javier/Document-Management-System-laravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update inbox list

Browse Source
This commit is contained in:
manhlab
2021-04-07 19:25:18 -04:00
parent fda7245f7c
commit 436de2efd6
8576 changed files with 1013325 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
vendor/spatie/laravel-permission/.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1 @@
custom: https://spatie.be/open-source/support-us

21
vendor/spatie/laravel-permission/.github/workflows/deploy-docs.yml vendored Normal file
View File

@@ -0,0 +1,21 @@
name: deploy-docs
on:
push:
branches:
- master
paths:
- 'docs/**'
jobs:
deploy:
runs-on: ubuntu-latest
name: Deploy docs
steps:
- name: Netlify deploy
uses: wei/curl@v1
with:
args: -X POST -d {} ${{ secrets.NETLIFY_DEPLOY_URL }}?trigger_title=laravel-permission

48
vendor/spatie/laravel-permission/.github/workflows/run-tests.yml vendored Normal file
View File

@@ -0,0 +1,48 @@
name: "Run Tests"
on: [push, pull_request]
jobs:
test:
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
php: [7.4, 7.3, 7.2]
laravel: [7.*, 6.*, 5.8.*]
dependency-version: [prefer-lowest, prefer-stable]
include:
- laravel: 7.*
testbench: 5.*
- laravel: 6.*
testbench: 4.*
- laravel: 5.8.*
testbench: 3.8.*
name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.dependency-version }}
steps:
- name: Checkout code
uses: actions/checkout@v1
- name: Cache dependencies
uses: actions/cache@v1
with:
path: ~/.composer/cache/files
key: dependencies-laravel-${{ matrix.laravel }}-php-${{ matrix.php }}-composer-${{ hashFiles('composer.json') }}
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: curl, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, iconv
coverage: none
- name: Install dependencies
run: |
composer require "laravel/framework:${{ matrix.laravel }}" "orchestra/testbench:${{ matrix.testbench }}" "symfony/console:>=4.3.4" --no-interaction --no-update
composer update --${{ matrix.dependency-version }} --prefer-dist --no-interaction --no-suggest
- name: Execute tests
run: vendor/bin/phpunit

