Skip to content

Commit

Permalink
Fixing the authorisation checks
Browse files Browse the repository at this point in the history
  • Loading branch information
@arcanedev-maroc
arcanedev-maroc committed May 8, 2017
1 parent 25b1a7b commit f235636
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 46 deletions.
51 changes: 18 additions & 33 deletions src/Entities/Item.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<?php namespace Arcanesoft\Sidebar\Entities;

use Arcanesoft\Contracts\Auth\Models\User;
use Illuminate\Contracts\Support\Arrayable;
use Illuminate\Contracts\Support\Jsonable;
use Illuminate\Support\Arr;
Expand All @@ -18,6 +17,7 @@ class Item implements Arrayable, Jsonable, JsonSerializable
| Properties
| -----------------------------------------------------------------
*/

/**
* The item name.
*
Expand Down Expand Up @@ -53,13 +53,6 @@ class Item implements Arrayable, Jsonable, JsonSerializable
*/
protected $active = false;

/**
* The authenticated user.
*
* @var \Arcanesoft\Contracts\Auth\Models\User
*/
protected $user;

/**
* The item roles.
*
Expand All @@ -85,6 +78,7 @@ class Item implements Arrayable, Jsonable, JsonSerializable
| Constructor
| -----------------------------------------------------------------
*/

/**
* Item constructor.
*
Expand All @@ -107,6 +101,7 @@ public function __construct($name, $title, $url, $icon = null)
| Getters & Setters
| -----------------------------------------------------------------
*/

/**
* Get the item name.
*
Expand Down Expand Up @@ -193,21 +188,6 @@ public function setCurrent($name)
return $this;
}

/**
* Set the authenticated user.
*
* @param \Arcanesoft\Contracts\Auth\Models\User $user
*
* @return self
*/
public function setUser(User $user = null)
{
if ( ! is_null($user))
$this->user = $user;

return $this;
}

/**
* Get the roles.
*
Expand Down Expand Up @@ -312,12 +292,11 @@ public static function make($name, $title, $url, $icon = null)
/**
* Make a Sidebar item from array.
*
* @param array $array
* @param \Arcanesoft\Contracts\Auth\Models\User $user
* @param array $array
*
* @return self
*/
public static function makeFromArray(array $array, User $user = null)
public static function makeFromArray(array $array)
{
$item = self::make(
$array['name'],
Expand All @@ -326,7 +305,6 @@ public static function makeFromArray(array $array, User $user = null)
Arr::get($array, 'icon', null)
);

$item->setUser($user);
$item->setRoles(Arr::get($array, 'roles', []));
$item->setPermissions(Arr::get($array, 'permissions', []));
$item->addChildren(Arr::get($array, 'children', []));
Expand Down Expand Up @@ -374,7 +352,7 @@ public function addChildren(array $children)
*/
public function addChild(array $child)
{
$item = self::makeFromArray($child, $this->user);
$item = self::makeFromArray($child);

if ($item->allowed())
$this->children->push($item);
Expand All @@ -386,6 +364,7 @@ public function addChild(array $child)
| Check Methods
| -----------------------------------------------------------------
*/

/**
* Check if the item is active one.
*
Expand Down Expand Up @@ -413,23 +392,28 @@ public function hasChildren()
*/
public function allowed()
{
if (is_null($this->user) || ( ! $this->hasRoles() && ! $this->hasPermissions()))
/** @var \Arcanesoft\Contracts\Auth\Models\User $user */
$user = auth()->user();

if (is_null($user) || ( ! $this->hasRoles() && ! $this->hasPermissions()))
return true;

if ($this->user->isAdmin())
if ($user->isAdmin())
return true;

foreach ($this->roles as $roleSlug) {
if ($this->user->hasRoleSlug($roleSlug))
if ($user->hasRoleSlug($roleSlug))
return true;
}

foreach ($this->permissions as $permissionSlug) {
if ($this->user->may($permissionSlug))
if ($user->may($permissionSlug))
return true;
}

return false;
return $this->children()->first(function (Item $child) {
return $child->allowed();
}, false);
}

/**
Expand All @@ -456,6 +440,7 @@ public function hasPermissions()
| Other Methods
| -----------------------------------------------------------------
*/

/**
* Get the instance as an array.
*
Expand Down
2 changes: 2 additions & 0 deletions src/Entities/ItemCollection.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ class ItemCollection extends Collection
| Getters & Setters
| -----------------------------------------------------------------
*/

/**
* Set the current name to the items collection.
*
Expand All @@ -32,6 +33,7 @@ public function setCurrent($currentName)
| Check Methods
| -----------------------------------------------------------------
*/

/**
* Check if the items collection has an active one.
*
Expand Down
22 changes: 9 additions & 13 deletions src/Manager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ class Manager implements ManagerContract
| Properties
| -----------------------------------------------------------------
*/

/**
* The view name.
*
Expand Down Expand Up @@ -49,19 +50,20 @@ class Manager implements ManagerContract
| Constructor
| -----------------------------------------------------------------
*/

/**
* Manager constructor.
*/
public function __construct()
{
$this->items = new ItemCollection;
$this->setAuthenticatedUser();
}

/* -----------------------------------------------------------------
| Getters & Setters
| -----------------------------------------------------------------
*/

/**
* Set the view name.
*
Expand Down Expand Up @@ -115,6 +117,7 @@ public function getItems()
| Main Methods
| -----------------------------------------------------------------
*/

/**
* Add a routed item.
*
Expand Down Expand Up @@ -155,9 +158,10 @@ public function addItem($name, $title, $url = '#', $icon = null)
*/
public function add(array $array)
{
$item = Item::makeFromArray($array, $this->user);
$item = Item::makeFromArray($array);

if ($item->allowed()) $this->items->push($item);
if ($item->allowed())
$this->items->push($item);

return $this;
}
Expand Down Expand Up @@ -217,6 +221,7 @@ public function render($view = null)
| Check Methods
| -----------------------------------------------------------------
*/

/**
* Check if the sidebar has items.
*
Expand All @@ -231,6 +236,7 @@ public function hasItems()
| Other Methods
| -----------------------------------------------------------------
*/

/**
* Sync the current name wih the sidebar items.
*
Expand All @@ -242,14 +248,4 @@ private function syncCurrentName()

return $this;
}

/**
* Get the authenticated user.
*/
private function setAuthenticatedUser()
{
if (auth()->guest()) return;

$this->user = auth()->user()->load(['roles', 'roles.permissions']);
}
}
4 changes: 4 additions & 0 deletions src/SidebarServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ class SidebarServiceProvider extends PackageServiceProvider
| Properties
| -----------------------------------------------------------------
*/

/**
* Vendor name.
*
Expand All @@ -32,6 +33,7 @@ class SidebarServiceProvider extends PackageServiceProvider
| Main Methods
| -----------------------------------------------------------------
*/

/**
* Register the service provider.
*/
Expand All @@ -48,6 +50,8 @@ public function register()
public function boot()
{
parent::boot();

//
}

/**
Expand Down

0 comments on commit f235636

Please sign in to comment.