improved permission attachment

akaunting · Apr 3, 2020 · 04f2872 · 04f2872
1 parent babffc0
commit 04f2872
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 16 deletions.
diff --git a/app/Traits/Permissions.php b/app/Traits/Permissions.php
@@ -43,15 +43,17 @@ public function attachPermissionsToPortalRoles($permissions)
 
     public function attachPermissionsToAllRoles($permissions, $require = 'read-admin-panel')
     {
-        $roles = Role::all()->filter(function ($r) use ($require) {
-            return $require ? $r->hasPermission($require) : true;
-        });
+        $this->getRoles($require)->each(function ($role) use ($permissions) {
+            foreach ($permissions as $id => $permission) {
+                if ($this->isActionList($permission)) {
+                    $this->attachPermissionsByAction($role, $id, $permission);
+
+                    continue;
+                }
 
-        foreach ($roles as $role) {
-            foreach ($permissions as $permission) {
                 $this->attachPermission($role, $permission);
             }
-        }
+        });
     }
 
     public function detachPermissionsByRoleNames($roles)
@@ -200,13 +202,18 @@ public function createModuleWidgetPermission($module, $class)
     }
 
     public function createModuleSettingPermission($module, $action)
+    {
+        return $this->createModuleControllerPermission($module, $action, 'settings');
+    }
+
+    public function createModuleControllerPermission($module, $action, $controller)
     {
         if (is_string($module)) {
             $module = module($module);
         }
 
-        $name = $action . '-' . $module->getAlias() . '-settings';
-        $display_name = Str::title($action) . ' ' . $module->getName() . ' Settings';
+        $name = $action . '-' . $module->getAlias() . '-' . $controller;
+        $display_name = Str::title($action) . ' ' . $module->getName() . ' ' . Str::title($controller);
 
         return $this->createPermission($name, $display_name);
     }
@@ -276,7 +283,8 @@ public function isActionList($permission)
             return false;
         }
 
-        return (strlen($permission) == '1') || Str::contains($permission, ',');
+        // c || c,r,u,d
+        return (Str::length($permission) == 1) || Str::contains($permission, ',');
     }
 
     public function attachPermissionsByAction($role, $page, $action_list)
@@ -296,6 +304,23 @@ public function attachPermissionsByAction($role, $page, $action_list)
 
     public function getPermissionDisplayName($name)
     {
-        return Str::title(str_replace('-', ' ', $name));
+        if (!empty($this->alias)) {
+            $name = str_replace($this->alias, '{Module Placeholder}', $name);
+        }
+
+        $name = Str::title(str_replace('-', ' ', $name));
+
+        if (!empty($this->alias)) {
+            $name = str_replace('{Module Placeholder}', module($this->alias)->getName(), $name);
+        }
+
+        return $name;
+    }
+
+    public function getRoles($require = 'read-admin-panel')
+    {
+        return Role::all()->filter(function ($role) use ($require) {
+            return $require ? $role->hasPermission($require) : true;
+        });
     }
 }
diff --git a/modules/OfflinePayments/Http/Controllers/Settings.php b/modules/OfflinePayments/Http/Controllers/Settings.php
@@ -11,7 +11,6 @@
 
 class Settings extends Controller
 {
-
     /**
      * Show the form for editing the specified resource.
      *
@@ -157,7 +156,7 @@ public function destroy(DRequest $request)
 
         $message = trans('messages.success.deleted', ['type' => $remove['name']]);
 
-        // because it show nofitication.
+        // because it show notification.
         //flash($message)->success();
 
         return response()->json([

diff --git a/modules/OfflinePayments/Listeners/InstallModule.php b/modules/OfflinePayments/Listeners/InstallModule.php
@@ -9,6 +9,8 @@ class InstallModule
 {
     use Permissions;
 
+    public $alias = 'offline-payments';
+
     /**
      * Handle the event.
      *
@@ -17,7 +19,7 @@ class InstallModule
      */
     public function handle(Event $event)
     {
-        if ($event->alias != 'offline-payments') {
+        if ($event->alias != $this->alias) {
             return;
         }
 
@@ -26,10 +28,9 @@ public function handle(Event $event)
 
     protected function updatePermissions()
     {
+        // c=create, r=read, u=update, d=delete
         $this->attachPermissionsToAdminRoles([
-            $this->createModuleSettingPermission('offline-payments', 'read'),
-            $this->createModuleSettingPermission('offline-payments', 'update'),
-            $this->createModuleSettingPermission('offline-payments', 'delete'),
+            $this->alias . '-settings' => 'r,u,d',
         ]);
     }
 }