491
vendor/spatie/laravel-permission/CHANGELOG.md vendored Normal file
View File

@@ -0,0 +1,491 @@
# Changelog
All notable changes to `laravel-permission` will be documented in this file
## 3.13.0 - 2020-05-19
- Provide migration error text to stop caching local config when installing packages.
## 3.12.0 - 2020-05-14
- Add missing config setting for `display_role_in_exception`
- Ensure artisan `permission:show` command uses configured models
## 3.11.0 - 2020-03-03
- Allow guardName() as a function with priority over $guard_name property #1395
## 3.10.1 - 2020-03-03
- Update patch to handle intermittent error in #1370
## 3.10.0 - 2020-03-02
- Ugly patch to handle intermittent error: `Trying to access array offset on value of type null` in #1370
## 3.9.0 - 2020-02-26
- Add Wildcard Permissions feature #1381 (see PR or docs for details)
## 3.8.0 - 2020-02-18
- Clear in-memory permissions on boot, for benefit of long running processes like Swoole. #1378
## 3.7.2 - 2020-02-17
- Refine test for Lumen dependency. Ref #1371, Fixes #1372.
## 3.7.1 - 2020-02-15
- Internal refactoring of scopes to use whereIn instead of orWhere #1334, #1335
- Internal refactoring to flatten collection on splat #1341
## 3.7.0 - 2020-02-15
- Added methods to check any/all when querying direct permissions #1245
- Removed older Lumen dependencies #1371
## 3.6.0 - 2020-01-17
- Added Laravel 7.0 support
- Allow splat operator for passing roles to `hasAnyRole()`
## 3.5.0 - 2020-01-07
- Added missing `guardName` to Exception `PermissionDoesNotExist` #1316
## 3.4.1 - 2019-12-28
- Fix 3.4.0 for Lumen
## 3.4.0 - 2019-12-27
- Make compatible with Swoole - ie: for long-running Laravel instances
## 3.3.1 - 2019-12-24
- Expose Artisan commands to app layer, not just to console
## 3.3.0 - 2019-11-22
- Remove duplicate and unreachable code
- Remove checks for older Laravel versions
## 3.2.0 - 2019-10-16
- Implementation of optional guard check for hasRoles and hasAllRoles - See #1236
## 3.1.0 - 2019-10-16
- Use bigIncrements/bigInteger in migration - See #1224
## 3.0.0 - 2019-09-02
- Update dependencies to allow for Laravel 6.0
- Drop support for Laravel 5.7 and older, and PHP 7.1 and older. (They can use v2 of this package until they upgrade.)
To be clear: v3 requires minimum Laravel 5.8 and PHP 7.2
## 2.38.0 - 2019-09-02
- Allow support for multiple role/permission models
- Load roles relationship only when missing
- Wrap helpers in function_exists() check
## 2.37.0 - 2019-04-09
- Added `permission:show` CLI command to display a table of roles/permissions
- `removeRole` now returns the model, consistent with other methods
- model `$guarded` properties updated to `protected`
- README updates
## 2.36.1 - 2019-03-05
- reverts the changes made in 2.36.0 due to some reported breaks.
## 2.36.0 - 2019-03-04
- improve performance by reducing another iteration in processing query results and returning earlier
## 2.35.0 - 2019-03-01
- overhaul internal caching strategy for better performance and fix cache miss when permission names contained spaces
- deprecated hasUncachedPermissionTo() (use hasPermissionTo() instead)
- added getPermissionNames() method
## 2.34.0 - 2019-02-26
- Add explicit pivotKeys to roles/permissions BelongsToMany relationships
## 2.33.0 - 2019-02-20
- Laravel 5.8 compatibility
## 2.32.0 - 2019-02-13
- Fix duplicate permissions being created through artisan command
## 2.31.0 - 2019-02-03
- Add custom guard query to role scope
- Remove use of array_wrap helper function due to future deprecation
## 2.30.0 - 2019-01-28
- Change cache config time to DateInterval instead of integer
This is in preparation for compatibility with Laravel 5.8's cache TTL change to seconds instead of minutes.
NOTE: If you leave your existing `config/permission.php` file alone, then with Laravel 5.8 the `60 * 24` will change from being treated as 24 hours to just 24 minutes. Depending on your app, this may or may not make a significant difference. Updating your config file to a specific DateInterval will add specificity and insulate you from the TTL change in Laravel 5.8.
Refs:
https://laravel-news.com/cache-ttl-change-coming-to-laravel-5-8
https://github.com/laravel/framework/commit/fd6eb89b62ec09df1ffbee164831a827e83fa61d
## 2.29.0 - 2018-12-15
- Fix bound `saved` event from firing on all subsequent models when calling assignRole or givePermissionTo on unsaved models. However, it is preferable to save the model first, and then add roles/permissions after saving. See #971.
## 2.28.2 - 2018-12-10
- Use config settings for cache reset in migration stub
## 2.28.1 - 2018-12-07
- Remove use of Cache facade, for Lumen compatibility
## 2.28.0 - 2018-11-30
- Rename `getCacheKey` method in HasPermissions trait to `getPermissionCacheKey` for clearer specificity.
## 2.27.0 - 2018-11-21
- Add ability to specify a cache driver for roles/permissions caching
## 2.26.2 - 2018-11-20
- Added the ability to reset the permissions cache via an Artisan command:
`php artisan permission:cache-reset`
## 2.26.1 - 2018-11-19
- minor update to de-duplicate code overhead
- numerous internal updates to cache tests infrastructure
## 2.26.0 - 2018-11-19
- Substantial speed increase by caching the associations between models and permissions
### NOTES: ###
The following changes are not "breaking", but worth making the updates to your app for consistency.
1. Config file: The `config/permission.php` file changed to move cache-related settings into a sub-array. **You should review the changes and merge the updates into your own config file.** Specifically the `expiration_time` value has moved into a sub-array entry, and the old top-level entry is no longer used.
See the master config file here:
https://github.com/spatie/laravel-permission/blob/master/config/permission.php
2. Cache Resets: If your `app` or `tests` are clearing the cache by specifying the cache key, **it is better to use the built-in forgetCachedPermissions() method** so that it properly handles tagged cache entries. Here is the recommended change:
```diff
- app()['cache']->forget('spatie.permission.cache');
+ $this->app->make(\Spatie\Permission\PermissionRegistrar::class)->forgetCachedPermissions();
```
3. Also this is a good time to point out that now with v2.25.0 and v2.26.0 most permission-cache-reset scenarios may no longer be needed in your app, so it's worth reviewing those cases, as you may gain some app speed improvement by removing unnecessary cache resets.
## 2.25.0 - 2018-11-07
- A model's `roles` and `permissions` relations (respectively) are now automatically reloaded after an Assign/Remove role or Grant/Revoke of permissions. This means there's no longer a need to call `->fresh()` on the model if the only reason is to reload the role/permission relations. (That said, you may want to call it for other reasons.)
- Added support for passing id to HasRole()
## 2.24.0 - 2018-11-06
- Fix operator used on RoleOrPermissionMiddleware, and avoid throwing PermissionDoesNotExist if invalid permission passed
- Auto-reload model role relation after using AssignRole
- Avoid empty permission creation when using the CreateRole command
## 2.23.0 - 2018-10-15
- Avoid unnecessary queries of user roles when fetching all permissions
## 2.22.1 - 2018-10-15
- Fix Lumen issue with Route helper added in 2.22.0
## 2.22.0 - 2018-10-11
- Added `Route::role()` and `Route::permission()` middleware helper functions
- Added new `role_or_permission` middleware to allow specifying "or" combinations
## 2.21.0 - 2018-09-29
- Revert changes from 2.17.1 in order to support Lumen 5.7
## 2.20.0 - 2018-09-19
- It will sync roles/permissions to models that are not persisted, by registering a `saved` callback.
(It would previously throw an Integrity constraint violation QueryException on the pivot table insertion.)
## 2.19.2 - 2018-09-19
- add `@elserole` directive:
Usage:
```php
@role('roleA')
// user hasRole 'roleA'
@elserole('roleB')
// user hasRole 'roleB' but not 'roleA'
@endrole
```
## 2.19.1 - 2018-09-14
- Spark-related fix to accommodate missing guard[providers] config
## 2.19.0 - 2018-09-10
- Add ability to pass in IDs or mixed values to `role` scope
- Add `@unlessrole`/`@endunlessrole` Blade directives
## 2.18.0 - 2018-09-06
- Expanded CLI `permission:create-role` command to create optionally create-and-link permissions in one command. Also now no longer throws an error if the role already exists.
## 2.17.1 - 2018-08-28
- Require laravel/framework instead of illuminate/* starting from ~5.4.0
- Removed old dependency for illuminate/database@~5.3.0 (Laravel 5.3 is not supported)
## 2.17.0 - 2018-08-24
- Laravel 5.7 compatibility
## 2.16.0 - 2018-08-20
- Replace static Permission::class and Role::class with dynamic value (allows custom models more easily)
- Added type checking in hasPermissionTo and hasDirectPermission
## 2.15.0 - 2018-08-15
- Make assigning the same role or permission twice not throw an exception
## 2.14.0 - 2018-08-13
- Allow using another key name than `model_id` by defining new `columns` array with `model_morph_key` key in config file. This improves UUID compatibility as discussed in #777.
## 2.13.0 - 2018-08-02
- Fix issue with null values passed to syncPermissions & syncRoles
## 2.12.2 - 2018-06-13
- added hasAllPermissions method
## 2.12.1 - 2018-04-23
- Reverted 2.12.0. REVERTS: "Add ability to pass guard name to gate methods like can()". Requires reworking of guard handling if we're going to add this feature.
## 2.12.0 - 2018-04-22
- Add ability to pass guard name to gate methods like can()
## 2.11.0 - 2018-04-16
- Improve speed of permission lookups with findByName, findById, findOrCreate
## 2.10.0 - 2018-04-15
- changes the type-hinted Authenticatable to Authorizable in the PermissionRegistrar.
(Previously it was expecting models to implement the Authenticatable contract; but really that should have been Authorizable, since that's where the Gate functionality really is.)
## 2.9.2 - 2018-03-12
- Now findOrCreate() exists for both Roles and Permissions
- Internal code refactoring for future dev work
## 2.9.1 - 2018-02-23
- Permissions now support passing integer id for sync, find, hasPermissionTo and hasDirectPermissionTo
## 2.9.0 - 2018-02-07
- add compatibility with Laravel 5.6
- Allow assign/sync/remove Roles from Permission model
## 2.8.2 - 2018-02-07
- Allow a collection containing a model to be passed to role/permission scopes
## 2.8.1 - 2018-02-03
- Fix compatibility with Spark v2.0 to v5.0
## 2.8.0 - 2018-01-25
- Support getting guard_name from extended model when using static methods
## 2.7.9 - 2018-01-23
Changes related to throwing UnauthorizedException:
- When UnauthorizedException is thrown, a property is added with the expected role/permission which triggered it
- A configuration option may be set to include the list of required roles/permissions in the message
## 2.7.8 - 2018-01-02
- REVERTED: Dynamic permission_id and role_id columns according to tables name
NOTE: This Dynamic field naming was a breaking change, so we've removed it for now.
BEST NOT TO USE v2.7.7 if you've changed tablenames in the config file.
## 2.7.7 - 2017-12-31
- updated `HasPermissions::getStoredPermission` to allow a collection to be returned, and to fix query when passing multiple permissions
- Give and revoke multiple permissions
- Dynamic permission_id and role_id columns according to tables name
- Add findOrCreate function to Permission model
- Improved Lumen support
- Allow guard name to be null for find role by id
## 2.7.6 - 2017-11-27
- added Lumen support
- updated `HasRole::assignRole` and `HasRole::syncRoles` to accept role id's in addition to role names as arguments
## 2.7.5 - 2017-10-26
- fixed `Gate::before` for custom gate callbacks
## 2.7.4 - 2017-10-26
- added cache clearing command in `up` migration for permission tables
- use config_path helper for better Lumen support
## 2.7.3 - 2017-10-21
- refactor middleware to throw custom `UnauthorizedException` (which raises an HttpException with 403 response)
The 403 response is backward compatible
## 2.7.2 - 2017-10-18
- refactor `PermissionRegistrar` to use `$gate->before()`
- removed `log_registration_exception` as it is no longer relevant
## 2.7.1 - 2017-10-12
- fixed a bug where `Role`s and `Permission`s got detached when soft deleting a model
## 2.7.0 - 2017-09-27
- add support for L5.3
## 2.6.0 - 2017-09-10
- add `permission` scope
## 2.5.4 - 2017-09-07
- register the blade directives in the register method of the service provider
## 2.5.3 - 2017-09-07
- register the blade directives in the boot method of the service provider
## 2.5.2 - 2017-09-05
- let middleware use caching
## 2.5.1 - 2017-09-02
- add getRoleNames() method to return a collection of assigned roles
## 2.5.0 - 2017-08-30
- add compatibility with Laravel 5.5
## 2.4.2 - 2017-08-11
- automatically detach roles and permissions when a user gets deleted
## 2.4.1 - 2017-08-05
- fix processing of pipe symbols in `@hasanyrole` and `@hasallroles` Blade directives
## 2.4.0 -2017-08-05
- add `PermissionMiddleware` and `RoleMiddleware`
## 2.3.2 - 2017-07-28
- allow `hasAnyPermission` to take an array of permissions
## 2.3.1 - 2017-07-27
- fix commands not using custom models
## 2.3.0 - 2017-07-25
- add `create-permission` and `create-role` commands
## 2.2.0 - 2017-07-01
- `hasanyrole` and `hasallrole` can accept multiple roles
## 2.1.6 - 2017-06-06
- fixed a bug where `hasPermissionTo` wouldn't use the right guard name
## 2.1.5 - 2017-05-17
- fixed a bug that didn't allow you to assign a role or permission when using multiple guards
## 2.1.4 - 2017-05-10
- add `model_type` to the primary key of tables that use a polymorphic relationship
## 2.1.3 - 2017-04-21
- fixed a bug where the role()/permission() relation to user models would be saved incorrectly
- added users() relation on Permission and Role
## 2.1.2 - 2017-04-20
- fix a bug where the `role()`/`permission()` relation to user models would be saved incorrectly
- add `users()` relation on `Permission` and `Role`
## 2.0.2 - 2017-04-13
- check for duplicates when adding new roles and permissions
## 2.0.1 - 2017-04-11
- fix the order of the `foreignKey` and `relatedKey` in the relations
## 2.0.0 - 2017-04-10
- Requires minimum Laravel 5.4
- cache expiration is now configurable and set to one day by default
- roles and permissions can now be assigned to any model through the `HasRoles` trait
- removed deprecated `hasPermission` method
- renamed config file from `laravel-permission` to `permission`.
## 1.17.0 - 2018-08-24
- added support for Laravel 5.7
## 1.16.0 - 2018-02-07
- added support for Laravel 5.6
## 1.15 - 2017-12-08
- allow `hasAnyPermission` to take an array of permissions
## 1.14.1 - 2017-10-26
- fixed `Gate::before` for custom gate callbacks
## 1.14.0 - 2017-10-18
- refactor `PermissionRegistrar` to use `$gate->before()`
- removed `log_registration_exception` as it is no longer relevant
## 1.13.0 - 2017-08-31
- added compatibility for Laravel 5.5
## 1.12.0
- made foreign key name to users table configurable
## 1.11.1
- `hasPermissionTo` uses the cache to avoid extra queries when it is called multiple times
## 1.11.0
- add `getDirectPermissions`, `getPermissionsViaRoles`, `getAllPermissions`
## 1.10.0 - 2017-02-22
- add `hasAnyPermission`
## 1.9.0 - 2017-02-20
- add `log_registration_exception` in settings file
- fix for ambiguous column name `id` when using the role scope
## 1.8.0 - 2017-02-09
- `hasDirectPermission` method is now public
## 1.7.0 - 2016-01-23
- added support for Laravel 5.4
## 1.6.1 - 2016-01-19
- make exception logging more verbose
## 1.6.0 - 2016-12-27
- added `Role` scope
## 1.5.3 - 2016-12-15
- moved some things to `boot` method in SP to solve some compatibility problems with other packages
## 1.5.2 - 2016-08-26
- make compatible with L5.3
## 1.5.1 - 2016-07-23
- fixes `givePermissionTo` and `assignRole` in Laravel 5.1
## 1.5.0 - 2016-07-23
** this version does not work in Laravel 5.1, please upgrade to version 1.5.1 of this package
- allowed `givePermissonTo` to accept multiple permissions
- allowed `assignRole` to accept multiple roles
- added `syncPermissions`-method
- added `syncRoles`-method
- dropped support for PHP 5.5 and HHVM
## 1.4.0 - 2016-05-08
- added `hasPermissionTo` function to the `Role` model
## 1.3.4 - 2016-02-27
- `hasAnyRole` can now properly process an array
## 1.3.3 - 2016-02-24
- `hasDirectPermission` can now accept a string
## 1.3.2 - 2016-02-23
- fixed user table configuration
## 1.3.1 - 2016-01-10
- fixed bug when testing for non existing permissions
## 1.3.0 - 2015-12-25
- added compatibility for Laravel 5.2
## 1.2.1 - 2015-12-22
- use database_path to publish migrations
## 1.2.0 - 2015-10-28
###Added
- support for custom models
## 1.1.0 - 2015-10-12
### Added
- Blade directives
- `hasAllRoles()`- and `hasAnyRole()`-functions
## 1.0.2 - 2015-10-11
### Fixed
- Fix for running phpunit locally
## 1.0.1 - 2015-09-30
### Fixed
- Fixed the inconsistent naming of the `hasPermission`-method.
## 1.0.0 - 2015-09-16
### Added
- Everything, initial release

