banquise/pelican-panel-mirror
13
0
Fork 1
mirror of https://github.com/pelican-dev/panel.git synced 2025-10-31 03:16:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
pelican-panel-mirror/app/Services/Servers/GetUserPermissionsService.php
Boy132 8e006ac32d
Fix user permissions service (#1819)
2025-10-22 16:00:51 +02:00

44 lines
1.2 KiB
PHP
Raw Blame History

<?php
namespace App\Services\Servers;
use App\Models\Permission;
use App\Models\Server;
use App\Models\Subuser;
use App\Models\User;
class GetUserPermissionsService
{
/**
* Returns the server specific permissions that a user has. This checks
* if they are an admin, the owner or a subuser for the server. If no
* permissions are found, an empty array is returned.
*
* @return string[]
*/
public function handle(Server $server, User $user): array
{
$isOwner = $user->id === $server->owner_id;
$isAdmin = $user->isAdmin() && ($user->can('view', $server) || $user->can('update', $server));
if ($isOwner && !$isAdmin) {
return ['*'];
}
$adminPermissions = [
'admin.websocket.errors',
'admin.websocket.install',
'admin.websocket.transfer',
];
if ($isAdmin) {
return $isOwner || $user->can('update', $server) ? array_merge(['*'], $adminPermissions) : array_merge([Permission::ACTION_WEBSOCKET_CONNECT], $adminPermissions);
}
/** @var Subuser|null $subuser */
$subuser = $server->subusers()->where('user_id', $user->id)->first();
return $subuser->permissions ?? [];
}
}
Reference in New Issue View Git Blame Copy Permalink