191 lines
5.2 KiB
PHP
191 lines
5.2 KiB
PHP
<?php
|
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Http\Controllers\Helpers\Permissions;
|
|
|
|
use App\Enums\UserTypes;
|
|
use Hypervel\Http\Request;
|
|
use App\Models\User;
|
|
use Hypervel\Support\Facades\Auth;
|
|
use App\Enums\UserActions;
|
|
use App\Http\Controllers\Helpers\QueryHelper;
|
|
use App\Models\Market\Product;
|
|
use App\Models\Market\Store;
|
|
use Exception;
|
|
|
|
class ProductPermissions
|
|
{
|
|
|
|
|
|
public static function isModificationAllowed()
|
|
{
|
|
|
|
}
|
|
|
|
public static function isCreationAllowed()
|
|
{
|
|
|
|
}
|
|
|
|
|
|
public static function isActionAllowed(
|
|
UserActions $userAction,
|
|
Product|string|int|null $productHashorID = null,
|
|
Store|string|int|null $storeHashorID = null
|
|
): bool {
|
|
try {
|
|
$acct_type = Auth::user()->acct_type;
|
|
} catch (Exception $e) {
|
|
return false;
|
|
}
|
|
|
|
$defaultRoles = ProductPermissionsDefinition::getAllowedUserTypesAction($acct_type);
|
|
$additionalRoles = UserPermissions::isUserAllowedbyAdditionalRoles($userAction);
|
|
$deniedRoles = UserPermissions::isUserDeniedRoles($userAction);
|
|
|
|
if ($deniedRoles) {
|
|
return false;
|
|
}
|
|
|
|
if (!in_array($userAction, $defaultRoles, true) && !$additionalRoles) {
|
|
return false;
|
|
}
|
|
|
|
if (!ProductPermissionsDefinition::doesActionRequireDirectChildren($userAction)) {
|
|
return true;
|
|
}
|
|
|
|
if (!$storeHashorID && !$productHashorID) {
|
|
return false;
|
|
}
|
|
|
|
$store = null;
|
|
$product = null;
|
|
|
|
if ($storeHashorID) {
|
|
$store = QueryHelper::findOrNullByHashOrId($storeHashorID, Store::class);
|
|
}
|
|
|
|
if ($productHashorID) {
|
|
$product = QueryHelper::findOrNullByHashOrId($productHashorID, Product::class);
|
|
}
|
|
|
|
if (!$store && !$product) {
|
|
return false;
|
|
}
|
|
|
|
// Determine store from product if needed
|
|
if (!$store && $product) {
|
|
$store = $product->store ?? null;
|
|
}
|
|
|
|
if (!$store) {
|
|
return false;
|
|
}
|
|
|
|
$storeOwner = $store->owner;
|
|
if ($storeOwner && UserPermissions::isDescendantOfCurrentUser($storeOwner)) {
|
|
return true;
|
|
}
|
|
|
|
// Check all managers in the new store_managers table
|
|
$managerIds = $store->managerUsers()->pluck('users.id')->toArray();
|
|
foreach ($managerIds as $managerId) {
|
|
if (UserPermissions::isDescendantOfCurrentUser($managerId)) {
|
|
return true;
|
|
}
|
|
}
|
|
|
|
// Legacy manager check
|
|
if ($store->manager_id && UserPermissions::isDescendantOfCurrentUser($store->manager_id)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
class ProductPermissionsDefinition
|
|
{
|
|
|
|
public static function getAllowedUserTypesAction(UserTypes $currentUserType)
|
|
{
|
|
return match ($currentUserType) {
|
|
UserTypes::ULTIMATE => UserActions::cases(),
|
|
|
|
UserTypes::SUPER_OPERATOR => [
|
|
UserActions::CreateStoreforSelf,
|
|
UserActions::CreateStoreGlobal,
|
|
UserActions::ModifyAllStores,
|
|
UserActions::ModifyOwnStore,
|
|
UserActions::CreateProductGlobal,
|
|
UserActions::CreateProductForOwnStore,
|
|
UserActions::CreateProductforSelf,
|
|
UserActions::ModifyAllProducts,
|
|
UserActions::ModifyOwnProduct,
|
|
UserActions::AddProducttoOwnStore,
|
|
UserActions::AddProducttoAnyStore,
|
|
UserActions::RemoveProductfromAnyStore,
|
|
],
|
|
|
|
UserTypes::OPERATOR => [
|
|
UserActions::CreateStoreforSelf,
|
|
UserActions::CreateStoreGlobal,
|
|
UserActions::ModifyAllStores,
|
|
UserActions::ModifyOwnStore,
|
|
UserActions::CreateProductGlobal,
|
|
UserActions::CreateProductForOwnStore,
|
|
UserActions::CreateProductforSelf,
|
|
UserActions::ModifyAllProducts,
|
|
UserActions::ModifyOwnProduct,
|
|
UserActions::AddProducttoOwnStore,
|
|
UserActions::AddProducttoAnyStore,
|
|
UserActions::RemoveProductfromAnyStore,
|
|
],
|
|
|
|
UserTypes::STORE_OWNER => [
|
|
UserActions::ModifyOwnStore,
|
|
UserActions::ModifyOwnProduct,
|
|
UserActions::AddProducttoOwnStore,
|
|
UserActions::CreateProductForOwnStore,
|
|
],
|
|
|
|
UserTypes::STORE_MANAGER => [
|
|
UserActions::ModifyOwnProduct,
|
|
UserActions::AddProducttoOwnStore,
|
|
UserActions::CreateProductForOwnStore,
|
|
],
|
|
|
|
default => [],
|
|
};
|
|
}
|
|
|
|
public static function doesActionRequireDirectChildren(UserActions $userAction)
|
|
{
|
|
return match ($userAction) {
|
|
UserActions::CreateStoreforSelf => true,
|
|
UserActions::CreateStoreGlobal => false,
|
|
UserActions::ModifyAllStores => false,
|
|
UserActions::ModifyOwnStore => true,
|
|
UserActions::CreateProductGlobal => false,
|
|
UserActions::CreateProductforSelf => true,
|
|
UserActions::ModifyAllProducts => false,
|
|
UserActions::ModifyOwnProduct => true,
|
|
UserActions::AddProducttoOwnStore=>true,
|
|
UserActions::AddProducttoAnyStore=>false,
|
|
UserActions::RemoveProductfromAnyStore=>false,
|
|
default => false,
|
|
};
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
} |