32
vendor/spatie/laravel-permission/CONTRIBUTING.md vendored Normal file
View File

@@ -0,0 +1,32 @@
# Contributing
Contributions are **welcome** and will be fully **credited**.
We accept contributions via Pull Requests on [Github](https://github.com/spatie/laravel-permission).
## Pull Requests
- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](http://pear.php.net/package/PHP_CodeSniffer).
- **Add tests!** - Your patch won't be accepted if it doesn't have tests.
- **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date.
- **Consider our release cycle** - We try to follow [SemVer v2.0.0](http://semver.org/). Randomly breaking public APIs is not an option.
- **Create feature branches** - Don't ask us to pull from your master branch.
- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.
- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](http://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting.
## Running Tests
``` bash
$ phpunit
```
**Happy coding**!

21
vendor/spatie/laravel-permission/LICENSE.md vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) Spatie bvba <info@spatie.be>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

96
vendor/spatie/laravel-permission/README.md vendored Normal file
View File

@@ -0,0 +1,96 @@
# Associate users with permissions and roles
### Sponsor
<table>
<tr>
<td><img src="http://spatie.github.io/laravel-permission/sponsor-logo.png"></td>
<td>If you want to quickly add authentication and authorization to Laravel projects, feel free to check Auth0's Laravel SDK and free plan at <a href="https://auth0.com/overview?utm_source=GHsponsor&utm_medium=GHsponsor&utm_campaign=laravel-permission&utm_content=auth">https://auth0.com/overview</a>.</td>
</tr>
</table>
[![Latest Version on Packagist](https://img.shields.io/packagist/v/spatie/laravel-permission.svg?style=flat-square)](https://packagist.org/packages/spatie/laravel-permission)
![](https://github.com/spatie/laravel-permission/workflows/Run%20Tests/badge.svg?branch=master)
[![StyleCI](https://styleci.io/repos/42480275/shield)](https://styleci.io/repos/42480275)
[![Total Downloads](https://img.shields.io/packagist/dt/spatie/laravel-permission.svg?style=flat-square)](https://packagist.org/packages/spatie/laravel-permission)
This package allows you to manage user permissions and roles in a database.
Once installed you can do stuff like this:
```php
// Adding permissions to a user
$user->givePermissionTo('edit articles');
// Adding permissions via a role
$user->assignRole('writer');
$role->givePermissionTo('edit articles');
```
Because all permissions will be registered on [Laravel's gate](https://laravel.com/docs/authorization), you can check if a user has a permission with Laravel's default `can` function:
```php
$user->can('edit articles');
```
## Support us
We invest a lot of resources into creating [best in class open source packages](https://spatie.be/open-source). You can support us by [buying one of our paid products](https://spatie.be/open-source/support-us).
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on [our contact page](https://spatie.be/about-us). We publish all received postcards on [our virtual postcard wall](https://spatie.be/open-source/postcards).
## Documentation, Installation, and Usage Instructions
See the [DOCUMENTATION](https://docs.spatie.be/laravel-permission/v3/introduction/) for detailed installation and usage instructions.
### Testing
``` bash
composer test
```
### Changelog
Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently.
## Contributing
Please see [CONTRIBUTING](CONTRIBUTING.md) for details.
### Security
If you discover any security-related issues, please email [freek@spatie.be](mailto:freek@spatie.be) instead of using the issue tracker.
## Postcardware
You're free to use this package, but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using.
Our address is: Spatie, Samberstraat 69D, 2060 Antwerp, Belgium.
We publish all received postcards [on our company website](https://spatie.be/en/opensource/postcards).
## Credits
- [Freek Van der Herten](https://github.com/freekmurze)
- [All Contributors](../../contributors)
This package is heavily based on [Jeffrey Way](https://twitter.com/jeffrey_way)'s awesome [Laracasts](https://laracasts.com) lessons
on [permissions and roles](https://laracasts.com/series/whats-new-in-laravel-5-1/episodes/16). His original code
can be found [in this repo on GitHub](https://github.com/laracasts/laravel-5-roles-and-permissions-demo).
Special thanks to [Alex Vanderbist](https://github.com/AlexVanderbist) who greatly helped with `v2`, and to [Chris Brown](https://github.com/drbyte) for his longtime support helping us maintain the package.
## Alternatives
- [Povilas Korop](https://twitter.com/@povilaskorop) did an excellent job listing the alternatives [in an article on Laravel News](https://laravel-news.com/two-best-roles-permissions-packages). In that same article, he compares laravel-permission to [Joseph Silber](https://github.com/JosephSilber)'s [Bouncer]((https://github.com/JosephSilber/bouncer)), which in our book is also an excellent package.
- [ultraware/roles](https://github.com/ultraware/roles) takes a slightly different approach to its features.
- [santigarcor/laratrust](https://github.com/santigarcor/laratrust) implements team support
- [zizaco/entrust](https://github.com/zizaco/entrust) offers some wildcard pattern matching
## License
The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

