]> BookStack Code Mirror - bookstack/blob - app/Auth/Role.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fix image delete confirm text
[bookstack] / app / Auth / Role.php
1 <?php namespace BookStack\Auth;
2
3 use BookStack\Auth\Permissions\JointPermission;
4 use BookStack\Auth\Permissions\RolePermission;
5 use BookStack\Interfaces\Loggable;
6 use BookStack\Model;
7 use Illuminate\Database\Eloquent\Collection;
8 use Illuminate\Database\Eloquent\Relations\BelongsToMany;
9 use Illuminate\Database\Eloquent\Relations\HasMany;
10
11 /**
12  * Class Role
13  * @property int $id
14  * @property string $display_name
15  * @property string $description
16  * @property string $external_auth_id
17  * @property string $system_name
18  */
19 class Role extends Model implements Loggable
20 {
21
22     protected $fillable = ['display_name', 'description', 'external_auth_id'];
23
24     /**
25      * The roles that belong to the role.
26      */
27     public function users(): BelongsToMany
28     {
29         return $this->belongsToMany(User::class)->orderBy('name', 'asc');
30     }
31
32     /**
33      * Get all related JointPermissions.
34      */
35     public function jointPermissions(): HasMany
36     {
37         return $this->hasMany(JointPermission::class);
38     }
39
40     /**
41      * The RolePermissions that belong to the role.
42      */
43     public function permissions(): BelongsToMany
44     {
45         return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id');
46     }
47
48     /**
49      * Check if this role has a permission.
50      */
51     public function hasPermission(string $permissionName): bool
52     {
53         $permissions = $this->getRelationValue('permissions');
54         foreach ($permissions as $permission) {
55             if ($permission->getRawAttribute('name') === $permissionName) {
56                 return true;
57             }
58         }
59         return false;
60     }
61
62     /**
63      * Add a permission to this role.
64      */
65     public function attachPermission(RolePermission $permission)
66     {
67         $this->permissions()->attach($permission->id);
68     }
69
70     /**
71      * Detach a single permission from this role.
72      */
73     public function detachPermission(RolePermission $permission)
74     {
75         $this->permissions()->detach([$permission->id]);
76     }
77
78     /**
79      * Get the role of the specified display name.
80      */
81     public static function getRole(string $displayName): ?Role
82     {
83         return static::query()->where('display_name', '=', $displayName)->first();
84     }
85
86     /**
87      * Get the role object for the specified system role.
88      */
89     public static function getSystemRole(string $systemName): ?Role
90     {
91         return static::query()->where('system_name', '=', $systemName)->first();
92     }
93
94     /**
95      * Get all visible roles
96      */
97     public static function visible(): Collection
98     {
99         return static::query()->where('hidden', '=', false)->orderBy('name')->get();
100     }
101
102     /**
103      * Get the roles that can be restricted.
104      */
105     public static function restrictable(): Collection
106     {
107         return static::query()->where('system_name', '!=', 'admin')->get();
108     }
109
110     /**
111      * @inheritdoc
112      */
113     public function logDescriptor(): string
114     {
115         return "({$this->id}) {$this->display_name}";
116     }
117 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.