sprinkle-worker/src/Database/Seeds/WorkerPermissions.php

<?php

/*
 * AVSDev UF Worker (https://avsdev.uk)
 *
 * @link      https://git.avsdev.uk/avsdev/sprinkle-worker
 * @license   https://git.avsdev.uk/avsdev/sprinkle-worker/blob/master/LICENSE.md (LGPL-3.0 License)
 */

namespace UserFrosting\Sprinkle\Worker\Database\Seeds;

use UserFrosting\Sprinkle\Account\Database\Models\Permission;
use UserFrosting\Sprinkle\Account\Database\Models\Role;
use UserFrosting\Sprinkle\Core\Database\Seeder\BaseSeed;
use UserFrosting\Sprinkle\Core\Facades\Seeder;

/**
 * Seeder for the dashboard permissions.
 */
class WorkerPermissions extends BaseSeed
{
    /**
     * {@inheritdoc}
     */
    public function run()
    {
        // We require the default roles
        Seeder::execute('DefaultRoles');

        // Get and save permissions
        $permissions = $this->getPermissions();
        $this->savePermissions($permissions);

        // Add default mappings to permissions
        $this->syncPermissionsRole($permissions);
    }

    /**
     * @return array Permissions to seed
     */
    protected function getPermissions()
    {
        return [
            'uri_job' => new Permission([
                'slug'        => 'uri_job',
                'name'        => 'View job',
                'conditions'  => 'always()',
                'description' => 'View the job page of any job.',
            ]),
            'uri_jobs' => new Permission([
                'slug'        => 'uri_jobs',
                'name'        => 'Jobs management page',
                'conditions'  => 'always()',
                'description' => 'View a page containing a table of jobs.',
            ]),
        ];
    }

    /**
     * Save permissions.
     *
     * @param array $permissions
     */
    protected function savePermissions(array &$permissions)
    {
        foreach ($permissions as $slug => $permission) {
            // Trying to find if the permission already exist
            $existingPermission = Permission::where(['slug' => $permission->slug, 'conditions' => $permission->conditions])->first();

            // Don't save if already exist, use existing permission reference
            // otherwise to re-sync permissions and roles
            if ($existingPermission == null) {
                $permission->save();
            } else {
                $permissions[$slug] = $existingPermission;
            }
        }
    }

    /**
     * Sync permissions with default roles.
     *
     * @param array $permissions
     */
    protected function syncPermissionsRole(array $permissions)
    {
        $roleSiteAdmin = Role::where('slug', 'site-admin')->first();
        if ($roleSiteAdmin) {
            $roleSiteAdmin->permissions()->syncWithoutDetaching([
                $permissions['uri_jobs']->id,
                $permissions['uri_job']->id,
            ]);
        }
    }
}