Skip to content

Commit

Permalink
added certificate RBAC permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@hiqsol
hiqsol committed Dec 18, 2017
1 parent c18b600 commit 72d8ecc
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 0 deletions.
9 changes: 9 additions & 0 deletions src/Initer.php
View file
Expand Up @@ -28,6 +28,7 @@ class Initer
'role:unauthorized',
'role:ticket.user',
'role:domain.user', 'domain.pay', 'domain.push',
'role:certificate.user', 'certificate.pay', 'certificate.push',
'role:server.user', 'server.pay',
'role:account.user',
'bill.read',
Expand All @@ -37,6 +38,7 @@ class Initer
'role:ticket.manager',
'role:client.support',
'role:domain.user',
'role:certificate.user',
'role:server.user',
'role:account.user',
],
Expand All @@ -48,6 +50,7 @@ class Initer
'role:support', 'manage',
'role:document.manager', 'role:stock.manager',
'role:domain.manager', 'domain.pay', 'domain.push',
'role:certificate.manager', 'certificate.pay', 'certificate.push',
'role:client.manager',
'bill.read',
'server.pay', 'server.sell',
Expand Down Expand Up @@ -79,6 +82,12 @@ class Initer
'domain.freeze', 'domain.unfreeze',
'domain.push', 'domain.force-push',
],
'role:certificate.user' => [
'certificate.read', 'certificate.update',
],
'role:certificate.manager' => [
'role:certificate.user', 'certificate.delete',
],
'role:account.user' => [
'account.read', 'account.create', 'account.update', 'account.delete',
],
Expand Down
36 changes: 36 additions & 0 deletions src/files/items.php
View file
Expand Up @@ -21,6 +21,9 @@
'role:domain.user',
'domain.pay',
'domain.push',
'role:certificate.user',
'certificate.pay',
'certificate.push',
'role:server.user',
'server.pay',
'role:account.user',
Expand All @@ -35,6 +38,7 @@
'role:ticket.manager',
'role:client.support',
'role:domain.user',
'role:certificate.user',
'role:server.user',
'role:account.user',
],
Expand All @@ -57,6 +61,9 @@
'role:domain.manager',
'domain.pay',
'domain.push',
'role:certificate.manager',
'certificate.pay',
'certificate.push',
'role:client.manager',
'bill.read',
'server.pay',
Expand Down Expand Up @@ -117,6 +124,20 @@
'domain.force-push',
],
],
'role:certificate.user' => [
'type' => 1,
'children' => [
'certificate.read',
'certificate.update',
],
],
'role:certificate.manager' => [
'type' => 1,
'children' => [
'role:certificate.user',
'certificate.delete',
],
],
'role:account.user' => [
'type' => 1,
'children' => [
Expand Down Expand Up @@ -258,6 +279,12 @@
'domain.push' => [
'type' => 2,
],
'certificate.pay' => [
'type' => 2,
],
'certificate.push' => [
'type' => 2,
],
'server.pay' => [
'type' => 2,
],
Expand Down Expand Up @@ -315,6 +342,15 @@
'domain.force-push' => [
'type' => 2,
],
'certificate.read' => [
'type' => 2,
],
'certificate.update' => [
'type' => 2,
],
'certificate.delete' => [
'type' => 2,
],
'account.read' => [
'type' => 2,
],
Expand Down
6 changes: 6 additions & 0 deletions tests/unit/CheckAccessTrait.php
View file
Expand Up @@ -73,6 +73,7 @@ public function testClient()
'restore-password', 'deposit',
'ticket.read', 'ticket.create', 'ticket.answer', 'ticket.close',
'domain.read', 'domain.update', 'domain.pay', 'domain.push',
'certificate.read', 'certificate.update', 'certificate.pay', 'certificate.push',
'server.read', 'server.pay',
'account.read', 'account.create', 'account.update', 'account.delete',
'bill.read',
Expand All @@ -86,6 +87,7 @@ public function testSupport()
'ticket.read', 'ticket.create', 'ticket.answer', 'ticket.close', 'ticket.update', 'ticket.delete',
'client.read',
'domain.read', 'domain.update',
'certificate.read', 'certificate.update',
'server.read',
'account.read', 'account.create', 'account.update', 'account.delete',
]);
Expand All @@ -98,6 +100,7 @@ public function testAdmin()
'ticket.read', 'ticket.create', 'ticket.answer', 'ticket.close', 'ticket.update', 'ticket.delete',
'client.read',
'domain.read', 'domain.update',
'certificate.read', 'certificate.update',
'server.read', 'server.create', 'server.update', 'server.delete',
'account.read', 'account.create', 'account.update', 'account.delete',
]);
Expand All @@ -112,6 +115,7 @@ public function testManager()
'bill.read',
'domain.read', 'domain.update', 'domain.delete',
'domain.pay', 'domain.push',
'certificate.read', 'certificate.update', 'certificate.delete', 'certificate.pay', 'certificate.push',
'server.read', 'server.pay', 'server.sell',
'account.read', 'account.create', 'account.update', 'account.delete',
'document.read', 'document.create', 'document.update', 'document.delete', 'document.generate',
Expand Down Expand Up @@ -143,6 +147,7 @@ public function testMighty()
'domain.freeze',
'domain.read', 'domain.update', 'domain.delete',
'domain.pay', 'domain.push', 'domain.force-push',
'certificate.read', 'certificate.update', 'certificate.delete', 'certificate.pay', 'certificate.push',
'server.read', 'server.create', 'server.update', 'server.delete', 'server.pay', 'server.sell',
'account.read', 'account.create', 'account.update', 'account.delete',
'document.read', 'document.create', 'document.update', 'document.delete',
Expand All @@ -163,6 +168,7 @@ public function testDeny()
$this->assertAccesses('user:limited', [
'ticket.read', 'ticket.create', 'ticket.answer', 'ticket.close',
'domain.read', 'domain.update', 'domain.pay',
'certificate.read', 'certificate.update', 'certificate.pay', 'certificate.push',
'account.read', 'account.create', 'account.update', 'account.delete',
'restore-password', 'bill.read',
]);
Expand Down

0 comments on commit 72d8ecc

Please sign in to comment.