Adds feature to manage direct permissions to user (apiato#685)

app/Containers/AppSection/Authorization/Actions/AttachPermissionsToUserAction.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Actions;
+
+use App\Containers\AppSection\Authorization\Tasks\AttachPermissionsToUserTask;
+use App\Containers\AppSection\Authorization\Tasks\FindPermissionTask;
+use App\Containers\AppSection\User\Models\User;
+use App\Containers\AppSection\Authorization\UI\API\Requests\AttachPermissionsToUserRequest;
+use App\Containers\AppSection\User\Tasks\FindUserByIdTask;
+use App\Ship\Parents\Actions\Action as ParentAction;
+
+class AttachPermissionsToUserAction extends ParentAction
+{
+    /**
+     * @param AttachPermissionsToUserRequest $request
+     * @return User
+     */
+    public function run(AttachPermissionsToUserRequest $request): User
+    {
+        $user = app(FindUserByIdTask::class)->run($request->id);
+
+        $permissionIds = (array)$request->permissions_ids;
+
+        $permissions = array_map(static function ($permissionId) {
+            return app(FindPermissionTask::class)->run($permissionId);
+        }, $permissionIds);
+
+        return app(AttachPermissionsToUserTask::class)->run($user, $permissions);
+    }
+}

app/Containers/AppSection/Authorization/Actions/DetachPermissionsFromUserAction.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Actions;
+
+use App\Containers\AppSection\Authorization\Tasks\DetachPermissionsFromRoleTask;
+use App\Containers\AppSection\Authorization\Tasks\DetachPermissionsFromUserTask;
+use App\Containers\AppSection\Authorization\Tasks\FindPermissionTask;
+use App\Containers\AppSection\Authorization\UI\API\Requests\DetachPermissionsFromUserRequest;
+use App\Containers\AppSection\User\Tasks\FindUserByIdTask;
+use App\Ship\Parents\Actions\Action as ParentAction;
+
+class DetachPermissionsFromUserAction extends ParentAction
+{
+    /**
+     * @param DetachPermissionsFromUserRequest $request
+     * @return \App\Containers\AppSection\User\Models\User
+     */
+    public function run(DetachPermissionsFromUserRequest $request)
+    {
+        $role = app(FindUserByIdTask::class)->run($request->id);
+
+        $permissions = array_map(static function ($permissionId) {
+            return app(FindPermissionTask::class)->run($permissionId);
+        }, $request->permissions_ids);
+
+        return app(DetachPermissionsFromUserTask::class)->run($role, $permissions);
+    }
+}

app/Containers/AppSection/Authorization/Actions/GetRolePermissionsAction.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Actions;
+
+use Apiato\Core\Exceptions\CoreInternalErrorException;
+use App\Containers\AppSection\Authorization\Tasks\FindRoleTask;
+use App\Containers\AppSection\Authorization\Tasks\GetAllRolesTask;
+use App\Containers\AppSection\Authorization\Tasks\GetRolePermissionsTask;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetAllRolesRequest;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetRolePermissionsRequest;
+use App\Ship\Parents\Actions\Action as ParentAction;
+use Prettus\Repository\Exceptions\RepositoryException;
+
+class GetRolePermissionsAction extends ParentAction
+{
+    /**
+     * @param GetRolePermissionsRequest $request
+     * @return mixed
+     */
+
+    public function run(GetRolePermissionsRequest $request): mixed
+    {
+        $role = app(FindRoleTask::class)->run($request->id);
+        return $role->permissions;
+    }
+}

app/Containers/AppSection/Authorization/Actions/GetUserPermissionsAction.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Actions;
+
+use Apiato\Core\Exceptions\CoreInternalErrorException;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserPermissionsRequest;
+use App\Containers\AppSection\User\Tasks\FindUserByIdTask;
+use App\Ship\Parents\Actions\Action as ParentAction;
+use Prettus\Repository\Exceptions\RepositoryException;
+
+class GetUserPermissionsAction extends ParentAction
+{
+    /**
+     * @param GetUserPermissionsRequest $request
+     * @return mixed
+     */
+    public function run(GetUserPermissionsRequest $request): mixed
+    {
+        $user = app(FindUserByIdTask::class)->run($request->id);
+        return $user->permissions;
+    }
+}

