banquise/pelican-panel-mirror
3
0
Fork 1
mirror of https://github.com/pelican-dev/panel.git synced 2025-05-20 00:34:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update API for roles (#611)

Browse Source 
* remove `guard_name` from api and add id to transformer

* disallow update/ delete for root admin role via api

* disallow assigning root admin via api

* add api to remove user roles

* fix assignRoles & removeRoles
This commit is contained in:
Boy132 2024-10-08 23:46:28 +02:00 committed by GitHub
parent e23a4a667a
commit 3ec90264bd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 43 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/Http/Controllers/Api/Application/Roles/RoleController.php
View File

@ -2,6 +2,7 @@
namespace App\Http\Controllers\Api\Application\Roles; namespace App\Http\Controllers\Api\Application\Roles;
use App\Exceptions\PanelException;
use Illuminate\Http\Response; use Illuminate\Http\Response;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use App\Models\Role; use App\Models\Role;
@ -21,8 +22,8 @@ class RoleController extends ApplicationApiController
public function index(GetRoleRequest $request): array public function index(GetRoleRequest $request): array
{ {
$roles = QueryBuilder::for(Role::query()) $roles = QueryBuilder::for(Role::query())
->allowedFilters(['name']) ->allowedFilters(['id', 'name'])
->allowedSorts(['name']) ->allowedSorts(['id', 'name'])
->paginate($request->query('per_page') ?? 10); ->paginate($request->query('per_page') ?? 10);
return $this->fractal->collection($roles) return $this->fractal->collection($roles)
@ -67,6 +68,10 @@ class RoleController extends ApplicationApiController
*/ */
public function update(UpdateRoleRequest $request, Role $role): array public function update(UpdateRoleRequest $request, Role $role): array
{ {
if ($role->isRootAdmin()) {
throw new PanelException('Can\'t update root admin role!');
}
$role->update($request->validated()); $role->update($request->validated());
return $this->fractal->item($role) return $this->fractal->item($role)
@ -81,6 +86,10 @@ class RoleController extends ApplicationApiController
*/ */
public function delete(DeleteRoleRequest $request, Role $role): Response public function delete(DeleteRoleRequest $request, Role $role): Response
{ {
if ($role->isRootAdmin()) {
throw new PanelException('Can\'t delete root admin role!');
}
$role->delete(); $role->delete();
return $this->returnNoContent(); return $this->returnNoContent();

30
app/Http/Controllers/Api/Application/Users/UserController.php
View File

@ -14,6 +14,7 @@ use App\Http\Requests\Api\Application\Users\DeleteUserRequest;
use App\Http\Requests\Api\Application\Users\UpdateUserRequest; use App\Http\Requests\Api\Application\Users\UpdateUserRequest;
use App\Http\Controllers\Api\Application\ApplicationApiController; use App\Http\Controllers\Api\Application\ApplicationApiController;
use App\Http\Requests\Api\Application\Users\AssignUserRolesRequest; use App\Http\Requests\Api\Application\Users\AssignUserRolesRequest;
use App\Models\Role;
class UserController extends ApplicationApiController class UserController extends ApplicationApiController
{ {
@ -79,9 +80,34 @@ class UserController extends ApplicationApiController
/** /**
* Assign roles to a user. * Assign roles to a user.
*/ */
public function roles(AssignUserRolesRequest $request, User $user): array public function assignRoles(AssignUserRolesRequest $request, User $user): array
{ {
$user->syncRoles($request->input('roles')); foreach ($request->input('roles') as $role) {
if ($role === Role::getRootAdmin()->id) {
continue;
}
$user->assignRole($role);
}
$response = $this->fractal->item($user)
->transformWith($this->getTransformer(UserTransformer::class));
return $response->toArray();
}
/**
* Removes roles from a user.
*/
public function removeRoles(AssignUserRolesRequest $request, User $user): array
{
foreach ($request->input('roles') as $role) {
if ($role === Role::getRootAdmin()->id) {
continue;
}
$user->removeRole($role);
}
$response = $this->fractal->item($user) $response = $this->fractal->item($user)
->transformWith($this->getTransformer(UserTransformer::class)); ->transformWith($this->getTransformer(UserTransformer::class));

1
app/Http/Requests/Api/Application/Roles/StoreRoleRequest.php
View File

@ -15,7 +15,6 @@ class StoreRoleRequest extends ApplicationApiRequest
{ {
return [ return [
'name' => 'required|string', 'name' => 'required|string',
'guard_name' => 'nullable|string',
]; ];
} }
} }

2
app/Http/Requests/Api/Application/Users/AssignUserRolesRequest.php
View File

@ -11,7 +11,7 @@ class AssignUserRolesRequest extends StoreUserRequest
{ {
return [ return [
'roles' => 'array', 'roles' => 'array',
'roles.*' => 'string', 'roles.*' => 'int',
]; ];
} }
} }

1
app/Transformers/Api/Application/RolePermissionTransformer.php
View File

@ -15,7 +15,6 @@ class RolePermissionTransformer extends BaseTransformer
{ {
return [ return [
'name' => $model->name, 'name' => $model->name,
'guard_name' => $model->guard_name,
'created_at' => $model->created_at->toAtomString(), 'created_at' => $model->created_at->toAtomString(),
'updated_at' => $model->updated_at->toAtomString(), 'updated_at' => $model->updated_at->toAtomString(),
]; ];

2
app/Transformers/Api/Application/RoleTransformer.php
View File

@ -26,8 +26,8 @@ class RoleTransformer extends BaseTransformer
public function transform(Role $model): array public function transform(Role $model): array
{ {
return [ return [
'id' => $model->id,
'name' => $model->name, 'name' => $model->name,
'guard_name' => $model->guard_name,
'created_at' => $model->created_at->toAtomString(), 'created_at' => $model->created_at->toAtomString(),
'updated_at' => $model->updated_at->toAtomString(), 'updated_at' => $model->updated_at->toAtomString(),
]; ];

3
routes/api-application.php
View File

@ -19,7 +19,8 @@ Route::prefix('/users')->group(function () {
Route::post('/', [Application\Users\UserController::class, 'store']); Route::post('/', [Application\Users\UserController::class, 'store']);
Route::patch('/{user:id}', [Application\Users\UserController::class, 'update']); Route::patch('/{user:id}', [Application\Users\UserController::class, 'update']);
Route::patch('/{user:id}/roles', [Application\Users\UserController::class, 'roles']); Route::patch('/{user:id}/roles/assign', [Application\Users\UserController::class, 'assignRoles']);
Route::patch('/{user:id}/roles/remove', [Application\Users\UserController::class, 'removeRoles']);
Route::delete('/{user:id}', [Application\Users\UserController::class, 'delete']); Route::delete('/{user:id}', [Application\Users\UserController::class, 'delete']);
}); });