Integrating Authority package with filter & macro

composer.json

@@ -16,7 +16,8 @@
         "patricktalmadge/bootstrapper": "dev-develop",
         "tsukanov/steam-locomotive": "dev-master",
         "lightopenid/lightopenid": "dev-master",
-        "zeropingheroes/steam-browser-protocol": "dev-dev"
+        "zeropingheroes/steam-browser-protocol": "dev-dev",
+        "machuga/authority-l4" : "dev-master"
     },
     "autoload": {
         "classmap": [

src/Zeropingheroes/LanagerCore/LanagerCoreServiceProvider.php

@@ -2,6 +2,8 @@
 
 use Illuminate\Support\ServiceProvider;
 use Config;
+use Authority\Authority;
+
 
 class LanagerCoreServiceProvider extends ServiceProvider {
 
@@ -26,6 +28,7 @@ public function boot()
 		$this->app->register('Zeropingheroes\SteamBrowserProtocol\SteamBrowserProtocolServiceProvider');
 
 		include __DIR__.'/../../routes.php';
+		include __DIR__.'/../../filters.php';
 		include __DIR__.'/../../composers.php';
 		include __DIR__.'/../../macros.php';
 		include __DIR__.'/../../bindings.php';
@@ -73,6 +76,22 @@ public function register()
 			$loader->alias('Thumbnail'				,'Bootstrapper\Thumbnail');
 			$loader->alias('Typeahead'				,'Bootstrapper\Typeahead');
 			$loader->alias('Typography'				,'Bootstrapper\Typography');
+			$loader->alias('Authority'				,'Authority\AuthorityL4\Facades\Authority');
+		});
+
+		// Initialise authority with its own config file
+		$this->app['authority'] = $this->app->share(function($app)
+		{
+			$user = $app['auth']->user();
+			$authority = new Authority($user);
+			$fn = $app['config']->get('lanager-core::authority.initialize', null);
+
+			if($fn)
+			{
+				$fn($authority);
+			}
+
+			return $authority;
 		});
 
 	}

src/Zeropingheroes/LanagerCore/Models/Permission.php

@@ -0,0 +1,9 @@
+<?php
+namespace Zeropingheroes\LanagerCore\Models;
+
+use Illuminate\Auth\UserInterface;
+
+class Permission extends BaseModel
+{
+	//
+}

src/Zeropingheroes/LanagerCore/Models/Role.php

@@ -0,0 +1,9 @@
+<?php
+namespace Zeropingheroes\LanagerCore\Models;
+
+use Illuminate\Auth\UserInterface;
+
+class Role extends BaseModel
+{
+	//
+}

src/Zeropingheroes/LanagerCore/Models/User.php

@@ -3,7 +3,8 @@
 
 use Illuminate\Auth\UserInterface;
 
-class User extends BaseModel implements UserInterface {
+class User extends BaseModel implements UserInterface
+{
 
 	/**
 	 * The database table used by the model.
@@ -39,4 +40,26 @@ public function getAuthPassword()
 		return $this->password;
 	}
 
+	public function roles()
+	{
+		return $this->belongsToMany('Zeropingheroes\LanagerCore\Models\Role');
+	}
+
+	public function permissions()
+	{
+		return $this->hasMany('Zeropingheroes\LanagerCore\Models\Permission');
+	}
+
+	public function hasRole($key) 
+	{
+		foreach($this->roles as $role)
+		{
+			if($role->name === $key)
+			{
+			return true;
+			}
+		}
+		return false;
+	}
+
 }

src/config/authority.php

@@ -0,0 +1,31 @@
+<?php
+
+return array(
+
+	'initialize' => function($authority)
+	{
+		// Allowed verbs:   create, read, update, delete
+		// Allowed aliases: manage
+
+		// Add an alias for full resourceful CRUD
+		$authority->addAlias('manage', array('create', 'read', 'update', 'delete'));
+
+		// Get the currently logged in user
+		$user = $authority->getCurrentUser();
+
+		// If there is a user currently logged in, assign permissions based on roles
+		if( is_object($user) )
+		{
+			if( $user->hasRole('SuperAdmin') ) 
+			{
+				$authority->allow('manage', 'all');
+			}
+
+			if( $user->hasRole('InfoPageAdmin') ) 
+			{
+				$authority->allow('manage', 'InfoPage');
+			}
+
+		}
+	}
+);

