diff --git a/README.md b/README.md index cc2ac4a..6eb0f14 100644 --- a/README.md +++ b/README.md @@ -28,13 +28,16 @@ This is the contents of the published config file: declare(strict_types=1); return [ - 'guard' => 'web', - 'roles' => [ - 'super_admin' => 'super_admin', - 'admin' => 'admin', + 'role_names' => [ + 'web' => [ + 'super_admin' => 'super_admin', + 'admin' => 'admin', + ], ], - 'extra_roles' => [ - + 'extra_role_names' => [ + // 'web' => [ + // 'user' => 'user', + // ], ], 'seeders' => [ @@ -44,7 +47,6 @@ return [ 'translated' => false, ]; - ``` ## Usage diff --git a/config/filament-permission.php b/config/filament-permission.php index 1611b27..136cfbc 100644 --- a/config/filament-permission.php +++ b/config/filament-permission.php @@ -3,13 +3,16 @@ declare(strict_types=1); return [ - 'guard' => 'web', - 'roles' => [ - 'super_admin' => 'super_admin', - 'admin' => 'admin', + 'role_names' => [ + 'web' => [ + 'super_admin' => 'super_admin', + 'admin' => 'admin', + ], ], - 'extra_roles' => [ - + 'extra_role_names' => [ + // 'web' => [ + // 'user' => 'user', + // ], ], 'seeders' => [ diff --git a/src/Actions/EditRoleAction.php b/src/Actions/EditRoleAction.php index a2e3caf..62be0e8 100644 --- a/src/Actions/EditRoleAction.php +++ b/src/Actions/EditRoleAction.php @@ -5,7 +5,7 @@ namespace Lloricode\FilamentSpatieLaravelPermissionPlugin\Actions; use Illuminate\Database\Eloquent\Model; -use Illuminate\Support\Facades\Config; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Data\RoleData; use Spatie\Permission\Contracts\Role as RoleContract; @@ -13,12 +13,9 @@ { public function execute(RoleContract & Model $role, RoleData $roleData): RoleContract & Model { - $roles = array_merge( - Config::array('filament-permission.roles'), - Config::array('filament-permission.extra_roles') - ); + $roleNames = PermissionConfig::allRoleNames($roleData->guard_name); - if (in_array($role->name, $roles, true)) { + if (in_array($role->name, $roleNames, true)) { abort(400, trans('Cannot update this role.')); } diff --git a/src/Concern/PermissionUser.php b/src/Concern/PermissionUser.php index 87786f7..cbebba9 100644 --- a/src/Concern/PermissionUser.php +++ b/src/Concern/PermissionUser.php @@ -4,18 +4,20 @@ namespace Lloricode\FilamentSpatieLaravelPermissionPlugin\Concern; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; + trait PermissionUser { - public function isAdminOrSuperAdmin(): bool + public function isAdminOrSuperAdmin(?string $guardName = null): bool { return $this->hasAnyRole( - config('filament-permission.roles.super_admin'), - config('filament-permission.roles.admin') + PermissionConfig::superAdmin($guardName), + PermissionConfig::admin($guardName), ); } - public function isSuperAdmin(): bool + public function isSuperAdmin(?string $guardName = null): bool { - return $this->hasRole(config('filament-permission.roles.super_admin')); + return $this->hasRole(PermissionConfig::superAdmin($guardName)); } } diff --git a/src/Config/PermissionConfig.php b/src/Config/PermissionConfig.php new file mode 100644 index 0000000..fcc9a9e --- /dev/null +++ b/src/Config/PermissionConfig.php @@ -0,0 +1,127 @@ +> + */ + public static function allRoleNamesByGuardName(): array + { + self::checkNoSameRoleNameOnExtra(); + + $roles = self::roleNames(); + $extraRoles = self::extraRoleNames(); + + return array_merge_recursive($roles, $extraRoles); + } + + /** + * @return array + */ + public static function allRoleNames(?string $guardName = null): array + { + if ($guardName === null) { + return Arr::flatten(self::allRoleNamesByGuardName()); + } + + return Arr::get(self::allRoleNamesByGuardName(), $guardName); + } + + public