64
vendor/spatie/laravel-permission/composer.json vendored Normal file
View File

@@ -0,0 +1,64 @@
{
"name": "spatie/laravel-permission",
"description": "Permission handling for Laravel 5.8 and up",
"keywords": [
"spatie",
"laravel",
"permission",
"permissions",
"roles",
"acl",
"rbac",
"security"
],
"homepage": "https://github.com/spatie/laravel-permission",
"license": "MIT",
"authors": [
{
"name": "Freek Van der Herten",
"email": "freek@spatie.be",
"homepage": "https://spatie.be",
"role": "Developer"
}
],
"require": {
"php" : "^7.2.5",
"illuminate/auth": "^5.8|^6.0|^7.0",
"illuminate/container": "^5.8|^6.0|^7.0",
"illuminate/contracts": "^5.8|^6.0|^7.0",
"illuminate/database": "^5.8|^6.0|^7.0"
},
"require-dev": {
"orchestra/testbench": "^3.8|^4.0|^5.0",
"phpunit/phpunit": "^8.0|^9.0",
"predis/predis": "^1.1"
},
"autoload": {
"psr-4": {
"Spatie\\Permission\\": "src"
},
"files": [
"src/helpers.php"
]
},
"autoload-dev": {
"psr-4": {
"Spatie\\Permission\\Test\\": "tests"
}
},
"extra": {
"laravel": {
"providers": [
"Spatie\\Permission\\PermissionServiceProvider"
]
}
},
"scripts": {
"test": "phpunit"
},
"config": {
"sort-packages": true
},
"minimum-stability": "dev",
"prefer-stable": true
}

143
vendor/spatie/laravel-permission/config/permission.php vendored Normal file
View File

@@ -0,0 +1,143 @@
<?php
return [
'models' => [
/*
* When using the "HasPermissions" trait from this package, we need to know which
* Eloquent model should be used to retrieve your permissions. Of course, it
* is often just the "Permission" model but you may use whatever you like.
*
* The model you want to use as a Permission model needs to implement the
* `Spatie\Permission\Contracts\Permission` contract.
*/
'permission' => Spatie\Permission\Models\Permission::class,
/*
* When using the "HasRoles" trait from this package, we need to know which
* Eloquent model should be used to retrieve your roles. Of course, it
* is often just the "Role" model but you may use whatever you like.
*
* The model you want to use as a Role model needs to implement the
* `Spatie\Permission\Contracts\Role` contract.
*/
'role' => Spatie\Permission\Models\Role::class,
],
'table_names' => [
/*
* When using the "HasRoles" trait from this package, we need to know which
* table should be used to retrieve your roles. We have chosen a basic
* default value but you may easily change it to any table you like.
*/
'roles' => 'roles',
/*
* When using the "HasPermissions" trait from this package, we need to know which
* table should be used to retrieve your permissions. We have chosen a basic
* default value but you may easily change it to any table you like.
*/
'permissions' => 'permissions',
/*
* When using the "HasPermissions" trait from this package, we need to know which
* table should be used to retrieve your models permissions. We have chosen a
* basic default value but you may easily change it to any table you like.
*/
'model_has_permissions' => 'model_has_permissions',
/*
* When using the "HasRoles" trait from this package, we need to know which
* table should be used to retrieve your models roles. We have chosen a
* basic default value but you may easily change it to any table you like.
*/
'model_has_roles' => 'model_has_roles',
/*
* When using the "HasRoles" trait from this package, we need to know which
* table should be used to retrieve your roles permissions. We have chosen a
* basic default value but you may easily change it to any table you like.
*/
'role_has_permissions' => 'role_has_permissions',
],
'column_names' => [
/*
* Change this if you want to name the related model primary key other than
* `model_id`.
*
* For example, this would be nice if your primary keys are all UUIDs. In
* that case, name this `model_uuid`.
*/
'model_morph_key' => 'model_id',
],
/*
* When set to true, the required permission names are added to the exception
* message. This could be considered an information leak in some contexts, so
* the default setting is false here for optimum safety.
*/
'display_permission_in_exception' => false,
/*
* When set to true, the required role names are added to the exception
* message. This could be considered an information leak in some contexts, so
* the default setting is false here for optimum safety.
*/
'display_role_in_exception' => false,
/*
* By default wildcard permission lookups are disabled.
*/
'enable_wildcard_permission' => false,
'cache' => [
/*
* By default all permissions are cached for 24 hours to speed up performance.
* When permissions or roles are updated the cache is flushed automatically.
*/
'expiration_time' => \DateInterval::createFromDateString('24 hours'),
/*
* The cache key used to store all permissions.
*/
'key' => 'spatie.permission.cache',
/*
* When checking for a permission against a model by passing a Permission
* instance to the check, this key determines what attribute on the
* Permissions model is used to cache against.
*
* Ideally, this should match your preferred way of checking permissions, eg:
* `$user->can('view-posts')` would be 'name'.
*/
'model_key' => 'name',
/*
* You may optionally indicate a specific cache driver to use for permission and
* role caching using any of the `store` drivers listed in the cache.php config
* file. Using 'default' here means to use the `default` set in cache.php.
*/
'store' => 'default',
],
];

110
vendor/spatie/laravel-permission/database/migrations/create_permission_tables.php.stub vendored Normal file
View File

@@ -0,0 +1,110 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreatePermissionTables extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
$tableNames = config('permission.table_names');
$columnNames = config('permission.column_names');
if (empty($tableNames)) {
throw new \Exception('Error: config/permission.php not loaded. Run [php artisan config:clear] and try again.');
}
Schema::create($tableNames['permissions'], function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name');
$table->string('guard_name');
$table->timestamps();
});
Schema::create($tableNames['roles'], function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name');
$table->string('guard_name');
$table->timestamps();
});
Schema::create($tableNames['model_has_permissions'], function (Blueprint $table) use ($tableNames, $columnNames) {
$table->unsignedBigInteger('permission_id');
$table->string('model_type');
$table->unsignedBigInteger($columnNames['model_morph_key']);
$table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_permissions_model_id_model_type_index');
$table->foreign('permission_id')
->references('id')
->on($tableNames['permissions'])
->onDelete('cascade');
$table->primary(['permission_id', $columnNames['model_morph_key'], 'model_type'],
'model_has_permissions_permission_model_type_primary');
});
Schema::create($tableNames['model_has_roles'], function (Blueprint $table) use ($tableNames, $columnNames) {
$table->unsignedBigInteger('role_id');
$table->string('model_type');
$table->unsignedBigInteger($columnNames['model_morph_key']);
$table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_roles_model_id_model_type_index');
$table->foreign('role_id')
->references('id')
->on($tableNames['roles'])
->onDelete('cascade');
$table->primary(['role_id', $columnNames['model_morph_key'], 'model_type'],
'model_has_roles_role_model_type_primary');
});
Schema::create($tableNames['role_has_permissions'], function (Blueprint $table) use ($tableNames) {
$table->unsignedBigInteger('permission_id');
$table->unsignedBigInteger('role_id');
$table->foreign('permission_id')
->references('id')
->on($tableNames['permissions'])
->onDelete('cascade');
$table->foreign('role_id')
->references('id')
->on($tableNames['roles'])
->onDelete('cascade');
$table->primary(['permission_id', 'role_id'], 'role_has_permissions_permission_id_role_id_primary');
});
app('cache')
->store(config('permission.cache.store') != 'default' ? config('permission.cache.store') : null)
->forget(config('permission.cache.key'));
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
$tableNames = config('permission.table_names');
if (empty($tableNames)) {
throw new \Exception('Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.');
}
Schema::drop($tableNames['role_has_permissions']);
Schema::drop($tableNames['model_has_roles']);
Schema::drop($tableNames['model_has_permissions']);
Schema::drop($tableNames['roles']);
Schema::drop($tableNames['permissions']);
}
}

