add role permission logic
This commit is contained in:
@@ -0,0 +1,60 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Permission;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class PermissionCrudService
|
||||
{
|
||||
public function create(array $payload): Permission
|
||||
{
|
||||
$data = $this->normalizePayload($payload);
|
||||
|
||||
try {
|
||||
return DB::transaction(function () use ($data) {
|
||||
return Permission::query()->create($data);
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Permission create failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function update(Permission $permission, array $payload): Permission
|
||||
{
|
||||
$data = $this->normalizePayload($payload);
|
||||
|
||||
try {
|
||||
return DB::transaction(function () use ($permission, $data) {
|
||||
$permission->fill($data);
|
||||
$permission->save();
|
||||
return $permission;
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Permission update failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function delete(Permission $permission): void
|
||||
{
|
||||
try {
|
||||
DB::transaction(function () use ($permission) {
|
||||
$permission->delete();
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Permission delete failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
private function normalizePayload(array $payload): array
|
||||
{
|
||||
return [
|
||||
'name' => trim((string) ($payload['name'] ?? '')),
|
||||
'description' => trim((string) ($payload['description'] ?? '')),
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,58 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Role;
|
||||
use App\Models\Staff;
|
||||
use App\Models\User;
|
||||
use App\Models\UserRole;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class RoleAssignmentService
|
||||
{
|
||||
public function __construct(private RoleStaffService $staffService)
|
||||
{
|
||||
}
|
||||
|
||||
/** @param int[] $roleIds */
|
||||
public function assignRoles(int $userId, array $roleIds, ?int $adminId = null): array
|
||||
{
|
||||
$roleIds = array_values(array_unique(array_filter(array_map('intval', $roleIds), fn ($id) => $id > 0)));
|
||||
|
||||
$user = User::query()->find($userId);
|
||||
if (!$user) {
|
||||
return ['ok' => false, 'message' => 'User not found.'];
|
||||
}
|
||||
|
||||
try {
|
||||
DB::transaction(function () use ($userId, $roleIds, $adminId) {
|
||||
UserRole::query()->where('user_id', $userId)->delete();
|
||||
|
||||
foreach ($roleIds as $roleId) {
|
||||
UserRole::query()->create([
|
||||
'user_id' => $userId,
|
||||
'role_id' => $roleId,
|
||||
'updated_by' => $adminId,
|
||||
]);
|
||||
}
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Role assignment failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
|
||||
$roleNames = Role::query()
|
||||
->whereIn('id', $roleIds)
|
||||
->pluck('name')
|
||||
->map(fn ($n) => strtolower((string) $n))
|
||||
->all();
|
||||
|
||||
$this->staffService->syncStaffRecord($user, $roleNames);
|
||||
|
||||
return [
|
||||
'ok' => true,
|
||||
'role_names' => $roleNames,
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,107 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Role;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class RoleCrudService
|
||||
{
|
||||
public function create(array $payload): Role
|
||||
{
|
||||
$data = $this->normalizePayload($payload);
|
||||
|
||||
try {
|
||||
return DB::transaction(function () use ($data) {
|
||||
return Role::query()->create($data);
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Role create failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function update(Role $role, array $payload): Role
|
||||
{
|
||||
$data = $this->normalizePayload($payload, $role->id, $role->slug ?? null);
|
||||
|
||||
try {
|
||||
return DB::transaction(function () use ($role, $data) {
|
||||
$role->fill($data);
