Marco/Feuerwehr-eppingen
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b370fc7133
Feuerwehr-eppingen/app/Helpers/AccessHelper.php

440 lines
8.5 KiB
PHP
Raw Blame History

<?php
/**
* Created by PhpStorm.
* User: Marco Glietsch
* Date: 19.04.2018
* Time: 09:21
*/
namespace App\Helpers;
use Illuminate\Support\Facades\Auth as Auth;
class AccessHelper
{
static function isAuthenticated()
{
return \Auth::user();
}
static function isAdmin()
{
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(\Auth::user()->can(__("permissions.administrator")))
{
return true;
}
else
{
return false;
}
}
static function currentUserId()
{
if(AccessHelper::isAuthenticated())
{
return Auth::user()->id;
}
else
{
return 0;
}
}
static function hasPermissionRoles($permissions = array())
{
if(array_key_exists('permissions', $permissions))
{
if(AccessHelper::isAdmin()
|| \Auth::user()->hasAnyRole($permissions['permissions']))
{
return true;
}
}
else
{
return true;
}
}
static function hasAdminPermission($name)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin()
|| \Auth::user()->hasRole(__("permissions.:model administrator", ['model' => $name])))
{
return true;
}
else
{
return false;
}
}
static function hasModeratorPermission($name)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin()
|| \Auth::user()->hasRole(__("permissions.:model moderator", ['model' => $name])))
{
return true;
}
else
{
return false;
}
}
static function hasAnyPermission($name)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin()
|| \Auth::user()->can(__("permissions.:model create", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model edit (all)", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model edit (own)", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model delete (all)", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model delete (own)", ['model' => $name]))
|| (strpos($name, 'Dashboard') !== false))
{
return true;
}
else
{
return false;
}
}
static function hasAnyModelPermission($model)
{
$name = ucfirst($model->type);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin() ||
((\Auth::user()->can(__("permissions.:model create", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model edit (all)", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model edit (own)", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model delete (all)", ['model' => $name]))
|| \Auth::user()->can(__("permissions.:model delete (own)", ['model' => $name]))
|| (strpos($name, 'Dashboard') !== false))
&& AccessHelper::userHasDepartment($model) && AccessHelper::userHasInstance($model)))
{
return true;
}
else
{
return false;
}
}
static function hasCreatePermission($name)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin()
|| \Auth::user()->can(__("permissions.:model create", ['model' => $name])))
{
return true;
}
else
{
return false;
}
}
static function hasAnyEditPermission($name, $user_id = -1)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if($user_id == -1)
{
$user_id = Auth::user()->id;
}
if(AccessHelper::isAdmin()
|| AccessHelper::hasEditOwnPermission($name, $user_id)
|| AccessHelper::hasEditAllPermission($name))
{
return true;
}
else
{
return false;
}
}
static function hasEditOwnPermission($name, $user_id = -1)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if($user_id == -1)
{
$user_id = Auth::user()->id;
}
if(\Auth::user()->can(__("permissions.:model edit (own)", ['model' => $name])) && (Auth::user()->id == $user_id))
{
return true;
}
else
{
return false;
}
}
static function hasEditAllPermission($name)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin()
|| \Auth::user()->can(__("permissions.:model edit (all)", ['model' => $name])))
{
return true;
}
else
{
return false;
}
}
static function hasEditModelPermission($model)
{
$name = ucfirst($model->type);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin() ||
(\Auth::user()->can(__("permissions.:model edit (all)", ['model' => $name])) && AccessHelper::userHasDepartment($model) && AccessHelper::userHasInstance($model)))
{
return true;
}
else
{
return false;
}
}
static function hasAnyDeletePermission($name, $user_id = -1)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if($user_id == -1)
{
$user_id = Auth::user()->id;
}
if(AccessHelper::isAdmin()
|| AccessHelper::hasDeleteOwnPermission($name, $user_id)
|| AccessHelper::hasDeleteAllPermission($name))
{
return true;
}
else
{
return false;
}
}
static function hasDeleteOwnPermission($name, $user_id = -1)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if($user_id == -1)
{
$user_id = Auth::user()->id;
}
if(\Auth::user()->can(__("permissions.:model delete (own)", ['model' => $name])) && (Auth::user()->id == $user_id))
{
return true;
}
else
{
return false;
}
}
static function hasDeleteAllPermission($name)
{
$name = ucfirst($name);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin()
||\Auth::user()->can(__("permissions.:model delete (all)", ['model' => $name])))
{
return true;
}
else
{
return false;
}
}
static function hasDeleteModelPermission($model)
{
$name = ucfirst($model->type);
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(AccessHelper::isAdmin() ||
(\Auth::user()->can(__("permissions.:model delete (all)", ['model' => $name])) && AccessHelper::userHasDepartment($model) && AccessHelper::userHasInstance($model)))
{
return true;
}
else
{
return false;
}
}
static function countPermissions($names)
{
$count = 0;
if(!AccessHelper::isAuthenticated())
{
return false;
}
if(!is_array($names))
{
$names = array($names);
}
foreach($names as $name)
{
$name = ucfirst($name);
if(AccessHelper::isAdmin())
{
$count++;
}
if(\Auth::user()->can(__("permissions.:model create", ['model' => $name])))
{
$count++;
}
if(\Auth::user()->can(__("permissions.:model edit (all)", ['model' => $name])))
{
$count++;
}
if(Auth::user()->can(__("permissions.:model edit (own)", ['model' => $name])))
{
$count++;
}
if(Auth::user()->can(__("permissions.:model delete (all)", ['model' => $name])))
{
$count++;
}
if(\Auth::user()->can(__("permissions.:model delete (own)", ['model' => $name])))
{
$count++;
}
}
return $count;
}
static function userHasDepartment($model)
{
$hasDepartment = false;
// Hole die Abteilungen des Benutzers
$userDepartments = array();
\Auth::user()->departments->each(function ($department) use (&$userDepartments)
{
$userDepartments[] = $department->name;
});
if(method_exists($model, 'tag'))
{
// Vergleiche die Abteilungen des Benutzers mit der Abteilung des Posts
$model->tag('abteilung')->each(function ($department) use ($userDepartments, &$hasDepartment)
{
if(in_array($department->name, $userDepartments))
{
$hasDepartment = true;
return;
}
});
}
return $hasDepartment;
}
static function userHasInstance($model)
{
$hasInstance = false;
// Hole die Instanzen des Benutzers
$userInstances = array();
\Auth::user()->instances->each(function($instance) use (&$userInstances){
$userInstances[] = $instance->name;
});
if(method_exists($model, 'tag'))
{
// Vergleiche die Instanzen des Benutzers mit der Instanz des Posts
$model->tag('instanz')->each(function ($instance) use ($userInstances, &$hasInstance)
{
if(in_array($instance->name, $userInstances))
{
$hasInstance = true;
return;
}
});
// Wenn keine Instanz verlinkt ist, gilt die Berechtigung trotzdem als erteilt
if($model->tag('instanz')->count() == 0)
{
return true;
}
}
return $hasInstance;
}
}
Reference in New Issue View Git Blame Copy Permalink