app/Containers/AppSection/Authorization/Actions/GetUserRolesAction.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Actions;
+
+use Apiato\Core\Exceptions\CoreInternalErrorException;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserRolesRequest;
+use App\Containers\AppSection\User\Tasks\FindUserByIdTask;
+use App\Ship\Parents\Actions\Action as ParentAction;
+use Prettus\Repository\Exceptions\RepositoryException;
+
+class GetUserRolesAction extends ParentAction
+{
+    /**
+     * @throws CoreInternalErrorException
+     * @throws RepositoryException
+     */
+    public function run(GetUserRolesRequest $request): mixed
+    {
+        $user = app(FindUserByIdTask::class)->run($request->id);
+        return $user->roles;
+    }
+}

app/Containers/AppSection/Authorization/Data/Seeders/AuthorizationPermissionsSeeder_1.php

@@ -17,6 +17,7 @@ public function run(): void
         $createPermissionTask = app(CreatePermissionTask::class);
         foreach (array_keys(config('auth.guards')) as $guardName) {
             $createPermissionTask->run('manage-roles', 'Create, Update, Delete, Get All, Attach/detach permissions to Roles and Get All Permissions.', guardName: $guardName);
+            $createPermissionTask->run('manage-permissions', 'Create, Update, Delete, Get All, Attach/detach permissions to User.', guardName: $guardName);
             $createPermissionTask->run('create-admins', 'Create new Users (Admins) from the dashboard.', guardName: $guardName);
             $createPermissionTask->run('manage-admins-access', 'Assign users to Roles.', guardName: $guardName);
             $createPermissionTask->run('access-dashboard', 'Access the admins dashboard.', guardName: $guardName);

app/Containers/AppSection/Authorization/Tasks/AttachPermissionsToUserTask.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Tasks;
+
+use App\Containers\AppSection\Authorization\Models\Permission;
+use App\Containers\AppSection\User\Models\User;
+use App\Ship\Parents\Tasks\Task as ParentTask;
+use Illuminate\Contracts\Auth\Authenticatable;
+
+class AttachPermissionsToUserTask extends ParentTask
+{
+    /**
+     * @param User $user
+     * @param array|int|string|Permission $permissions
+     * @return Authenticatable
+     */
+    public function run(User $user, Permission|array|int|string $permissions): Authenticatable
+    {
+        return $user->givePermissionTo($permissions);;
+    }
+}

app/Containers/AppSection/Authorization/Tasks/DetachPermissionsFromUserTask.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\Tasks;
+
+use App\Containers\AppSection\User\Models\User;
+use App\Ship\Parents\Tasks\Task as ParentTask;
+
+class DetachPermissionsFromUserTask extends ParentTask
+{
+    /**
+     * @param User $user
+     * @param array $permissions
+     * @return User
+     */
+    public function run(User $user, array $permissions): User
+    {
+        array_map(static function ($permission) use($user){
+            $user->revokePermissionTo($permission);
+        }, $permissions);
+
+        return $user;
+    }
+}

app/Containers/AppSection/Authorization/UI/API/Controllers/AttachPermissionsToUserController.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\UI\API\Controllers;
+
+use App\Containers\AppSection\Authorization\Actions\AttachPermissionsToUserAction;
+use App\Containers\AppSection\Authorization\UI\API\Requests\AttachPermissionsToUserRequest;
+use App\Containers\AppSection\User\UI\API\Transformers\UserTransformer;
+use App\Ship\Parents\Controllers\ApiController;
+
+class AttachPermissionsToUserController extends ApiController
+{
+    /**
+     * @param AttachPermissionsToUserRequest $request
+     * @return \App\Containers\AppSection\User\Models\User
+     */
+    public function attachPermissionsToUser(AttachPermissionsToUserRequest $request)
+    {
+        $user = app(AttachPermissionsToUserAction::class)->run($request);
+        return $this->transform($user, UserTransformer::class, ['permissions']);
+    }
+
+}