|
||||
$role->save();
|
||||
return $role;
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Role update failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function delete(Role $role): void
|
||||
{
|
||||
try {
|
||||
DB::transaction(function () use ($role) {
|
||||
$role->delete();
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Role delete failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
private function normalizePayload(array $payload, ?int $ignoreId = null, ?string $currentSlug = null): array
|
||||
{
|
||||
$rawName = trim((string) ($payload['name'] ?? ''));
|
||||
$rawSlug = trim((string) ($payload['slug'] ?? ''));
|
||||
$route = trim((string) ($payload['dashboard_route'] ?? ''));
|
||||
$desc = trim((string) ($payload['description'] ?? ''));
|
||||
$priority = (int) ($payload['priority'] ?? 0);
|
||||
$isActive = !empty($payload['is_active']) ? 1 : 0;
|
||||
|
||||
$name = strtolower($rawName);
|
||||
$dashboardRoute = strtolower($route);
|
||||
$description = strtolower($desc);
|
||||
|
||||
$slug = $rawSlug !== '' ? $rawSlug : $name;
|
||||
$slug = strtolower(preg_replace('/[^a-z0-9]+/i', '_', $slug));
|
||||
$slug = trim($slug, '_');
|
||||
|
||||
if ($slug !== $currentSlug) {
|
||||
$slug = $this->ensureUniqueSlug($slug, $ignoreId);
|
||||
}
|
||||
|
||||
return [
|
||||
'name' => $name,
|
||||
'slug' => $slug,
|
||||
'description' => $description,
|
||||
'dashboard_route' => $dashboardRoute,
|
||||
'priority' => $priority,
|
||||
'is_active' => $isActive,
|
||||
];
|
||||
}
|
||||
|
||||
private function ensureUniqueSlug(string $baseSlug, ?int $ignoreId = null): string
|
||||
{
|
||||
$slug = $baseSlug;
|
||||
$i = 2;
|
||||
|
||||
while (true) {
|
||||
$query = Role::query()->where('slug', $slug);
|
||||
if ($ignoreId !== null) {
|
||||
$query->where('id', '!=', $ignoreId);
|
||||
}
|
||||
|
||||
if (!$query->exists()) {
|
||||
return $slug;
|
||||
}
|
||||
|
||||
$slug = $baseSlug . '_' . $i;
|
||||
$i++;
|
||||
|
||||
if ($i > 100000) {
|
||||
return $slug;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Role;
|
||||
|
||||
class RoleDashboardService
|
||||
{
|
||||
/** @param string[] $roleKeys */
|
||||
public function bestDashboardRouteFor(array $roleKeys): string
|
||||
{
|
||||
$rows = Role::findByNamesOrSlugs($roleKeys);
|
||||
if (!empty($rows)) {
|
||||
return $rows[0]->dashboard_route ?? '/landing_page/guest_dashboard';
|
||||
}
|
||||
|
||||
return '/landing_page/guest_dashboard';
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,95 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Permission;
|
||||
use App\Models\RolePermission;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class RolePermissionService
|
||||
{
|
||||
public function listPermissions(): array
|
||||
{
|
||||
return Permission::query()
|
||||
->orderBy('id', 'asc')
|
||||
->get()
|
||||
->all();
|
||||
}
|
||||
|
||||
public function listRolePermissions(int $roleId): array
|
||||
{
|
||||
$rows = Permission::query()
|
||||
->leftJoin('role_permissions', function ($join) use ($roleId) {
|
||||
$join->on('role_permissions.permission_id', '=', 'permissions.id')
|
||||
->where('role_permissions.role_id', '=', $roleId);
|
||||
})
|
||||
->select(
|
||||
'permissions.id',
|
||||
'permissions.name',
|
||||
'permissions.description',
|
||||
'role_permissions.can_create',
|
||||
'role_permissions.can_read',
|
||||
'role_permissions.can_update',
|
||||
'role_permissions.can_delete',
|
||||
'role_permissions.can_manage'
|
||||
)
|
||||
->orderBy('permissions.name', 'asc')
|
||||
->get()
|
||||
->map(fn ($r) => (array) $r)
|
||||
->all();
|
||||
|
||||
return $rows;
|
||||
}
|
||||
|
||||
public function saveRolePermissions(int $roleId, array $permissions): void
|
||||
{
|
||||
try {
|
||||
DB::transaction(function () use ($roleId, $permissions) {
|
||||
$existing = RolePermission::query()
|
||||