src/controllers/InfoPageController.php

@@ -7,6 +7,13 @@
 
 class InfoPageController extends BaseController {
 
+
+	public function __construct()
+	{
+		// Check if user can access requested method
+		$this->beforeFilter('authority',array('only' => array('create', 'store', 'edit', 'update', 'destroy') ));
+	}
+
 	/**
 	 * Display a listing of the resource.
 	 *
@@ -51,10 +58,10 @@ public function store()
 
 		if(!$infoPage->save())
 		{
-			return Redirect::route('info.create')->withErrors($infoPage->errors());
+			return Redirect::route('infoPage.create')->withErrors($infoPage->errors());
 		}
 
-		return Redirect::route('info.show',array('info' => $infoPage->id));
+		return Redirect::route('infoPage.show',array('infoPage' => $infoPage->id));
 	}
 
 	/**
@@ -106,10 +113,10 @@ public function update($id)
 
 		if(!$infoPage->save())
 		{
-			return Redirect::route('info.edit',array('info' => $infoPage->id))->withErrors($infoPage->errors());
+			return Redirect::route('infoPage.edit',array('infoPage' => $infoPage->id))->withErrors($infoPage->errors());
 		}
 
-		return Redirect::route('info.show',array('info' => $infoPage->id));
+		return Redirect::route('infoPage.show',array('infoPage' => $infoPage->id));
 
 	}
 
@@ -122,7 +129,7 @@ public function update($id)
 	public function destroy($id)
 	{
 		InfoPage::destroy($id);
-		return Redirect::route('info.index');
+		return Redirect::route('infoPage.index');
 
 	}
 

src/filters.php

@@ -0,0 +1,27 @@
+<?php
+
+/*
+|--------------------------------------------------------------------------
+| Filters
+|--------------------------------------------------------------------------
+*/
+
+Route::filter('authority', function($route, $request)
+{
+	// Get request details
+	$routeName = explode('.', Route::currentRouteName());
+	$resource = $routeName[0];
+	$action = $routeName[1];
+	$item = $route->getParameter($resource);
+
+	// Replace laravel-style route action names with their CRUD equivalents
+	$actionsToReplace = array('store', 'show', 'index', 'edit', 'destroy');
+	$replaceWithAction = array('create', 'read', 'read', 'update', 'delete');
+	$action = str_replace($actionsToReplace, $replaceWithAction, $action);
+
+	// Check if user is forbidden from performing $action on $resource $item
+	if(Authority::cannot($action, $resource, $item))
+	{
+		return App::abort(403, 'You do not have permission to '.$action.' '.$resource.' '.$item);
+	}
+});

src/macros.php

@@ -21,6 +21,31 @@
 	}
 });
 
+// Update and/or delete buttons for priviledged users
+HTML::macro('resourceButtons', function($resourceName,$itemId)
+{
+	// For users who can update, generate a button
+	$updateButton = ( Authority::can('update',$resourceName) ? Button::link(route($resourceName.'.edit', array($resourceName => $itemId)), 'Edit') : '' );
+
+	// For users who can delete, generate a button
+	if( Authority::can('delete',$resourceName) )
+	{
+		$output = Form::open(array('route' => array($resourceName.'.destroy', $itemId), 'method' => 'DELETE', 'data-confirm' => 'Are you sure?'));
+		$output .= Form::actions( array(
+			// Insert the update button (will be an empty var for users who can't update)
+			$updateButton,
+			Button::danger_submit('Delete'))
+			);
+		$output .= Form::close();
+	}
+	else
+	{
+		$output = $updateButton;
+	}
+	return $output;
+
+});
+
 /*
 |--------------------------------------------------------------------------
 | Application Form Macros

src/routes.php

@@ -26,13 +26,13 @@
 
 
 