app/Containers/AppSection/Authorization/UI/API/Controllers/DetachPermissionsFromUserController.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\UI\API\Controllers;
+
+use App\Containers\AppSection\Authorization\Actions\DetachPermissionsFromUserAction;
+use App\Containers\AppSection\Authorization\UI\API\Requests\DetachPermissionsFromUserRequest;
+use App\Containers\AppSection\User\UI\API\Transformers\UserTransformer;
+use App\Ship\Parents\Controllers\ApiController;
+
+class DetachPermissionsFromUserController extends ApiController
+{
+    /**
+     * @param DetachPermissionsFromUserRequest $request
+     * @return \App\Containers\AppSection\User\Models\User
+     */
+    public function detachPermissionFromUser(DetachPermissionsFromUserRequest $request)
+    {
+        $user = app(DetachPermissionsFromUserAction::class)->run($request);
+        return $this->transform($user, UserTransformer::class, ['permissions']);
+    }
+}

app/Containers/AppSection/Authorization/UI/API/Controllers/GetRolePermissionsController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\UI\API\Controllers;
+
+use App\Containers\AppSection\Authorization\Actions\GetRolePermissionsAction;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetRolePermissionsRequest;
+use App\Containers\AppSection\Authorization\UI\API\Transformers\PermissionTransformer;
+use App\Ship\Parents\Controllers\ApiController;
+
+class GetRolePermissionsController extends ApiController
+{
+    /**
+     * @param GetRolePermissionsRequest $request
+     * @return mixed
+     * @throws \Apiato\Core\Exceptions\CoreInternalErrorException
+     * @throws \Prettus\Repository\Exceptions\RepositoryException
+     */
+    public function getRolePermissions(GetRolePermissionsRequest $request)
+    {
+        $permission = app(GetRolePermissionsAction::class)->run($request);
+        return $this->transform($permission, PermissionTransformer::class);
+    }
+}

app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserPermissionsController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\UI\API\Controllers;
+
+use App\Containers\AppSection\Authorization\Actions\GetUserPermissionsAction;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserPermissionsRequest;
+use App\Containers\AppSection\Authorization\UI\API\Transformers\PermissionTransformer;
+use App\Ship\Parents\Controllers\ApiController;
+
+class GetUserPermissionsController extends ApiController
+{
+    /**
+     * @param GetUserPermissionsRequest $request
+     * @return mixed
+     * @throws \Apiato\Core\Exceptions\CoreInternalErrorException
+     * @throws \Prettus\Repository\Exceptions\RepositoryException
+     */
+    public function getUserPermissions(GetUserPermissionsRequest $request)
+    {
+        $permission = app(GetUserPermissionsAction::class)->run($request);
+        return $this->transform($permission, PermissionTransformer::class);
+    }
+}

app/Containers/AppSection/Authorization/UI/API/Controllers/GetUserRolesController.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\UI\API\Controllers;
+
+use App\Containers\AppSection\Authorization\Actions\GetUserRolesAction;
+use App\Containers\AppSection\Authorization\UI\API\Requests\GetUserRolesRequest;
+use App\Containers\AppSection\Authorization\UI\API\Transformers\RoleTransformer;
+use App\Ship\Parents\Controllers\ApiController;
+
+class GetUserRolesController extends ApiController
+{
+    public function getUserRoles(GetUserRolesRequest $request)
+    {
+        $roles = app(GetUserRolesAction::class)->run($request);
+        return $this->transform($roles, RoleTransformer::class);
+    }
+
+}

app/Containers/AppSection/Authorization/UI/API/Requests/AttachPermissionsToUserRequest.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Containers\AppSection\Authorization\UI\API\Requests;
+
+use App\Ship\Parents\Requests\Request as ParentRequest;
+
+class AttachPermissionsToUserRequest extends ParentRequest
+{
+    /**
+     * Define which Roles and/or Permissions has access to this request.
+     */
+    protected array $access = [
+        'permissions' => 'manage-permissions',
+        'roles' => '',
+    ];
+
+    /**
+     * Id's that needs decoding before applying the validation rules.
+     */
+    protected array $decode = [
+        'id',
+    ];
+
+    /**
+     * Defining the URL parameters (e.g, `/user/{id}`) allows applying
+     * validation rules on them and allows accessing them like request data.
+     */
+    protected array $urlParameters = [
+        'id',
+    ];
+
+    /**
+     * Get the validation rules that apply to the request.
+     */
+    public function rules(): array
+    {
+        return [
+            'permissions_ids' => 'required'
+        ];
+    }
+
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return $this->check([
+            'hasAccess',
+        ]);
+    }
+}