6
vendor/spatie/laravel-permission/docs/_index.md vendored Normal file
View File

@@ -0,0 +1,6 @@
---
title: v3
slogan: Associate users with roles and permissions
githubUrl: https://github.com/spatie/laravel-permission
branch: master
---

16
vendor/spatie/laravel-permission/docs/about-us.md vendored Normal file
View File

@@ -0,0 +1,16 @@
---
title: About us
---
[Spatie](https://spatie.be) is a webdesign agency based in Antwerp, Belgium.
Open source software is used in all projects we deliver. Laravel, Nginx, Ubuntu are just a few
of the free pieces of software we use every single day. For this, we are very grateful.
When we feel we have solved a problem in a way that can help other developers,
we release our code as open source software [on GitHub](https://spatie.be/opensource).
This package is heavily based on [Jeffrey Way](https://twitter.com/jeffrey_way)'s awesome [Laracasts](https://laracasts.com) lessons
on [permissions and roles](https://laracasts.com/series/whats-new-in-laravel-5-1/episodes/16). His original code
can be found [in this repo on GitHub](https://github.com/laracasts/laravel-5-roles-and-permissions-demo).
Special thanks to [Alex Vanderbist](https://github.com/AlexVanderbist) who greatly helped with `v2`, and to [Chris Brown](https://github.com/drbyte) for his longtime support helping us maintain the package.

4
vendor/spatie/laravel-permission/docs/advanced-usage/_index.md vendored Normal file
View File

@@ -0,0 +1,4 @@
---
title: Advanced usage
weight: 3
---

47
vendor/spatie/laravel-permission/docs/advanced-usage/cache.md vendored Normal file
View File

@@ -0,0 +1,47 @@
---
title: Cache
weight: 5
---
Role and Permission data are cached to speed up performance.
While we recommend not changing the cache "key" name, if you wish to alter the expiration time you may do so in the `config/permission.php` file, in the `cache` array.
When you use the built-in functions for manipulating roles and permissions, the cache is automatically reset for you, and relations are automatically reloaded for the current model record:
```php
$user->assignRole('writer');
$user->removeRole('writer');
$user->syncRoles(params);
$role->givePermissionTo('edit articles');
$role->revokePermissionTo('edit articles');
$role->syncPermissions(params);
$permission->assignRole('writer');
$permission->removeRole('writer');
$permission->syncRoles(params);
```
HOWEVER, if you manipulate permission/role data directly in the database instead of calling the supplied methods, then you will not see the changes reflected in the application unless you manually reset the cache.
Additionally, because the Role and Permission models are Eloquent models which implement the `RefreshesPermissionCache` trait, creating and deleting Roles and Permissions will automatically clear the cache. If you have created your own models which do not extend the default models then you will need to implement the trait yourself.
### Manual cache reset
To manually reset the cache for this package, you can run the following in your app code:
```php
app()->make(\Spatie\Permission\PermissionRegistrar::class)->forgetCachedPermissions();
```
Or you can use an Artisan command:
```bash
php artisan permission:cache-reset
```
### Cache Identifier
TIP: If you are leveraging a caching service such as `redis` or `memcached` and there are other sites
running on your server, you could run into cache clashes between apps. It is prudent to set your own
cache `prefix` in Laravel's `/config/cache.php` to something unique for each application.
This will prevent other applications from accidentally using/changing your cached data.

26
vendor/spatie/laravel-permission/docs/advanced-usage/exceptions.md vendored Normal file
View File

@@ -0,0 +1,26 @@
---
title: Exceptions
weight: 3
---
If you need to override exceptions thrown by this package, you can simply use normal [Laravel practices for handling exceptions](https://laravel.com/docs/errors#render-method).
An example is shown below for your convenience, but nothing here is specific to this package other than the name of the exception.
You can find all the exceptions added by this package in the code here: https://github.com/spatie/laravel-permission/tree/master/src/Exceptions
**app/Exceptions/Handler.php**
```php
public function render($request, Throwable $exception)
{
if ($exception instanceof \Spatie\Permission\Exceptions\UnauthorizedException) {
return response()->json([
'responseMessage' => 'You do not have the required authorization.',
'responseStatus' => 403,
]);
}
return parent::render($request, $exception);
}
```

35
vendor/spatie/laravel-permission/docs/advanced-usage/extending.md vendored Normal file
View File

@@ -0,0 +1,35 @@
---
title: Extending
weight: 4
---
## Extending User Models
Laravel's authorization features are available in models which implement the `Illuminate\Foundation\Auth\Access\Authorizable` trait.
By default Laravel does this in `\App\User` by extending `Illuminate\Foundation\Auth\User`, in which the trait and `Illuminate\Contracts\Auth\Access\Authorizable` contract are declared.
If you are creating your own User models and wish Authorization features to be available, you need to implement `Illuminate\Contracts\Auth\Access\Authorizable` in one of those ways as well.
## Extending Role and Permission Models
If you are extending or replacing the role/permission models, you will need to specify your new models in this package's `config/permission.php` file.
First be sure that you've published the configuration file (see the Installation instructions), and edit it to update the `models.role` and `models.permission` values to point to your new models.
Note the following requirements when extending/replacing the models:
### Extending
If you need to EXTEND the existing `Role` or `Permission` models note that:
- Your `Role` model needs to extend the `Spatie\Permission\Models\Role` model
- Your `Permission` model needs to extend the `Spatie\Permission\Models\Permission` model
### Replacing
If you need to REPLACE the existing `Role` or `Permission` models you need to keep the following things in mind:
- Your `Role` model needs to implement the `Spatie\Permission\Contracts\Role` contract
- Your `Permission` model needs to implement the `Spatie\Permission\Contracts\Permission` contract
## Migrations - Adding fields to your models
You can add your own migrations to make changes to the role/permission tables, as you would for adding/changing fields in any other tables in your Laravel project.
Following that, you can add any necessary logic for interacting with those fields into your custom/extended Models.

8
vendor/spatie/laravel-permission/docs/advanced-usage/other.md vendored Normal file
View File

@@ -0,0 +1,8 @@
---
title: Other
weight: 8
---
Schema Diagram:
You can find a schema diagram at https://drawsql.app/templates/laravel-permission

92
vendor/spatie/laravel-permission/docs/advanced-usage/phpstorm.md vendored Normal file
View File

@@ -0,0 +1,92 @@
---
title: Extending PhpStorm
weight: 7
---
# Extending PhpStorm to support Blade Directives of this package
1. In PhpStorm, open Preferences, and navigate to **Languages and Frameworks -> PHP -> Blade**
(File | Settings | Languages & Frameworks | PHP | Blade)
2. Uncheck "Use default settings", then click on the `Directives` tab.
3. Add the following new directives for the laravel-permission package:
**role**
- has parameter = YES
- Prefix: `<?php if(auth()->check() && auth()->user()->hasRole(`
- Suffix: `)); ?>`
--
**endrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasrole**
- has parameter = YES
- Prefix: `<?php if(auth()->check() && auth()->user()->hasRole(`
- Suffix: `)); ?>`
--
**endhasrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasanyrole**
- has parameter = YES
- Prefix: `<?php if(auth()->check() && auth()->user()->hasAnyRole(`
- Suffix: `)); ?>`
--
**endhasanyrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasallroles**
- has parameter = YES
- Prefix: `<?php if(auth()->check() && auth()->user()->hasAllRoles(`
- Suffix: `)); ?>`
--
**endhasallroles**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**unlessrole**
- has parameter = YES
- Prefix: `<?php if(auth()->check() && !auth()->user()->hasRole(`
- Suffix: `)); ?>`
--
**endunlessrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--

