Skip to content

Group abilities by groups, list abilities for user roles #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
May 6, 2024
Merged

Group abilities by groups, list abilities for user roles #42

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
87343a7
Introduce ability groups
patrickrobrecht May 5, 2024
04b2970
Add users details page
patrickrobrecht May 5, 2024
704befd
Add page showing own abilities
patrickrobrecht May 5, 2024
6ad0d3b
Improve UI, add missing ability checks
patrickrobrecht May 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions app/Http/Controllers/AccountController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,13 @@ public function show(): View
return view('account.account_show');
}

public function showAbilities(): View
{
$this->authorize('viewAbilities', User::class);

return view('account.account_show_abilities');
}

public function edit(): View
{
$this->authorize('editAccount', User::class);
Expand Down
9 changes: 9 additions & 0 deletions app/Http/Controllers/UserRoleController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,15 @@ public function store(UserRoleRequest $request): RedirectResponse
return back();
}

public function show(UserRole $userRole): View
{
$this->authorize('view', $userRole);

return view('user_roles.user_role_show', [
'userRole' => $userRole,
]);
}

public function edit(UserRole $userRole): View
{
$this->authorize('update', $userRole);
Expand Down
19 changes: 15 additions & 4 deletions app/Models/User.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,17 +198,25 @@ public function fillAndSave(array $validatedData): bool
}

/**
* @return \Illuminate\Support\Collection<Ability>
* @return Collection<string>
*/
public function getAbilities(): \Illuminate\Support\Collection
public function getAbilitiesAsStrings(): \Illuminate\Support\Collection
{
$abilities = \Illuminate\Support\Collection::empty();
foreach ($this->userRoles as $userRole) {
$abilities->add($userRole->abilities);
}

return $abilities->flatten()
->unique()
->unique();
}

/**
* @return \Illuminate\Support\Collection<Ability>
*/
public function getAbilities(): \Illuminate\Support\Collection
{
return $this->getAbilitiesAsStrings()
->map(static fn (string $ability) => Ability::tryFrom($ability))
->filter()
->values();
Expand Down Expand Up @@ -250,6 +258,9 @@ public function loadProfileData(): self
'documents',
'groups',
]),
'responsibleForEvents.eventSeries',
'responsibleForEvents.location',
'responsibleForEvents.parentEvent',
'responsibleForEventSeries' => fn (MorphToMany $eventSeries) => $eventSeries
->withCount([
'documents',
Expand All @@ -261,7 +272,7 @@ public function loadProfileData(): self
'events_min_started_at' => 'datetime',
'events_max_started_at' => 'datetime',
]),
'responsibleForOrganizations',
'responsibleForOrganizations.location',
]);

// Set backwards relation for documents.
Expand Down
169 changes: 131 additions & 38 deletions app/Options/Ability.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,13 @@ enum Ability: string
{
use NamedOption;

case ViewAccount = 'users.view_account';
case EditAccount = 'users.edit_account';
case ManagePersonalAccessTokens = 'personal_access_tokens.manage_own';

// Events
case ViewEvents = 'events.view';
case ViewPrivateEvents = 'events.view_private';
case CreateEvents = 'events.create';
case EditEvents = 'events.edit';
case ViewResponsibilitiesOfEvents = 'events.responsibilities.view';

case ManageBookingOptionsOfEvent = 'events.manage_booking_options';
case ViewBookingsOfEvent = 'events.view_bookings';
case ExportBookingsOfEvent = 'events.export_bookings';
Expand All @@ -24,39 +23,45 @@ enum Ability: string
case EditBookingComment = 'events.edit_booking_comment';
case ViewPaymentStatus = 'events.view_payment_status';
case EditPaymentStatus = 'events.edit_payment_status';

case ManageGroupsOfEvent = 'events.manage_groups';
case ExportGroupsOfEvent = 'events.export_groups';
case ViewDocumentsOfEvents = 'events.documents.view';
case AddDocumentsToEvents = 'events.documents.create';
case EditDocumentsOfEvents = 'events.documents.edit';
case DeleteDocumentsOfEvents = 'events.documents.delete';
case ViewResponsibilitiesOfEvents = 'events.responsibilities.view';

case ViewEventSeries = 'event_series.view';
case ViewPrivateEventSeries = 'event_series.view_private';
case CreateEventSeries = 'event_series.create';
case EditEventSeries = 'event_series.edit';
case ViewDocumentsOfEventSeries = 'event_series.documents.view';
case AddDocumentsToEventSeries = 'event_series.documents.create';
case EditDocumentsOfEventSeries = 'event_series.documents.edit';
case DeleteDocumentsOfEventSeries = 'event_series.documents.delete';
case ViewResponsibilitiesOfEventSeries = 'event_series.responsibilities.view';

