role_field']->id, - $permissions['update_role_permissions']->id, - $permissions['delete_role']->id, - ]); - } - $roleSiteAdmin = Role::where('slug', 'site-admin')->first(); if ($roleSiteAdmin) { $roleSiteAdmin->permissions()->syncWithoutDetaching([