40
vendor/spatie/laravel-permission/docs/advanced-usage/seeding.md vendored Normal file
View File

@@ -0,0 +1,40 @@
---
title: Database Seeding
weight: 2
---
You may discover that it is best to flush this package's cache before seeding, to avoid cache conflict errors. This can be done directly in a seeder class. Here is a sample seeder, which first clears the cache, creates permissions and then assigns permissions to roles (the order of these steps is intentional):
```php
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;
class RolesAndPermissionsSeeder extends Seeder
{
public function run()
{
// Reset cached roles and permissions
app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
// create permissions
Permission::create(['name' => 'edit articles']);
Permission::create(['name' => 'delete articles']);
Permission::create(['name' => 'publish articles']);
Permission::create(['name' => 'unpublish articles']);
// create roles and assign created permissions
// this can be done as separate statements
$role = Role::create(['name' => 'writer']);
$role->givePermissionTo('edit articles');
// or may be done by chaining
$role = Role::create(['name' => 'moderator'])
->givePermissionTo(['publish articles', 'unpublish articles']);
$role = Role::create(['name' => 'super-admin']);
$role->givePermissionTo(Permission::all());
}
}
```

20
vendor/spatie/laravel-permission/docs/advanced-usage/timestamps.md vendored Normal file
View File

@@ -0,0 +1,20 @@
---
title: Timestamps
weight: 8
---
### Excluding Timestamps from JSON
If you want to exclude timestamps from JSON output of role/permission pivots, you can extend the Role and Permission models into your own App namespace and mark the pivot as hidden:
```php
protected $hidden = ['pivot'];
```
### Adding Timestamps to Pivots
If you want to add timestamps to your pivot tables, you can do it with a few steps:
- update the tables by calling `$table->timestamps();` in a migration
- extend the Permission and Role models and add `->withTimestamps();` to the BelongsToMany relationshps for `roles()` and `permissions()`
- update your User models (wherever you use the HasRoles or HasPermissions traits) by adding `->withTimestamps();` to the BelongsToMany relationshps for `roles()` and `permissions()`

18
vendor/spatie/laravel-permission/docs/advanced-usage/ui-options.md vendored Normal file
View File

@@ -0,0 +1,18 @@
---
title: UI Options
weight: 10
---
## Need a UI?
The package doesn't come with any screens out of the box, you should build that yourself. Here are some options to get you started:
- If you'd like to build your own UI, and understand the underlying logic for Gates and Roles and Users, the [Laravel 6 User Login and Management With Roles](https://www.youtube.com/watch?v=7PpJsho5aak&list=PLxFwlLOncxFLazmEPiB4N0iYc3Dwst6m4) video series by Mark Twigg of Penguin Digital gives thorough coverage to the topic, the theory, and implementation of a basic Roles system, independent of this Permissions Package.
- [Laravel Nova package by @vyuldashev for managing Roles and Permissions](https://github.com/vyuldashev/nova-permission)
- [Laravel Nova package by @paras-malhotra for managing Roles and Permissions and permissions based authorization for Nova Resources](https://github.com/insenseanalytics/laravel-nova-permission)
- [How to create a UI for managing the permissions and roles](http://www.qcode.in/easy-roles-and-permissions-in-laravel-5-4/)
- [Laravel User Management for managing users, roles, permissions, departments and authorization](https://github.com/Mekaeil/LaravelUserManagement) by [Mekaeil](https://github.com/Mekaeil)

18
vendor/spatie/laravel-permission/docs/advanced-usage/unit-testing.md vendored Normal file
View File

@@ -0,0 +1,18 @@
---
title: Unit testing
weight: 1
---
In your application's tests, if you are not seeding roles and permissions as part of your test `setUp()` then you may run into a chicken/egg situation where roles and permissions aren't registered with the gate (because your tests create them after that gate registration is done). Working around this is simple: In your tests simply add a `setUp()` instruction to re-register the permissions, like this:
```php
public function setUp(): void
{
// first include all the normal setUp operations
parent::setUp();
// now re-register all the roles and permissions
$this->app->make(\Spatie\Permission\PermissionRegistrar::class)->registerPermissions();
}
```

119
vendor/spatie/laravel-permission/docs/advanced-usage/uuid.md vendored Normal file
View File

@@ -0,0 +1,119 @@
---
title: UUID
weight: 6
---
If you're using UUIDs or GUIDs for your User models there are a few considerations to note.
> THIS IS NOT A FULL LESSON ON HOW TO IMPLEMENT UUIDs IN YOUR APP.
Since each UUID implementation approach is different, some of these may or may not benefit you. As always, your implementation may vary.
### Migrations
You will probably want to update the `create_permission_tables.php` migration:
If your User models are using `uuid` instead of `unsignedBigInteger` then you'll need to reflect the change in the migration provided by this package. Something like this would be typical, for both `model_has_permissions` and `model_has_roles` tables:
```diff
- $table->unsignedBigInteger($columnNames['model_morph_key'])
+ $table->uuid($columnNames['model_morph_key'])
```
OPTIONAL: If you also want the roles and permissions to use a UUID for their `id` value, then you'll need to also change the id fields accordingly, and manually set the primary key. LEAVE THE FIELD NAME AS `id` unless you also change it in dozens of other places.
```diff
Schema::create($tableNames['permissions'], function (Blueprint $table) {
- $table->bigIncrements('id');
+ $table->uuid('id');
$table->string('name');
$table->string('guard_name');
$table->timestamps();
+ $table->primary('id');
});
Schema::create($tableNames['roles'], function (Blueprint $table) {
- $table->bigIncrements('id');
+ $table->uuid('id');
$table->string('name');
$table->string('guard_name');
$table->timestamps();
+ $table->primary('id');
});
Schema::create($tableNames['model_has_permissions'], function (Blueprint $table) use ($tableNames, $columnNames) {
- $table->bigIncrements('permission_id');
+ $table->uuid('permission_id');
...
Schema::create($tableNames['model_has_roles'], function (Blueprint $table) use ($tableNames, $columnNames) {
- $table->bigIncrements('role_id');
+ $table->uuid('role_id');
...
Schema::create($tableNames['role_has_permissions'], function (Blueprint $table) use ($tableNames) {
- $table->bigIncrements('permission_id');
- $table->bigIncrements('role_id');
+ $table->uuid('permission_id');
+ $table->uuid('role_id');
```
### Configuration (OPTIONAL)
You might want to change the pivot table field name from `model_id` to `model_uuid`, just for semantic purposes.
For this, in the configuration file edit `column_names.model_morph_key`:
- OPTIONAL: Change to `model_uuid` instead of the default `model_id`. (The default of `model_id` is shown in this snippet below. Change it to match your needs.)
'column_names' => [
/*
* Change this if you want to name the related model primary key other than
* `model_id`.
*
* For example, this would be nice if your primary keys are all UUIDs. In
* that case, name this `model_uuid`.
*/
'model_morph_key' => 'model_id',
],
- If you extend the models into your app, be sure to list those models in your configuration file. See the Extending section of the documentation and the Models section below.
### Models
If you want all the role/permission objects to have a UUID instead of an integer, you will need to Extend the default Role and Permission models into your own namespace in order to set some specific properties. (See the Extending section of the docs, where it explains requirements of Extending, as well as the configuration settings you need to update.)
- You may want to set `protected $keyType = 'string';` so Laravel handles joins as strings and doesn't cast to integer.
- OPTIONAL: If you changed the field name in your migrations, you must set `protected $primaryKey = 'uuid';` to match.
- Usually for UUID you will also set `public $incrementing = false;`. Remove it if it causes problems for you.
It is common to use a trait to handle the $keyType and $incrementing settings, as well as add a boot event trigger to ensure new records are assigned a uuid. You would `use` this trait in your User and extended Role/Permission models. An example `UuidTrait` is shown here for inspiration. Adjust to suit your needs.
```php
<?php
namespace App;
use Facades\Str;
trait UuidTrait
{
public $incrementing = false;
protected $keyType = 'string';
protected static function boot()
{
parent::boot();
static::creating(function ($model) {
$model->{$model->getKeyName()} = $model->{$model->getKeyName()} ?: (string) Str::orderedUuid();
});
}
}
```
### User Models
> Troubleshooting tip: In the ***Prerequisites*** section of the docs we remind you that your User model must implement the `Illuminate\Contracts\Auth\Access\Authorizable` contract so that the Gate features are made available to the User object.
In the default User model provided with Laravel, this is done by extending another model (aliased to `Authenticatable`), which extends the base Eloquent model.
However, your app's UUID implementation may need to override that in order to set some of the properties mentioned in the Models section above.
If you are running into difficulties, you may want to double-check whether your User model is doing UUIDs consistent with other parts of your app.

