1 <?php namespace BookStack\Repos;
4 use BookStack\Exceptions\PermissionsException;
5 use BookStack\Permission;
12 protected $permission;
16 * PermissionsRepo constructor.
20 public function __construct(Permission $permission, Role $role)
22 $this->permission = $permission;
27 * Get all the user roles from the system.
28 * @return \Illuminate\Database\Eloquent\Collection|static[]
30 public function getAllRoles()
32 return $this->role->all();
36 * Get all the roles except for the provided one.
40 public function getAllRolesExcept(Role $role)
42 return $this->role->where('id', '!=', $role->id)->get();
46 * Get a role via its ID.
50 public function getRoleById($id)
52 return $this->role->findOrFail($id);
56 * Save a new role into the system.
57 * @param array $roleData
60 public function saveNewRole($roleData)
62 $role = $this->role->newInstance($roleData);
63 $role->name = str_replace(' ', '-', strtolower($roleData['display_name']));
64 // Prevent duplicate names
65 while ($this->role->where('name', '=', $role->name)->count() > 0) {
66 $role->name .= strtolower(str_random(2));
70 $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
71 $this->assignRolePermissions($role, $permissions);
76 * Updates an existing role.
77 * Ensure Admin role always has all permissions.
81 public function updateRole($roleId, $roleData)
83 $role = $this->role->findOrFail($roleId);
84 $permissions = isset($roleData['permissions']) ? array_keys($roleData['permissions']) : [];
85 $this->assignRolePermissions($role, $permissions);
87 if ($role->name === 'admin') {
88 $permissions = $this->permission->all()->pluck('id')->toArray();
89 $role->permissions()->sync($permissions);
92 $role->fill($roleData);
97 * Assign an list of permission names to an role.
99 * @param array $permissionNameArray
101 public function assignRolePermissions(Role $role, $permissionNameArray = [])
104 $permissionNameArray = array_values($permissionNameArray);
105 if ($permissionNameArray && count($permissionNameArray) > 0) {
106 $permissions = $this->permission->whereIn('name', $permissionNameArray)->pluck('id')->toArray();
108 $role->permissions()->sync($permissions);
112 * Delete a role from the system.
113 * Check it's not an admin role or set as default before deleting.
114 * If an migration Role ID is specified the users assign to the current role
115 * will be added to the role of the specified id.
117 * @param $migrateRoleId
118 * @throws PermissionsException
120 public function deleteRole($roleId, $migrateRoleId)
122 $role = $this->role->findOrFail($roleId);
124 // Prevent deleting admin role or default registration role.
125 if ($role->name === 'admin') {
126 throw new PermissionsException('The admin role cannot be deleted');
127 } else if ($role->id == Setting::get('registration-role')) {
128 throw new PermissionsException('This role cannot be deleted while set as the default registration role.');
131 if ($migrateRoleId) {
132 $newRole = $this->role->find($migrateRoleId);
134 $users = $role->users->pluck('id')->toArray();
135 $newRole->users()->sync($users);