->where('role_id', $roleId)
|
||||
->get()
|
||||
->keyBy('permission_id');
|
||||
|
||||
foreach ($permissions as $permissionId => $crudValues) {
|
||||
$permissionId = (int) $permissionId;
|
||||
if ($permissionId <= 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$data = [
|
||||
'can_create' => !empty($crudValues['create']) ? 1 : 0,
|
||||
'can_read' => !empty($crudValues['read']) ? 1 : 0,
|
||||
'can_update' => !empty($crudValues['update']) ? 1 : 0,
|
||||
'can_delete' => !empty($crudValues['delete']) ? 1 : 0,
|
||||
'can_manage' => !empty($crudValues['manage']) ? 1 : 0,
|
||||
];
|
||||
|
||||
if ($existing->has($permissionId)) {
|
||||
RolePermission::query()
|
||||
->where('role_id', $roleId)
|
||||
->where('permission_id', $permissionId)
|
||||
->update($data);
|
||||
} else {
|
||||
RolePermission::query()->create(array_merge($data, [
|
||||
'role_id' => $roleId,
|
||||
'permission_id' => $permissionId,
|
||||
]));
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($existing as $permissionId => $row) {
|
||||
if (!array_key_exists((string) $permissionId, $permissions) && !array_key_exists((int) $permissionId, $permissions)) {
|
||||
RolePermission::query()
|
||||
->where('role_id', $roleId)
|
||||
->where('permission_id', $permissionId)
|
||||
->delete();
|
||||
}
|
||||
}
|
||||
});
|
||||
} catch (\Throwable $e) {
|
||||
Log::error('Role permission save failed: ' . $e->getMessage());
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,79 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Role;
|
||||
use Illuminate\Contracts\Pagination\LengthAwarePaginator;
|
||||
use Illuminate\Database\Eloquent\Builder;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
|
||||
class RoleQueryService
|
||||
{
|
||||
public function listRoles(array $filters): LengthAwarePaginator
|
||||
{
|
||||
$query = Role::query()
|
||||
->select('roles.*')
|
||||
->leftJoin('user_roles', 'user_roles.role_id', '=', 'roles.id')
|
||||
->selectRaw('COUNT(DISTINCT user_roles.user_id) AS user_count')
|
||||
->groupBy('roles.id');
|
||||
|
||||
if (!empty($filters['search'])) {
|
||||
$search = trim((string) $filters['search']);
|
||||
$query->where(function (Builder $q) use ($search) {
|
||||
$q->where('roles.name', 'like', '%' . $search . '%')
|
||||
->orWhere('roles.slug', 'like', '%' . $search . '%')
|
||||
->orWhere('roles.description', 'like', '%' . $search . '%');
|
||||
});
|
||||
}
|
||||
|
||||
$sortBy = (string) ($filters['sort_by'] ?? 'name');
|
||||
$sortDir = strtolower((string) ($filters['sort_dir'] ?? 'asc')) === 'desc' ? 'desc' : 'asc';
|
||||
$allowed = ['name', 'slug', 'priority', 'is_active', 'created_at'];
|
||||
if (!in_array($sortBy, $allowed, true)) {
|
||||
$sortBy = 'name';
|
||||
}
|
||||
|
||||
$perPage = (int) ($filters['per_page'] ?? 20);
|
||||
$perPage = $perPage > 0 ? $perPage : 20;
|
||||
|
||||
return $query->orderBy($sortBy, $sortDir)->paginate($perPage);
|
||||
}
|
||||
|
||||
public function listUsersWithRoles(array $filters): LengthAwarePaginator
|
||||
{
|
||||
$query = DB::table('users')
|
||||
->leftJoin('user_roles', 'user_roles.user_id', '=', 'users.id')
|
||||
->leftJoin('roles', 'roles.id', '=', 'user_roles.role_id')
|
||||
->select(
|
||||
'users.id',
|
||||
'users.firstname',
|
||||
'users.lastname',
|
||||
'users.email',
|
||||
'users.account_id',
|
||||
DB::raw('GROUP_CONCAT(DISTINCT roles.name) as roles')
|
||||
)
|
||||
->groupBy('users.id', 'users.firstname', 'users.lastname', 'users.email', 'users.account_id');
|
||||
|
||||
if (!empty($filters['search'])) {
|
||||
$search = trim((string) $filters['search']);
|
||||
$query->where(function ($q) use ($search) {
|
||||
$q->where('users.firstname', 'like', '%' . $search . '%')
|
||||
->orWhere('users.lastname', 'like', '%' . $search . '%')
|
||||
->orWhere('users.email', 'like', '%' . $search . '%')
|
||||