4
vendor/spatie/laravel-permission/docs/basic-usage/_index.md vendored Normal file
View File

@@ -0,0 +1,4 @@
---
title: Basic Usage
weight: 1
---

54
vendor/spatie/laravel-permission/docs/basic-usage/artisan.md vendored Normal file
View File

@@ -0,0 +1,54 @@
---
title: Using artisan commands
weight: 7
---
## Creating roles and permissions with Artisan Commands
You can create a role or permission from the console with artisan commands.
```bash
php artisan permission:create-role writer
```
```bash
php artisan permission:create-permission "edit articles"
```
When creating permissions/roles for specific guards you can specify the guard names as a second argument:
```bash
php artisan permission:create-role writer web
```
```bash
php artisan permission:create-permission "edit articles" web
```
When creating roles you can also create and link permissions at the same time:
```bash
php artisan permission:create-role writer web "create articles|edit articles"
```
## Displaying roles and permissions in the console
There is also a `show` command to show a table of roles and permissions per guard:
```bash
php artisan permission:show
```
## Resetting the Cache
When you use the built-in functions for manipulating roles and permissions, the cache is automatically reset for you, and relations are automatically reloaded for the current model record.
See the Advanced-Usage/Cache section of these docs for detailed specifics.
If you need to manually reset the cache for this package, you may use the following artisan command:
```bash
php artisan permission:cache-reset
```
Again, it is more efficient to use the API provided by this package, instead of manually clearing the cache.

97
vendor/spatie/laravel-permission/docs/basic-usage/basic-usage.md vendored Normal file
View File

@@ -0,0 +1,97 @@
---
title: Basic Usage
weight: 1
---
First, add the `Spatie\Permission\Traits\HasRoles` trait to your `User` model(s):
```php
use Illuminate\Foundation\Auth\User as Authenticatable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles;
// ...
}
```
This package allows for users to be associated with permissions and roles. Every role is associated with multiple permissions.
A `Role` and a `Permission` are regular Eloquent models. They require a `name` and can be created like this:
```php
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;
$role = Role::create(['name' => 'writer']);
$permission = Permission::create(['name' => 'edit articles']);
```
A permission can be assigned to a role using 1 of these methods:
```php
$role->givePermissionTo($permission);
$permission->assignRole($role);
```
Multiple permissions can be synced to a role using 1 of these methods:
```php
$role->syncPermissions($permissions);
$permission->syncRoles($roles);
```
A permission can be removed from a role using 1 of these methods:
```php
$role->revokePermissionTo($permission);
$permission->removeRole($role);
```
If you're using multiple guards the `guard_name` attribute needs to be set as well. Read about it in the [using multiple guards](../multiple-guards) section of the readme.
The `HasRoles` trait adds Eloquent relationships to your models, which can be accessed directly or used as a base query:
```php
// get a list of all permissions directly assigned to the user
$permissionNames = $user->getPermissionNames(); // collection of name strings
$permissions = $user->permissions; // collection of permission objects
// get all permissions for the user, either directly, or from roles, or from both
$permissions = $user->getDirectPermissions();
$permissions = $user->getPermissionsViaRoles();
$permissions = $user->getAllPermissions();
// get the names of the user's roles
$roles = $user->getRoleNames(); // Returns a collection
```
The `HasRoles` trait also adds a `role` scope to your models to scope the query to certain roles or permissions:
```php
$users = User::role('writer')->get(); // Returns only users with the role 'writer'
```
The `role` scope can accept a string, a `\Spatie\Permission\Models\Role` object or an `\Illuminate\Support\Collection` object.
The same trait also adds a scope to only get users that have a certain permission.
```php
$users = User::permission('edit articles')->get(); // Returns only users with the permission 'edit articles' (inherited or directly)
```
The scope can accept a string, a `\Spatie\Permission\Models\Permission` object or an `\Illuminate\Support\Collection` object.
### Eloquent
Since Role and Permission models are extended from Eloquent models, basic Eloquent calls can be used as well:
```php
$all_users_with_all_their_roles = User::with('roles')->get();
$all_users_with_all_direct_permissions = User::with('permissions')->get();
$all_roles_in_database = Role::all()->pluck('name');
$users_without_any_roles = User::doesntHave('roles')->get();
```

91
vendor/spatie/laravel-permission/docs/basic-usage/blade-directives.md vendored Normal file
View File

@@ -0,0 +1,91 @@
---
title: Blade directives
weight: 4
---
## Permissions
This package doesn't add any **permission**-specific Blade directives.
Instead, use Laravel's native `@can` directive to check if a user has a certain permission.
```php
@can('edit articles')
//
@endcan
```
or
```php
@if(auth()->user()->can('edit articles') && $some_other_condition)
//
@endif
```
You can use `@can`, `@cannot`, `@canany`, and `@guest` to test for permission-related access.
## Roles
As discussed in the Best Practices section of the docs, **it is strongly recommended to always use permission directives**, instead of role directives.
Additionally, if your reason for testing against Roles is for a Super-Admin, see the *Defining A Super-Admin* section of the docs.
If you actually need to test for Roles, this package offers some Blade directives to verify whether the currently logged in user has all or any of a given list of roles.
Optionally you can pass in the `guard` that the check will be performed on as a second argument.
#### Blade and Roles
Check for a specific role:
```php
@role('writer')
I am a writer!
@else
I am not a writer...
@endrole
```
is the same as
```php
@hasrole('writer')
I am a writer!
@else
I am not a writer...
@endhasrole
```
Check for any role in a list:
```php
@hasanyrole($collectionOfRoles)
I have one or more of these roles!
@else
I have none of these roles...
@endhasanyrole
// or
@hasanyrole('writer|admin')
I am either a writer or an admin or both!
@else
I have none of these roles...
@endhasanyrole
```
Check for all roles:
```php
@hasallroles($collectionOfRoles)
I have all of these roles!
@else
I do not have all of these roles...
@endhasallroles
// or
@hasallroles('writer|admin')
I am both a writer and an admin!
@else
I do not have all of these roles...
@endhasallroles
```
Alternatively, `@unlessrole` gives the reverse for checking a singular role, like this:
```php
@unlessrole('does not have this role')
I do not have the role
@else
I do have the role
@endunlessrole
```

67
vendor/spatie/laravel-permission/docs/basic-usage/direct-permissions.md vendored Normal file
View File

@@ -0,0 +1,67 @@
---
title: Direct Permissions
weight: 2
---
A permission can be given to any user:
```php
$user->givePermissionTo('edit articles');
// You can also give multiple permission at once
$user->givePermissionTo('edit articles', 'delete articles');
// You may also pass an array
$user->givePermissionTo(['edit articles', 'delete articles']);
```
A permission can be revoked from a user:
```php
$user->revokePermissionTo('edit articles');
```
Or revoke & add new permissions in one go:
```php
$user->syncPermissions(['edit articles', 'delete articles']);
```
You can check if a user has a permission:
```php
$user->hasPermissionTo('edit articles');
```
Or you may pass an integer representing the permission id
```php
$user->hasPermissionTo('1');
$user->hasPermissionTo(Permission::find(1)->id);
$user->hasPermissionTo($somePermission->id);
```
You can check if a user has Any of an array of permissions:
```php
$user->hasAnyPermission(['edit articles', 'publish articles', 'unpublish articles']);
```
...or if a user has All of an array of permissions:
```php
$user->hasAllPermissions(['edit articles', 'publish articles', 'unpublish articles']);
```
You may also pass integers to lookup by permission id
```php
$user->hasAnyPermission(['edit articles', 1, 5]);
```
Saved permissions will be registered with the `Illuminate\Auth\Access\Gate` class for the default guard. So you can
check if a user has a permission with Laravel's default `can` function:
```php
$user->can('edit articles');
```

