Add interface to additional roles/permissions

2019-06-20 16:52:37 -04:00
parent 29ca9711f8
commit b28ace970c
29 changed files with 677 additions and 45 deletions
--- a/app/Database/migrations/2017_06_08_0001_roles_permissions_tables.php
+++ b/app/Database/migrations/2017_06_08_0001_roles_permissions_tables.php
@@ -74,11 +74,6 @@ class RolesPermissionsTables extends Migration
                'name'         => 'admin',
                'display_name' => 'Administrators',
            ],
-            [
-                'id'           => 2,
-                'name'         => 'user',
-                'display_name' => 'Pilot',
-            ],
        ];

        $this->addData('roles', $roles);
--- a/app/Database/migrations/2019_06_19_220910_add_readonly_to_roles.php
+++ b/app/Database/migrations/2019_06_19_220910_add_readonly_to_roles.php
@@ -0,0 +1,37 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddReadonlyToRoles extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up(): void
+    {
+        Schema::table('roles', static function (Blueprint $table) {
+            $table->boolean('read_only');
+        });
+
+        // Set the two main roles as read-only
+        DB::table('roles')
+            ->whereIn('name', ['admin', 'user'])
+            ->update(['read_only' => true]);
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down(): void
+    {
+        Schema::table('roles', static function (Blueprint $table) {
+            $table->dropColumn('read_only');
+        });
+    }
+}
--- a/app/Database/seeds/DatabaseSeeder.php
+++ b/app/Database/seeds/DatabaseSeeder.php
@@ -5,17 +5,16 @@ use Illuminate\Database\Seeder;

 class DatabaseSeeder extends Seeder
 {
-    /**
-     * Map these other environments to a specific seed file
-     *
-     * @var array
-     */
-    public static $seed_mapper = [
+    private static $seed_mapper = [
        'local'   => 'dev',
        'qa'      => 'dev',
        'staging' => 'dev',
    ];

+    private static $always_seed = [
+        'permissions',
+    ];
+
    /**
     * Run the database seeds.
     *
@@ -28,6 +27,7 @@ class DatabaseSeeder extends Seeder
            $env = self::$seed_mapper[$env];
        }

+        Log::info('Seeding from environment '.$env);
        $path = database_path('seeds/'.$env.'.yml');

        if (!file_exists($path)) {
@@ -36,5 +36,14 @@ class DatabaseSeeder extends Seeder

        $svc = app(DatabaseService::class);
        $svc->seed_from_yaml_file($path);
+
+        // Always seed/sync these
+        foreach (self::$always_seed as $file) {
+            Log::info('Importing '.$file);
+            $path = database_path('seeds/'.$file.'.yml');
+            if (file_exists($path)) {
+                $svc->seed_from_yaml_file($path);
+            }
+        }
    }
 }
--- a/app/Database/seeds/permissions.yml
+++ b/app/Database/seeds/permissions.yml
@@ -0,0 +1,42 @@
+# All of the different permissions that can be assigned to roles
+---
+permissions:
+  - name: admin-access
+    display_name: Admin Access
+    description: Access the admin panel
+  - name: airlines
+    display_name: Airlines
+    description: Create/edit airlines
+  - name: airports
+    display_name: Airports
+    description: Create/edit airports
+  - name: addons
+    display_name: Addons
+    description: Edit/view addons
+  - name: awards
+    display_name: Awards
+    description: Create/edit award classes
+  - name: flights
+    display_name: Flights
+    description: Create/edit flights
+  - name: fleet
+    display_name: Fleet
+    description: Create/edit subfleets and fleets
+  - name: fares
+    display_name: Fares
+    description: Create/edit fares
+  - name: finances
+    display_name: Finances
+    description: Create/view finance related items
+  - name: pireps
+    display_name: PIREPs
+    description: Accept/reject/edit PIREPs
+  - name: ranks
+    display_name: Ranks
+    description: Create/edit ranks
+  - name: users
+    display_name: Users
+    description: Create/edit users
+  - name: settings
+    display_name: Settings
+    description: Edit VA settings
--- a/app/Database/seeds/sample.yml
+++ b/app/Database/seeds/sample.yml
@@ -9,6 +9,10 @@ airlines:
    created_at: now
    updated_at: now

+roles:
+  - name: fleet-only
+    display_name: Edit Fleet
+
 users:
  - id: 1
    name: Admin User