Added authorizations with roles and permissions.

Author: szabizs

.gitignore

@@ -15,4 +15,5 @@ yarn-error.log
 
 # Project exclude paths
 /storage/app/
-/storage/framework/
+/storage/framework/
+/package-lock.json

app/Http/Controllers/Admin/PermissionsResourceController.php

@@ -0,0 +1,118 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Admin\StorePermissionRequest;
+use App\Http\Requests\Admin\UpdatePermissionRequest;
+use App\Models\Permission;
+use App\Models\User;
+use Illuminate\Support\Facades\Redirect;
+use Inertia\Inertia;
+use stdClass;
+
+class PermissionsResourceController extends Controller
+{
+	public function index()
+	{
+		return Inertia::render('Admin/Permissions', [
+            'filters' => \Illuminate\Support\Facades\Request::all('search', 'trashed'),
+            'permissions' =>
+                Permission::query()
+                    ->orderBy('name','ASC')
+                    ->filter(\Illuminate\Support\Facades\Request::only('search', 'trashed'))
+                    ->paginate(5)
+                    ->withQueryString()
+                    ->through(fn ($permission) => [
+                        'id' => $permission->id,
+                        'name' => $permission->name,
+                        'deleted_at' => $permission->deleted_at
+                    ]),
+        ]);
+	}
+
+	public function create()
+	{
+		return Inertia::render('Admin/NewPermission');
+	}
+
+	public function store(StorePermissionRequest $request)
+	{
+        Permission::create([
+            'name' => $request->name,
+        ]);
+
+        return Redirect::route('admin.permissions.index')->with('success', 'Permission has been created.');
+	}
+
+	public function show(Permission $permission)
+	{
+
+        $usersWithPermissions = $this->getUsersWithPermissions();
+        $permissionWithUsers = $this->getPermissionWithUsers($permission);
+
+		return Inertia::render('Admin/Permission', [
+            'permission' => $permissionWithUsers,
+            'users' => $usersWithPermissions,
+        ]);
+	}
+
+	public function edit($id)
+	{
+		//
+	}
+
+	public function update(UpdatePermissionRequest $request, Permission $permission)
+	{
+        $permission->update(['name' => $request->get('name')]);
+		$permission->users()->sync($request->get('users'));
+        return Redirect::route('admin.permissions.show', $permission)->with('success', 'Permission has been successfully updated.');
+	}
+
+	public function destroy(Permission $permission)
+	{
+        $permission->delete();
+        return Redirect::route('admin.permissions.index')->with('success', 'Permission has been successfully deleted.');
+	}
+
+    private function getUsersWithPermissions()
+    {
+        $collection = collect();
+        User::query()->select(['name','email','id'])->with(['permissions' => function($permission) {
+            $permission->select(['id']);
+        }])->get()->map(function($user) use(&$collection) {
+            $data = new stdClass();
+            $data->id = $user->id;
+            $data->name = $user->name;
+            $data->permissions = collect();
+
+            if($user->permissions->count() > 0) {
+                foreach($user->permissions as $permission) {
+                    $data->permissions->push($permission->id);
+                }
+            }
+
+            $collection->push($data);
+        });
+
+        return $collection->sortBy('name')->values();
+    }
+
+    private function getPermissionWithUsers(Permission $permission)
+    {
+        $alteredPermission = new stdClass();
+        $alteredPermission->id = $permission->id;
+        $alteredPermission->name = $permission->name;
+        $alteredPermission->users = collect();
+
+        $permission->load('users');
+
+        if($permission->users->count() > 0) {
+            foreach($permission->users as $user) {
+                $alteredPermission->users->push($user->id);
+            }
+        }
+
+        return $alteredPermission;
+    }
+}

app/Http/Controllers/Admin/RolesResourceController.php

@@ -0,0 +1,128 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Admin\StoreRoleRequest;
+use App\Http\Requests\Admin\UpdateRoleRequest;
+use App\Http\Requests\Admin\UpdateRoleRequestUpdatePermissionRequest;
+use App\Models\Role;
+use App\Models\User;
+use Illuminate\Support\Facades\Redirect;
+use Inertia\Inertia;
+use Spatie\Permission\Models\Permission;
+use stdClass;
+
+class RolesResourceController extends Controller
+{
+	public function index()
+	{
+		return Inertia::render('Admin/Roles', [
+            'filters' => \Illuminate\Support\Facades\Request::all('search', 'trashed'),
+            'roles' =>
+                Role::query()
+                    ->orderBy('name','ASC')
+                    ->filter(\Illuminate\Support\Facades\Request::only('search', 'trashed'))
+                    ->paginate(5)
+                    ->withQueryString()
+                    ->through(fn ($role) => [
+                        'id' => $role->id,
+                        'name' => $role->name,
+                    ]),
+        ]);
+	}
+
+	public function create()
+	{
+		return Inertia::render('Admin/NewRole',[
+            'permissions' => Permission::query()->select(['name','id'])->get(),
+        ]);
+	}
+
+	public function store(StoreRoleRequest $request)
+	{
+        $role = Role::create([
+            'name' => $request->name,
+        ]);
+
+        if($request->has('permissions') && count($request->get('permissions')) > 0) {
+            $role->syncPermissions($request->get('permissions'));
+        }
+
+        return Redirect::route('admin.roles.index')->with('success', 'Role has been created.');
+	}
+
+	public function show(Role $role)
+	{
+
+        $usersWithRoles = $this->getUsersWithRoles();
+        $roleWithUsers = $this->getRolesWithUsers($role);
+
+		return Inertia::render('Admin/Role', [
+            'role' => $roleWithUsers,
+            'users' => $usersWithRoles,
+            'rolePermissions' => $role->getAllPermissions()->pluck('id'),
+            'allPermissions' => Permission::query()->select(['name','id'])->get(),
+        ]);
+	}
+
+	public function edit($id)
+	{
+		//
+	}
+
+	public function update(UpdateRoleRequest $request, Role $role)
+	{
+        $role->update(['name' => $request->get('name')]);
+		$role->users()->sync($request->get('users'));
+        $role->syncPermissions($request->get('permissions'));
+        return Redirect::route('admin.roles.show', $role)->with('success', 'Role has been successfully updated.');
+	}
+
+	public function destroy(Role $role)
+	{
+        $role->delete();
+        return Redirect::route('admin.roles.index')->with('success', 'Role has been successfully deleted.');
+	}
+
+    private function getUsersWithRoles()
+    {
+        $collection = collect();
+        User::query()->select(['name','email','id'])->with(['roles' => function($permission) {
+            $permission->select(['id']);
+        }])->get()->map(function($user) use(&$collection) {
+            $data = new stdClass();
+            $data->id = $user->id;
+            $data->name = $user->name;
+            $data->roles = collect();
+
+            if($user->roles->count() > 0) {
+                foreach($user->roles as $permission) {
+                    $data->roles->push($permission->id);
+                }
+            }
+
+            $collection->push($data);
+        });
+
+        return $collection->sortBy('name')->values();
+    }
+
+    private function getRolesWithUsers(Role $role)
+    {
+        $alteredRole = new stdClass();
+        $alteredRole->id = $role->id;
+        $alteredRole->name = $role->name;
+        $alteredRole->users = collect();
+
+        $role->load('users');
+
+        if($role->users->count() > 0) {
+            foreach($role->users as $user) {
+                $alteredRole->users->push($user->id);
+            }
+        }
+
+        return $alteredRole;
+    }
+}