-// Info
-Route::resource('info', 'Zeropingheroes\LanagerCore\InfoPageController');
+// Info Page
+Route::resource('infoPage', 'Zeropingheroes\LanagerCore\InfoPageController');
 
 
 
 // Default
 Route::get('/', function()
 {
-	return Redirect::to('info');
+	return Redirect::to('infoPage');
 });

src/seeds/LanagerSeeder.php

@@ -1,7 +1,8 @@
 <?php
 
 use Illuminate\Database\Seeder,
-Zeropingheroes\LanagerCore\Models\InfoPage;
+Zeropingheroes\LanagerCore\Models\InfoPage,
+Zeropingheroes\LanagerCore\Models\Role;
 
 class LanagerSeeder extends Seeder {
 
@@ -15,6 +16,7 @@ public function run()
 		Eloquent::unguard();
 
 		$this->call('InfoPageTableSeeder');
+		$this->call('RolesTableSeeder');
 	}
 
 }
@@ -41,4 +43,25 @@ public function run()
 
     }
 
-}
+}
+
+
+class RolesTableSeeder extends Seeder {
+
+    public function run()
+    {
+
+        DB::table('roles')->delete(); // Empty before we seed
+
+        $roles = array(
+        	array('name' => 'SuperAdmin'),
+        	array('name' => 'InfoPageAdmin'),
+        	);
+
+        foreach($roles as $role)
+        {
+	        Role::create($role);
+        }
+	}
+}
+

src/views/InfoPage/create.blade.php

@@ -3,7 +3,7 @@
 
 <h3>Create Info Page</h3>
 
-{{ Form::model($infoPage, array('route' => 'info.store', 'info' => $infoPage->id)) }}
+{{ Form::model($infoPage, array('route' => 'infoPage.store', 'info' => $infoPage->id)) }}
 
 @include('lanager-core::infoPage.form')
 

src/views/InfoPage/edit.blade.php

@@ -3,7 +3,7 @@
 
 <h3>Edit Info Page</h3>
 
-{{ Form::model($infoPage, array('route' => array('info.update', $infoPage->id), 'method' => 'PUT')) }}
+{{ Form::model($infoPage, array('route' => array('infoPage.update', $infoPage->id), 'method' => 'PUT')) }}
 
 @include('lanager-core::infoPage.form')
 

src/views/InfoPage/index.blade.php

@@ -7,6 +7,8 @@
 	@include('lanager-core::infoPage.list')
 </ul>
 <br>
-{{ Button::link(route('info.create'), 'Create') }}
+@if( Authority::can('create','InfoPage') )
+	{{ Button::link(route('infoPage.create'), 'Create') }}
+@endif
 
 @endsection

src/views/InfoPage/list.blade.php

@@ -1,5 +1,5 @@
 @if(!empty($infoPages))
 	@foreach($infoPages as $infoPage)
-		<li><a href="{{route('info.show',$infoPage->id)}}">{{{$infoPage->title}}}</a></li>
+		<li><a href="{{ route('infoPage.show',$infoPage->id) }}">{{{ $infoPage->title }}}</a></li>
 	@endforeach
 @endif

src/views/InfoPage/show.blade.php

@@ -14,14 +14,6 @@
 
 <br>
 
-{{ Form::open(array('route' => array('info.destroy', $infoPage->id), 'method' => 'DELETE', 'data-confirm' => 'Are you sure?')) }}
-
-{{ Form::actions( array(
-	Button::link(route('info.edit', array('info' => $infoPage->id)), 'Edit'),
-	Button::danger_submit('Delete'))
-	)
-}}
-
-{{ Form::close() }}
+{{ HTML::resourceButtons('infoPage',$infoPage->id) }}
 
 @endsection