// Basic data
case ViewOrganizations = 'organizations.view';
case CreateOrganizations = 'organizations.create';
case EditOrganizations = 'organizations.edit';
case ViewResponsibilitiesOfOrganizations = 'organizations.responsibilities.view';

case ViewLocations = 'locations.view';
case CreateLocations = 'locations.create';
case EditLocations = 'locations.edit';

case ViewOrganizations = 'organizations.view';
case CreateOrganizations = 'organizations.create';
case EditOrganizations = 'organizations.edit';
// Documents
case ViewDocuments = 'documents.view';

case ViewDocumentsOfEvents = 'events.documents.view';
case AddDocumentsToEvents = 'events.documents.create';
case EditDocumentsOfEvents = 'events.documents.edit';
case DeleteDocumentsOfEvents = 'events.documents.delete';

case ViewDocumentsOfEventSeries = 'event_series.documents.view';
case AddDocumentsToEventSeries = 'event_series.documents.create';
case EditDocumentsOfEventSeries = 'event_series.documents.edit';
case DeleteDocumentsOfEventSeries = 'event_series.documents.delete';

case ViewDocumentsOfOrganizations = 'organizations.documents.view';
case AddDocumentsToOrganizations = 'organizations.documents.create';
case EditDocumentsOfOrganizations = 'organizations.documents.edit';
case DeleteDocumentsOfOrganizations = 'organizations.documents.delete';
case ViewResponsibilitiesOfOrganizations = 'organizations.responsibilities.view';

case ViewDocuments = 'documents.view';

// Users and abilities
case ViewUsers = 'users.view';
case CreateUsers = 'users.create';
case EditUsers = 'users.edit';
Expand All @@ -65,17 +70,84 @@ enum Ability: string
case CreateUserRoles = 'user_roles.create';
case EditUserRoles = 'user_roles.edit';

public function getTranslatedName(): string
case ViewAccount = 'users.view_account';
case ViewAbilities = 'users.view_account.abilities';
case EditAccount = 'users.edit_account';
case ManagePersonalAccessTokens = 'personal_access_tokens.manage_own';

public function getAbilityGroup(): AbilityGroup
{
return match ($this) {
self::ViewAccount => __('View own account'),
self::EditAccount => __('Edit own account'),
self::ManagePersonalAccessTokens => __('Manage personal access tokens'),
// Events
self::ViewEvents,
self::ViewPrivateEvents,
self::CreateEvents,
self::EditEvents,
self::ViewResponsibilitiesOfEvents => AbilityGroup::Events,
self::ManageBookingOptionsOfEvent,
self::ViewBookingsOfEvent,
self::ExportBookingsOfEvent,
self::EditBookingsOfEvent,
self::DeleteAndRestoreBookingsOfEvent,
self::EditBookingComment,
self::ViewPaymentStatus,
self::EditPaymentStatus => AbilityGroup::Bookings,
self::ManageGroupsOfEvent,
self::ExportGroupsOfEvent => AbilityGroup::Groups,
self::ViewEventSeries,
self::ViewPrivateEventSeries,
self::CreateEventSeries,
self::EditEventSeries,
self::ViewResponsibilitiesOfEventSeries => AbilityGroup::EventSeries,

// Basic data
self::ViewOrganizations,
self::CreateOrganizations,
self::EditOrganizations,
self::ViewResponsibilitiesOfOrganizations => AbilityGroup::Organizations,
self::ViewLocations,
self::CreateLocations,
self::EditLocations => AbilityGroup::Locations,

// Documents
self::ViewDocuments => AbilityGroup::Documents,
self::ViewDocumentsOfEvents,
self::AddDocumentsToEvents,
self::EditDocumentsOfEvents,
self::DeleteDocumentsOfEvents => AbilityGroup::DocumentsOfEvents,
self::ViewDocumentsOfEventSeries,
self::AddDocumentsToEventSeries,
self::EditDocumentsOfEventSeries,
self::DeleteDocumentsOfEventSeries => AbilityGroup::DocumentsOfEventSeries,
self::ViewDocumentsOfOrganizations,
self::AddDocumentsToOrganizations,
self::EditDocumentsOfOrganizations,
self::DeleteDocumentsOfOrganizations => AbilityGroup::DocumentsOfOrganizations,

