]> BookStack Code Mirror - bookstack/blob - app/Auth/Role.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
doc(dev): add xdebug informations
[bookstack] / app / Auth / Role.php
1 <?php
2
3 namespace BookStack\Auth;
4
5 use BookStack\Auth\Permissions\JointPermission;
6 use BookStack\Auth\Permissions\RolePermission;
7 use BookStack\Interfaces\Loggable;
8 use BookStack\Model;
9 use Illuminate\Database\Eloquent\Collection;
10 use Illuminate\Database\Eloquent\Factories\HasFactory;
11 use Illuminate\Database\Eloquent\Relations\BelongsToMany;
12 use Illuminate\Database\Eloquent\Relations\HasMany;
13
14 /**
15  * Class Role.
16  *
17  * @property int        $id
18  * @property string     $display_name
19  * @property string     $description
20  * @property string     $external_auth_id
21  * @property string     $system_name
22  * @property bool       $mfa_enforced
23  * @property Collection $users
24  */
25 class Role extends Model implements Loggable
26 {
27     use HasFactory;
28
29     protected $fillable = ['display_name', 'description', 'external_auth_id'];
30
31     /**
32      * The roles that belong to the role.
33      */
34     public function users(): BelongsToMany
35     {
36         return $this->belongsToMany(User::class)->orderBy('name', 'asc');
37     }
38
39     /**
40      * Get all related JointPermissions.
41      */
42     public function jointPermissions(): HasMany
43     {
44         return $this->hasMany(JointPermission::class);
45     }
46
47     /**
48      * The RolePermissions that belong to the role.
49      */
50     public function permissions(): BelongsToMany
51     {
52         return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id');
53     }
54
55     /**
56      * Check if this role has a permission.
57      */
58     public function hasPermission(string $permissionName): bool
59     {
60         $permissions = $this->getRelationValue('permissions');
61         foreach ($permissions as $permission) {
62             if ($permission->getRawAttribute('name') === $permissionName) {
63                 return true;
64             }
65         }
66
67         return false;
68     }
69
70     /**
71      * Add a permission to this role.
72      */
73     public function attachPermission(RolePermission $permission)
74     {
75         $this->permissions()->attach($permission->id);
76     }
77
78     /**
79      * Detach a single permission from this role.
80      */
81     public function detachPermission(RolePermission $permission)
82     {
83         $this->permissions()->detach([$permission->id]);
84     }
85
86     /**
87      * Get the role of the specified display name.
88      */
89     public static function getRole(string $displayName): ?self
90     {
91         return static::query()->where('display_name', '=', $displayName)->first();
92     }
93
94     /**
95      * Get the role object for the specified system role.
96      */
97     public static function getSystemRole(string $systemName): ?self
98     {
99         return static::query()->where('system_name', '=', $systemName)->first();
100     }
101
102     /**
103      * Get all visible roles.
104      */
105     public static function visible(): Collection
106     {
107         return static::query()->where('hidden', '=', false)->orderBy('name')->get();
108     }
109
110     /**
111      * Get the roles that can be restricted.
112      */
113     public static function restrictable(): Collection
114     {
115         return static::query()
116             ->where('system_name', '!=', 'admin')
117             ->orderBy('display_name', 'asc')
118             ->get();
119     }
120
121     /**
122      * {@inheritdoc}
123      */
124     public function logDescriptor(): string
125     {
126         return "({$this->id}) {$this->display_name}";
127     }
128 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.