app/Http/Controllers/Admin/UserResourceController.php

@@ -0,0 +1,98 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Admin\StoreUserRequest;
+use App\Http\Requests\Admin\UpdateUserRequest;
+use App\Models\Role;
+use App\Models\User;
+use Illuminate\Auth\Events\Registered;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Redirect;
+use Inertia\Inertia;
+use Spatie\Permission\Models\Permission;
+
+class UserResourceController extends Controller
+{
+	public function index()
+	{
+        $users = User::filter(\Illuminate\Support\Facades\Request::only('search', 'trashed'))->orderByName()->get(['id', 'name', 'email','deleted_at']);
+        return Inertia::render('Admin/Users', [
+            'filters' => \Illuminate\Support\Facades\Request::all('search', 'trashed'),
+            'users' => $users
+        ]);
+	}
+
+	public function store(StoreUserRequest $request)
+	{
+        $user = User::create([
+            'name' => $request->name,
+            'email' => $request->email,
+            'password' => Hash::make($request->password),
+        ]);
+
+        event(new Registered($user));
+
+        return Redirect::route('admin.users.index')->with('success', 'User has been created.');
+	}
+
+    public function create() {
+        return Inertia::render('Admin/NewUser');
+    }
+
+	public function show($id)
+	{
+        $user = User::find($id);
+		return Inertia::render('Admin/User', [
+            'user' => $user,
+            'userRoles' => $user->getAllRoles()->pluck('id'),
+            'userPermissions' => $user->getAllPermissions()->pluck('id'),
+            'allRoles' => Role::query()->select(['name','id'])->get(),
+            'allPermissions' => Permission::query()->select(['name','id'])->get(),
+        ]);
+	}
+
+    public function edit($id)
+	{
+        $user = User::find($id);
+		return Inertia::render('Admin/User', [
+            'user' => $user,
+            'userRoles' => $user->getAllRoles()->pluck('id'),
+            'userPermissions' => $user->getAllPermissions()->pluck('id'),
+            'allRoles' => Role::query()->select(['name','id'])->get(),
+            'allPermissions' => Permission::query()->select(['name','id'])->get(),
+        ]);
+	}
+
+	public function update(UpdateUserRequest $request, User $user)
+	{
+		$hasPassword = !is_null($request->get('password'));
+
+        if($hasPassword) {
+            $user->update([
+                'name' => $request->get('name'),
+                'email' => $request->get('email'),
+                'password' => Hash::make($request->get('password'))
+            ]);
+        }
+
+        if(!$hasPassword) {
+            $user->update([
+                'name' => $request->get('name'),
+                'email' => $request->get('email'),
+            ]);
+        }
+
+        $user->syncRoles($request->get('roles'));
+        $user->syncPermissions($request->get('permissions'));
+
+        return Redirect::route('admin.users.show', $user)->with('success', 'User has been successfully updated.');
+	}
+
+	public function destroy(User $user)
+	{
+        $user->delete();
+        return Redirect::route('admin.users.index')->with('success', 'User has been successfully deleted.');
+	}
+}

app/Http/Controllers/Admin/UserTokenGeneratorController.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Support\Facades\Redirect;
+
+class UserTokenGeneratorController extends Controller
+{
+	public function __invoke(User $user)
+	{
+        try {
+            $user->tokens()->delete();
+            $token = $user->createToken($user->email);
+            $user->update([
+                'api_token' => $token->plainTextToken
+            ]);
+        } catch(\Exception $e) {
+            dd($e->getMessage());
+        }
+
+        return Redirect::route('admin.users.show', $user)->with(['success', 'Token has been created: '.$token->plainTextToken]);
+	}
+}

app/Http/Kernel.php

@@ -59,6 +59,9 @@ class Kernel extends HttpKernel
         'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can' => \Illuminate\Auth\Middleware\Authorize::class,
+        'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class,
+        'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,
+        'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
         'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,