// Users and abilities
self::ViewUsers,
self::CreateUsers,
self::EditUsers => AbilityGroup::Users,
self::ViewUserRoles,
self::CreateUserRoles,
self::EditUserRoles => AbilityGroup::UserRoles,
self::ViewAccount,
self::ViewAbilities,
self::EditAccount,
self::ManagePersonalAccessTokens => AbilityGroup::OwnAccount,
};
}

public function getTranslatedName(): string
{
return match ($this) {
// Events
self::ViewEvents => __('View events'),
self::ViewPrivateEvents => __('View private events'),
self::CreateEvents => __('Create events'),
self::EditEvents => __('Edit events'),
self::ViewResponsibilitiesOfEvents => __('View responsibilities of events'),

self::ManageBookingOptionsOfEvent => __('Manage booking options of event'),
self::ViewBookingsOfEvent => __('View bookings of event'),
self::ExportBookingsOfEvent => __('Export bookings of event'),
Expand All @@ -84,46 +156,67 @@ public function getTranslatedName(): string
self::EditBookingComment => __('Edit booking comment'),
self::ViewPaymentStatus => __('View payment status'),
self::EditPaymentStatus => __('Edit payment status'),

self::ManageGroupsOfEvent => __('Manage groups of event'),
self::ExportGroupsOfEvent => __('Export groups of event'),
self::ViewDocumentsOfEvents => __('View documents of events'),
self::AddDocumentsToEvents => __('Add documents to events'),
self::EditDocumentsOfEvents => __('Update documents of events'),
self::DeleteDocumentsOfEvents => __('Delete documents of events'),
self::ViewResponsibilitiesOfEvents => __('View responsibilities of events'),

self::ViewEventSeries => __('View event series'),
self::ViewPrivateEventSeries => __('View private event series'),
self::CreateEventSeries => __('Create event series'),
self::EditEventSeries => __('Edit event series'),
self::ViewDocumentsOfEventSeries => __('View documents of event series'),
self::AddDocumentsToEventSeries => __('Add documents to event series'),
self::EditDocumentsOfEventSeries => __('Update documents of event series'),
self::DeleteDocumentsOfEventSeries => __('Delete documents of event series'),
self::ViewResponsibilitiesOfEventSeries => __('View responsibilities of event series'),

// Basic data
self::ViewOrganizations => __('View organizations'),
self::CreateOrganizations => __('Create organizations'),
self::EditOrganizations => __('Edit organizations'),
self::ViewResponsibilitiesOfOrganizations => __('View responsibilities of organizations'),

self::ViewLocations => __('View locations'),
self::CreateLocations => __('Create locations'),
self::EditLocations => __('Edit locations'),

self::ViewOrganizations => __('View organizations'),
self::CreateOrganizations => __('Create organizations'),
self::EditOrganizations => __('Edit organizations'),
// Documents
self::ViewDocuments => __('View documents'),

self::ViewDocumentsOfEvents => __('View documents of events'),
self::AddDocumentsToEvents => __('Add documents to events'),
self::EditDocumentsOfEvents => __('Update documents of events'),
self::DeleteDocumentsOfEvents => __('Delete documents of events'),

self::ViewDocumentsOfEventSeries => __('View documents of event series'),
self::AddDocumentsToEventSeries => __('Add documents to event series'),
self::EditDocumentsOfEventSeries => __('Update documents of event series'),
self::DeleteDocumentsOfEventSeries => __('Delete documents of event series'),

self::ViewDocumentsOfOrganizations => __('View documents of organizations'),
self::AddDocumentsToOrganizations => __('Add documents to organizations'),
self::EditDocumentsOfOrganizations => __('Update documents of organizations'),
self::DeleteDocumentsOfOrganizations => __('Delete documents of organizations'),
self::ViewResponsibilitiesOfOrganizations => __('View responsibilities of organizations'),

self::ViewDocuments => __('View documents'),

// Users and abilities
self::ViewUsers => __('View users'),
self::CreateUsers => __('Create users'),
self::EditUsers => __('Edit users'),

self::ViewUserRoles => __('View user roles'),
self::CreateUserRoles => __('Create user roles'),
self::EditUserRoles => __('Edit user roles'),

self::ViewAccount => __('View own account'),
self::ViewAbilities => __('View abilities'),
self::EditAccount => __('Edit own account'),
self::ManagePersonalAccessTokens => __('Manage personal access tokens'),
};
}

/**
* @return self[]
*/
public static function apiCases(): array
{
return [
self::EditAccount,
];
}
}
Loading