BookStack/app/Auth/Role.php

131 lines
3.2 KiB
PHP
Raw Normal View History

2021-06-26 11:23:15 -04:00
<?php
namespace BookStack\Auth;
use BookStack\Auth\Permissions\EntityPermission;
use BookStack\Auth\Permissions\JointPermission;
use BookStack\Auth\Permissions\RolePermission;
use BookStack\Interfaces\Loggable;
use BookStack\Model;
use Illuminate\Database\Eloquent\Collection;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
2015-08-29 10:03:42 -04:00
/**
2021-06-26 11:23:15 -04:00
* Class Role.
*
2021-09-18 16:21:44 -04:00
* @property int $id
* @property string $display_name
* @property string $description
* @property string $external_auth_id
* @property string $system_name
* @property bool $mfa_enforced
* @property Collection $users
*/
class Role extends Model implements Loggable
2015-08-29 10:03:42 -04:00
{
use HasFactory;
protected $fillable = ['display_name', 'description', 'external_auth_id', 'mfa_enforced'];
2015-09-05 12:42:05 -04:00
protected $hidden = ['pivot'];
protected $casts = [
'mfa_enforced' => 'boolean',
];
2015-08-29 10:03:42 -04:00
/**
* The roles that belong to the role.
*/
public function users(): BelongsToMany
2015-08-29 10:03:42 -04:00
{
return $this->belongsToMany(User::class)->orderBy('name', 'asc');
2015-08-29 10:03:42 -04:00
}
/**
* Get all related JointPermissions.
*/
public function jointPermissions(): HasMany
{
return $this->hasMany(JointPermission::class);
}
2015-08-29 10:03:42 -04:00
/**
* The RolePermissions that belong to the role.
2015-08-29 10:03:42 -04:00
*/
public function permissions(): BelongsToMany
2015-08-29 10:03:42 -04:00
{
return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id');
2015-08-29 10:03:42 -04:00
}
/**
* Get the entity permissions assigned to this role.
*/
public function entityPermissions(): HasMany
{
return $this->hasMany(EntityPermission::class);
}
/**
* Check if this role has a permission.
*/
public function hasPermission(string $permissionName): bool
{
$permissions = $this->getRelationValue('permissions');
foreach ($permissions as $permission) {
if ($permission->getRawAttribute('name') === $permissionName) {
return true;
}
}
2021-06-26 11:23:15 -04:00
return false;
}
2015-08-29 10:03:42 -04:00
/**
* Add a permission to this role.
*/
public function attachPermission(RolePermission $permission)
2015-08-29 10:03:42 -04:00
{
$this->permissions()->attach($permission->id);
}
/**
* Detach a single permission from this role.
*/
public function detachPermission(RolePermission $permission)
{
$this->permissions()->detach([$permission->id]);
}
/**
* Get the role of the specified display name.
*/
public static function getRole(string $displayName): ?self
{
return static::query()->where('display_name', '=', $displayName)->first();
2015-09-05 12:42:05 -04:00
}
/**
* Get the role object for the specified system role.
*/
public static function getSystemRole(string $systemName): ?self
{
static $cache = [];
if (!isset($cache[$systemName])) {
$cache[$systemName] = static::query()->where('system_name', '=', $systemName)->first();
}
return $cache[$systemName];
}
/**
* {@inheritdoc}
*/
public function logDescriptor(): string
{
return "({$this->id}) {$this->display_name}";
}
2015-08-29 10:03:42 -04:00
}