- Added `RestrictedUserPermission` migration and model for managing user-role-permission restrictions. - Introduced `UserService`, `RoleService`, and related DTOs for handling user access, role assignments, and permission restrictions. - Created new Livewire components and Blade views for user management, including role/permission assignment modals. - Updated navigation and routing to include the "Users" section under "Access Manager." - Enhanced `RoleService` with methods for retrieving permissions and managing role-user interactions. - Improved UI with permission toggles and streamlined selection features for better user-role management.
101 lines
2.6 KiB
PHP
101 lines
2.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services;
|
|
|
|
use App\Data\Role\{CreateRoleData, RoleData};
|
|
use App\Models\Role;
|
|
use Illuminate\Support\Collection;
|
|
use Illuminate\Support\Facades\DB;
|
|
use InvalidArgumentException;
|
|
use NoDiscard;
|
|
use Spatie\LaravelData\{DataCollection, PaginatedDataCollection};
|
|
use Throwable;
|
|
|
|
final class RoleService
|
|
{
|
|
/**
|
|
* Create a new role.
|
|
* Returns the created role DTO
|
|
*
|
|
* @throws Throwable when an error occurs during the creation.
|
|
*/
|
|
public function create(CreateRoleData $data): RoleData
|
|
{
|
|
$role = DB::transaction(fn () => Role::query()->create([
|
|
'name' => $data->name,
|
|
'guard_name' => 'web',
|
|
]));
|
|
|
|
return RoleData::from($role);
|
|
}
|
|
|
|
/**
|
|
* @throws InvalidArgumentException when id is invalid.
|
|
* @throws Throwable when an error occurs during the deletion.
|
|
*/
|
|
public function delete(int $id): void
|
|
{
|
|
if ($id <= 0) {
|
|
throw new InvalidArgumentException('Invalid id');
|
|
}
|
|
|
|
DB::transaction(function () use ($id): void {
|
|
Role::query()->findOrFail($id)->delete();
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Returns a Paginated Collection of roles with their connected apps DTO
|
|
*
|
|
* @return PaginatedDataCollection<int, RoleData>
|
|
*/
|
|
#[NoDiscard]
|
|
public function getAll(): PaginatedDataCollection
|
|
{
|
|
$roles = Role::query()
|
|
->with(['apps:id,name', 'users:id,name'])
|
|
->orderBy('id')
|
|
->paginate();
|
|
|
|
return RoleData::collect($roles, PaginatedDataCollection::class);
|
|
}
|
|
|
|
public function searchRolesForSelect(string $search = ''): Collection
|
|
{
|
|
return Role::query()
|
|
->when('' !== $search, fn ($query) => $query->where('name', 'like', "%{$search}%"))
|
|
->select('id', 'name')
|
|
->get();
|
|
}
|
|
|
|
public function getAllRoleIds(): array
|
|
{
|
|
return Role::query()->pluck('id')->toArray();
|
|
}
|
|
|
|
/**
|
|
* Return all permissions for the given roles, grouped by role name.
|
|
* Each permission is a plain array so Livewire can serialise the property cleanly.
|
|
*
|
|
* @param array<int, int> $roleIds
|
|
*
|
|
* @return DataCollection<int, RoleData>|null
|
|
*/
|
|
#[NoDiscard]
|
|
public function getPermissionsGroupedByRole(array $roleIds): ?DataCollection
|
|
{
|
|
if (empty($roleIds)) {
|
|
return null;
|
|
}
|
|
|
|
$roles = Role::query()
|
|
->with('permissions:id,name')
|
|
->whereIn('id', $roleIds)
|
|
->get(['id', 'name']);
|
|
|
|
return RoleData::collect($roles, DataCollection::class);
|
|
}
|
|
}
|