->orWhere('users.account_id', 'like', '%' . $search . '%');
|
||||
});
|
||||
}
|
||||
|
||||
$sortBy = (string) ($filters['sort_by'] ?? 'lastname');
|
||||
$sortDir = strtolower((string) ($filters['sort_dir'] ?? 'asc')) === 'desc' ? 'desc' : 'asc';
|
||||
$allowed = ['firstname', 'lastname', 'email', 'account_id'];
|
||||
if (!in_array($sortBy, $allowed, true)) {
|
||||
$sortBy = 'lastname';
|
||||
}
|
||||
|
||||
$perPage = (int) ($filters['per_page'] ?? 20);
|
||||
$perPage = $perPage > 0 ? $perPage : 20;
|
||||
|
||||
return $query->orderBy('users.' . $sortBy, $sortDir)->paginate($perPage);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,72 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\Staff;
|
||||
use App\Models\User;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class RoleStaffService
|
||||
{
|
||||
public function syncStaffRecord(User $user, array $newRoleNames): void
|
||||
{
|
||||
$excludedRoles = ['parent', 'student', 'guest'];
|
||||
$loweredNewRoles = array_map('strtolower', $newRoleNames);
|
||||
|
||||
$existingStaff = Staff::query()->where('user_id', $user->id)->first();
|
||||
$existingRoles = [];
|
||||
if ($existingStaff && !empty($existingStaff->role_name)) {
|
||||
$existingRoles = array_map('strtolower', array_map('trim', explode(',', $existingStaff->role_name)));
|
||||
}
|
||||
|
||||
$allRoles = array_unique(array_merge($existingRoles, $loweredNewRoles));
|
||||
$staffRoles = array_filter($newRoleNames, fn ($role) => !in_array(strtolower($role), $excludedRoles, true));
|
||||
$activeRole = !empty($staffRoles) ? $staffRoles[0] : 'inactive';
|
||||
|
||||
$email = $this->generateUniqueStaffEmail($user->firstname ?? '', $user->lastname ?? '', (int) $user->id);
|
||||
|
||||
$payload = [
|
||||
'user_id' => (int) $user->id,
|
||||
'firstname' => $user->firstname ?? '',
|
||||
'lastname' => $user->lastname ?? '',
|
||||
'email' => $email,
|
||||
'phone' => $user->cellphone ?? '',
|
||||
'role_name' => implode(', ', $allRoles),
|
||||
'active_role' => $activeRole,
|
||||
'school_year' => $user->school_year ?? '',
|
||||
];
|
||||
|
||||
$saved = Staff::upsertStaff($payload);
|
||||
if (!$saved) {
|
||||
Log::warning('Failed to upsert staff record.', ['user_id' => $user->id]);
|
||||
}
|
||||
}
|
||||
|
||||
private function generateUniqueStaffEmail(string $firstname, string $lastname, int $userId): string
|
||||
{
|
||||
$domain = '@alrahmaisgl.org';
|
||||
|
||||
$firstname = strtolower(preg_replace('/[^a-z]/i', '', $firstname));
|
||||
$lastname = strtolower(preg_replace('/[^a-z]/i', '', $lastname));
|
||||
|
||||
$min = 1;
|
||||
$max = max(1, strlen($firstname));
|
||||
$base = '';
|
||||
$email = '';
|
||||
|
||||
for ($i = $min; $i <= $max; $i++) {
|
||||
$base = substr($firstname, 0, $i) . $lastname;
|
||||
$email = $base . $domain;
|
||||
|
||||
$exists = Staff::query()
|
||||
->where('email', $email)
|
||||
->where('user_id', '!=', $userId)
|
||||
->exists();
|
||||
if (!$exists) {
|
||||
return $email;
|
||||
}
|
||||
}
|
||||
|
||||
return $base . $userId . $domain;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,25 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Roles;
|
||||
|
||||
use App\Models\UserRole;
|
||||
use Illuminate\Support\Facades\Session;
|
||||
|
||||
class RoleSwitchService
|
||||
{
|
||||
public function __construct(private RoleDashboardService $dashboardService)
|
||||
{
|
||||
}
|
||||
|
||||
public function getUserRoleNames(int $userId): array
|
||||
{
|
||||
$roles = UserRole::getRolesByUserId($userId);
|
||||
return array_values(array_filter(array_map(fn ($r) => (string) ($r['role_name'] ?? ''), $roles)));
|
||||
}
|
||||
|
||||
public function switchRole(string $role): string
|
||||
{
|
||||
Session::put('active_role', $role);
|
||||
return $this->dashboardService->bestDashboardRouteFor([$role]);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user