static function allGuardNames(): array + { + $extraRoles = self::extraRoleNames(); + $roles = self::roleNames(); + + return collect($extraRoles)->keys() + ->merge(collect($roles)->keys()) + ->unique() + ->toArray(); + } + + /** + * @return array> + */ + private static function roleNames(): array + { + return ConfigFacade::array('filament-permission.role_names'); + } + + /** + * @return array> + */ + private static function extraRoleNames(): array + { + return ConfigFacade::array('filament-permission.extra_role_names', []); + } + + private static function checkDefaultGuardNameExist(): void + { + + $guardNames = self::allGuardNames(); + $authGuardNames = array_keys(config('auth.guards')); + + foreach ($guardNames as $guardName) { + if (! in_array($guardName, $authGuardNames, true)) { + abort(500, 'Guard name "' . $guardName . '" is not defined in config/auth.php'); + } + } + + } + + private static function checkNoSameRoleNameOnExtra(): void + { + self::checkDefaultGuardNameExist(); + $extraRoles = self::extraRoleNames(); + + if (blank($extraRoles)) { + return; + } + + foreach (self::roleNames() as $guardName => $guardRoles) { + + foreach ($guardRoles as $role) { + if (in_array($role, $extraRoles[$guardName], true)) { + abort(500, 'extra_role name "' . $role . '" is already defined in role_names in guard "' . $guardName . '"'); + } + } + } + + } +} diff --git a/src/Data/RoleData.php b/src/Data/RoleData.php index 564c3c8..ee0658a 100644 --- a/src/Data/RoleData.php +++ b/src/Data/RoleData.php @@ -9,7 +9,7 @@ /** @param array $permissions */ public function __construct( public string $name, - public string $guard_name, + public ?string $guard_name, public array $permissions, ) {} } diff --git a/src/Database/Seeders/DefaultPermissionSeeder.php b/src/Database/Seeders/DefaultPermissionSeeder.php index 2bda5f2..e96ec93 100644 --- a/src/Database/Seeders/DefaultPermissionSeeder.php +++ b/src/Database/Seeders/DefaultPermissionSeeder.php @@ -7,8 +7,8 @@ use Exception; use Filament\Facades\Filament; use Filament\Panel; -use Illuminate\Support\Facades\Config; use Illuminate\Support\Facades\Gate; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Contracts\HasPermissionPage; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Contracts\HasPermissionWidgets; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Database\Seeders\Support\PermissionSeeder; @@ -26,7 +26,7 @@ class DefaultPermissionSeeder extends BasePermissionSeeder protected function permissionsByGuard(): array { return [ - Config::string('filament-permission.guard') => new PermissionSeeder( + PermissionConfig::getDefaultGuardName() => new PermissionSeeder( panels: $this->getPermissionsFromPanels(), pages: $this->getPermissionsFromPages(), widgets: $this->getPermissionsFromWidgets(), diff --git a/src/Database/Seeders/DefaultRoleSeeder.php b/src/Database/Seeders/DefaultRoleSeeder.php index 61e91bd..c6cfd3b 100644 --- a/src/Database/Seeders/DefaultRoleSeeder.php +++ b/src/Database/Seeders/DefaultRoleSeeder.php @@ -5,7 +5,7 @@ namespace Lloricode\FilamentSpatieLaravelPermissionPlugin\Database\Seeders; use Illuminate\Database\Seeder; -use Illuminate\Support\Facades\Config; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; use Spatie\Permission\Contracts\Permission as PermissionContract; use Spatie\Permission\Contracts\Role as RoleContract; @@ -21,30 +21,22 @@ public function __construct( */ public function run(): void { - $guard = Config::string('filament-permission.guard'); + foreach (PermissionConfig::allRoleNamesByGuardName() as $guardName => $roleNames) { - foreach (Config::array('filament-permission.roles') as $roleName) { - - $role = $this->roleContract->findOrCreate( - name: $roleName, - guardName: $guard, - ); - - if (config('filament-permission.roles.admin') === $roleName) { - $role->givePermissionTo( - $this->permissionContract - ->where('guard_name', $guard) - ->pluck('name') + foreach ($roleNames as $roleName) { + $role = $this->roleContract->findOrCreate( + name: $roleName, + guardName: $guardName, ); + if (PermissionConfig::admin($guardName) === $roleName) { + $role->givePermissionTo( + $this->permissionContract + ->where('guard_name', $guardName) + ->pluck('name') + ); + } } } - foreach (Config::array('filament-permission.extra_roles') as $roleName) { - $this->roleContract->findOrCreate( - name: $roleName, - guardName: $guard, - ); - } - } } diff --git a/src/Policies/RolePolicy.php b/src/Policies/RolePolicy.php index 6ef8071..163a4bb 100644 --- a/src/Policies/RolePolicy.php +++ b/src/Policies/RolePolicy.php @@ -5,7 +5,7 @@ namespace Lloricode\FilamentSpatieLaravelPermissionPlugin\Policies; use Illuminate\Foundation\Auth\User; -use Illuminate\Support\Facades\Config; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; use Spatie\Permission\Contracts\Role as RoleContract; class RolePolicy @@ -16,11 +16,7 @@ public function before(?User $user, string $ability, mixed $role = null): ?bool { if ($role instanceof RoleContract) { - if (in_array($role->name, Config::array('filament-permission.roles'), true)) { - return false; - } - - if (in_array($role->name, Config::array('filament-permission.extra_roles'), true)) { + if (in_array($role->name, PermissionConfig::allRoleNames($role->guard_name), true)) { return false; } } diff --git a/tests/Actions/EditRoleActionTest.php b/tests/Actions/EditRoleActionTest.php index 0aa7d6b..491d1c6 100644 --- a/tests/Actions/EditRoleActionTest.php +++ b/tests/Actions/EditRoleActionTest.php @@ -5,8 +5,8 @@ namespace Lloricode\FilamentSpatieLaravelPermissionPlugin\Tests\Actions; use Illuminate\Database\Eloquent\Model; -use Illuminate\Support\Facades\Config; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Actions\EditRoleAction; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Data\RoleData; use Spatie\Permission\Contracts\Role; use Spatie\Permission\Contracts\Role as RoleContract; @@ -14,20 +14,16 @@ use function PHPUnit\Framework\assertTrue; it('can not edit defaults', function () { - $roleNames = array_values(array_merge( - Config::array('filament-permission.roles'), - Config::array('filament-permission.extra_roles') - )); /** @var array $roles */ - $roles = app(RoleContract::class)::whereIn('name', $roleNames)->get(); + $roles = app(RoleContract::class)::whereIn('name', PermissionConfig::allRoleNames())->get(); $action = app(EditRoleAction::class); foreach ($roles as $role) { try { - $action->execute($role, new RoleData(name: fake()->word(), guard_name: '', permissions: [])); + $action->execute($role, new RoleData(name: fake()->word(), guard_name: null, permissions: [])); assertTrue(false); } catch (\Exception $e) { diff --git a/tests/Helpers.php b/tests/Helpers.php index 5f43093..67804e3 100644 --- a/tests/Helpers.php +++ b/tests/Helpers.php @@ -3,6 +3,7 @@ declare(strict_types=1); use Illuminate\Database\Eloquent\Model; +use Lloricode\FilamentSpatieLaravelPermissionPlugin\Config\PermissionConfig; use Lloricode\FilamentSpatieLaravelPermissionPlugin\Tests\Fixture\UserFactory; use Spatie\Permission\Contracts\Role as RoleContract; @@ -22,7 +23,7 @@ function getSuperAdminRole(): RoleContract & Model { /** @var RoleContract&Model $role */ $role = app(RoleContract::class)->findByName( - name: config('filament-permission.roles.super_admin'), + name: PermissionConfig::superAdmin(), ); return $role;