namespace BookStack\Auth;
+use BookStack\Auth\Permissions\EntityPermission;
use BookStack\Auth\Permissions\JointPermission;
use BookStack\Auth\Permissions\RolePermission;
use BookStack\Interfaces\Loggable;
use BookStack\Model;
use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
*/
class Role extends Model implements Loggable
{
+ use HasFactory;
+
protected $fillable = ['display_name', 'description', 'external_auth_id'];
+ protected $hidden = ['pivot'];
+
/**
* The roles that belong to the role.
*/
return $this->belongsToMany(RolePermission::class, 'permission_role', 'role_id', 'permission_id');
}
+ /**
+ * Get the entity permissions assigned to this role.
+ */
+ public function entityPermissions(): HasMany
+ {
+ return $this->hasMany(EntityPermission::class);
+ }
+
/**
* Check if this role has a permission.
*/
/**
* Get the role of the specified display name.
*/
- public static function getRole(string $displayName): ?Role
+ public static function getRole(string $displayName): ?self
{
return static::query()->where('display_name', '=', $displayName)->first();
}
/**
* Get the role object for the specified system role.
*/
- public static function getSystemRole(string $systemName): ?Role
+ public static function getSystemRole(string $systemName): ?self
{
return static::query()->where('system_name', '=', $systemName)->first();
}
/**
- * Get all visible roles.
- */
- public static function visible(): Collection
- {
- return static::query()->where('hidden', '=', false)->orderBy('name')->get();
- }
-
- /**
- * Get the roles that can be restricted.
- */
- public static function restrictable(): Collection
- {
- return static::query()
- ->where('system_name', '!=', 'admin')
- ->orderBy('display_name', 'asc')
- ->get();
- }
-
- /**
- * @inheritdoc
+ * {@inheritdoc}
*/
public function logDescriptor(): string
{
projects / bookstack / blobdiff