castopod/app/Authorization/PermissionModel.php

<?php namespace App\Authorization;

class PermissionModel extends \Myth\Auth\Authorization\PermissionModel
{
    /**
     * Checks to see if a user, or one of their groups,
     * has a specific permission.
     *
     * @param $userId
     * @param $permissionId
     *
     * @return bool
     */
    public function doesGroupHavePermission(
        int $groupId,
        int $permissionId
    ): bool {
        // Check group permissions and take advantage of caching
        $groupPerms = $this->getPermissionsForGroup($groupId);

        return count($groupPerms) &&
            array_key_exists($permissionId, $groupPerms);
    }

    /**
     * Gets all permissions for a group in a way that can be
     * easily used to check against:
     *
     * [
     *  id => name,
     *  id => name
     * ]
     *
     * @param int $groupId
     *
     * @return array
     */
    public function getPermissionsForGroup(int $groupId): array
    {
        if (!($found = cache("group{$groupId}_permissions"))) {
            $groupPermissions = $this->db
                ->table('auth_groups_permissions')
                ->select('id, auth_permissions.name')
                ->join(
                    'auth_permissions',
                    'auth_permissions.id = permission_id',
                    'inner'
                )
                ->where('group_id', $groupId)
                ->get()
                ->getResultObject();

            $found = [];
            foreach ($groupPermissions as $row) {
                $found[$row->id] = strtolower($row->name);
            }

            cache()->save("group{$groupId}_permissions", $found, 300);
        }

        return $found;
    }
}
refactor(auth): change contributor's role logic to have it included in the users_podcasts table - update myth-auth and codeigniter to latest develop changes - improve permission check: remove all dynamic permissions per podcast and overwrite myth-auth services and permission filter - remove unnecessary code because of myth-auth upgrade - refactor some controller code for better clarity - add remaining seeders in docs closes #19, #20 2020-07-31 16:05:10 +00:00			`<?php namespace App\Authorization;`

			`class PermissionModel extends \Myth\Auth\Authorization\PermissionModel`
			`{`
			`/**`
			`* Checks to see if a user, or one of their groups,`
			`* has a specific permission.`
			`*`
			`* @param $userId`
			`* @param $permissionId`
			`*`
			`* @return bool`
			`*/`
			`public function doesGroupHavePermission(`
			`int $groupId,`
			`int $permissionId`
			`): bool {`
			`// Check group permissions and take advantage of caching`
			`$groupPerms = $this->getPermissionsForGroup($groupId);`

			`return count($groupPerms) &&`
			`array_key_exists($permissionId, $groupPerms);`
			`}`

			`/**`
			`* Gets all permissions for a group in a way that can be`
			`* easily used to check against:`
			`*`
			`* [`
			`* id => name,`
			`* id => name`
			`* ]`
			`*`
			`* @param int $groupId`
			`*`
			`* @return array`
			`*/`
			`public function getPermissionsForGroup(int $groupId): array`
			`{`
			`if (!($found = cache("group{$groupId}_permissions"))) {`
			`$groupPermissions = $this->db`
			`->table('auth_groups_permissions')`
			`->select('id, auth_permissions.name')`
			`->join(`
			`'auth_permissions',`
			`'auth_permissions.id = permission_id',`
			`'inner'`
			`)`
			`->where('group_id', $groupId)`
			`->get()`
			`->getResultObject();`

			`$found = [];`
			`foreach ($groupPermissions as $row) {`
			`$found[$row->id] = strtolower($row->name);`
			`}`

			`cache()->save("group{$groupId}_permissions", $found, 300);`
			`}`

			`return $found;`
			`}`
			`}`