83
vendor/spatie/laravel-permission/docs/basic-usage/middleware.md vendored Normal file
View File

@@ -0,0 +1,83 @@
---
title: Using a middleware
weight: 7
---
## Default Middleware
For checking against a single permission (see Best Practices) using `can`, you can use the built-in Laravel middleware provided by `\Illuminate\Auth\Middleware\Authorize::class` like this:
```php
Route::group(['middleware' => ['can:publish articles']], function () {
//
});
```
## Package Middleware
This package comes with `RoleMiddleware`, `PermissionMiddleware` and `RoleOrPermissionMiddleware` middleware. You can add them inside your `app/Http/Kernel.php` file.
```php
protected $routeMiddleware = [
// ...
'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class,
'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,
'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class,
];
```
Then you can protect your routes using middleware rules:
```php
Route::group(['middleware' => ['role:super-admin']], function () {
//
});
Route::group(['middleware' => ['permission:publish articles']], function () {
//
});
Route::group(['middleware' => ['role:super-admin','permission:publish articles']], function () {
//
});
Route::group(['middleware' => ['role_or_permission:super-admin|edit articles']], function () {
//
});
Route::group(['middleware' => ['role_or_permission:publish articles']], function () {
//
});
```
Alternatively, you can separate multiple roles or permission with a `|` (pipe) character:
```php
Route::group(['middleware' => ['role:super-admin|writer']], function () {
//
});
Route::group(['middleware' => ['permission:publish articles|edit articles']], function () {
//
});
Route::group(['middleware' => ['role_or_permission:super-admin|edit articles']], function () {
//
});
```
You can protect your controllers similarly, by setting desired middleware in the constructor:
```php
public function __construct()
{
$this->middleware(['role:super-admin','permission:publish articles|edit articles']);
}
```
```php
public function __construct()
{
$this->middleware(['role_or_permission:super-admin|edit articles']);
}
```

60
vendor/spatie/laravel-permission/docs/basic-usage/multiple-guards.md vendored Normal file
View File

@@ -0,0 +1,60 @@
---
title: Using multiple guards
weight: 6
---
When using the default Laravel auth configuration all of the core methods of this package will work out of the box, no extra configuration required.
However, when using multiple guards they will act like namespaces for your permissions and roles. Meaning every guard has its own set of permissions and roles that can be assigned to their user model.
### The Downside To Multiple Guards
Note that this package requires you to register a permission name for each guard you want to authenticate with. So, "edit-article" would have to be created multiple times for each guard your app uses. An exception will be thrown if you try to authenticate against a non-existing permission+guard combination. Same for roles.
> **Tip**: If your app uses only a single guard, but is not `web` (Laravel's default, which shows "first" in the auth config file) then change the order of your listed guards in your `config/auth.php` to list your primary guard as the default and as the first in the list of defined guards. While you're editing that file, best to remove any guards you don't use, too.
### Using permissions and roles with multiple guards
When creating new permissions and roles, if no guard is specified, then the **first** defined guard in `auth.guards` config array will be used.
```php
// Create a manager role for users authenticating with the admin guard:
$role = Role::create(['guard_name' => 'admin', 'name' => 'manager']);
// Define a `publish articles` permission for the admin users belonging to the admin guard
$permission = Permission::create(['guard_name' => 'admin', 'name' => 'publish articles']);
// Define a *different* `publish articles` permission for the regular users belonging to the web guard
$permission = Permission::create(['guard_name' => 'web', 'name' => 'publish articles']);
```
To check if a user has permission for a specific guard:
```php
$user->hasPermissionTo('publish articles', 'admin');
```
> **Note**: When determining whether a role/permission is valid on a given model, it checks against the first matching guard in this order (it does NOT check role/permission for EACH possibility, just the first match):
- first the guardName() method if it exists on the model;
- then the `$guard_name` property if it exists on the model;
- then the first-defined guard/provider combination in the `auth.guards` config array that matches the logged-in user's guard;
- then the `auth.defaults.guard` config (which is the user's guard if they are logged in, else the default in the file).
### Assigning permissions and roles to guard users
You can use the same core methods to assign permissions and roles to users; just make sure the `guard_name` on the permission or role matches the guard of the user, otherwise a `GuardDoesNotMatch` or `Role/PermissionDoesNotExist` exception will be thrown.
### Using blade directives with multiple guards
You can use all of the blade directives offered by this package by passing in the guard you wish to use as the second argument to the directive:
```php
@role('super-admin', 'admin')
I am a super-admin!
@else
I am not a super-admin...
@endrole
```

169
vendor/spatie/laravel-permission/docs/basic-usage/new-app.md vendored Normal file
View File

@@ -0,0 +1,169 @@
---
title: Example App
weight: 90
---
## Creating A Demo App
If you want to just try out the features of this package you can get started with the following.
The examples on this page are primarily added for assistance in creating a quick demo app for troubleshooting purposes, to post the repo on github for convenient sharing to collaborate or get support.
If you're new to Laravel or to any of the concepts mentioned here, you can learn more in the [Laravel documentation](https://laravel.com/docs/) and in the free videos at Laracasts such as this series: https://laracasts.com/series/laravel-6-from-scratch/
### Initial setup:
```sh
cd ~/Sites
laravel new mypermissionsdemo
cd mypermissionsdemo
git init
git add .
git commit -m "Fresh Laravel Install"
# Environment
cp -n .env.example .env
sed -i '' 's/DB_CONNECTION=mysql/DB_CONNECTION=sqlite/' .env
sed -i '' 's/DB_DATABASE=laravel/#DB_DATABASE=laravel/' .env
touch database/database.sqlite
# Package
composer require spatie/laravel-permission
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
git add .
git commit -m "Add Spatie Laravel Permissions package"
php artisan migrate:fresh
# Add `HasRoles` trait to User model
sed -i '' $'s/use Notifiable;/use Notifiable;\\\n use \\\\Spatie\\\\Permission\\\\Traits\\\\HasRoles;/' app/User.php
git add . && git commit -m "Add HasRoles trait"
# Add Laravel's basic auth scaffolding
composer require laravel/ui --dev
php artisan ui bootstrap --auth
# npm install && npm run prod
git add . && git commit -m "Setup auth scaffold"
```
### Add some basic permissions
- Add a new file, `/database/seeds/PermissionsDemoSeeder.php` such as the following (You could create it with `php artisan make:seed` and then edit the file accordingly):
```php
<?php
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
use Spatie\Permission\PermissionRegistrar;
class PermissionsDemoSeeder extends Seeder
{
/**
* Create the initial roles and permissions.
*
* @return void
*/
public function run()
{
// Reset cached roles and permissions
app()[PermissionRegistrar::class]->forgetCachedPermissions();
// create permissions
Permission::create(['name' => 'edit articles']);
Permission::create(['name' => 'delete articles']);
Permission::create(['name' => 'publish articles']);
Permission::create(['name' => 'unpublish articles']);
// create roles and assign existing permissions
$role1 = Role::create(['name' => 'writer']);
$role1->givePermissionTo('edit articles');
$role1->givePermissionTo('delete articles');
$role2 = Role::create(['name' => 'admin']);
$role2->givePermissionTo('publish articles');
$role2->givePermissionTo('unpublish articles');
$role3 = Role::create(['name' => 'super-admin']);
// gets all permissions via Gate::before rule; see AuthServiceProvider
// create demo users
$user = Factory(App\User::class)->create([
'name' => 'Example User',
'email' => 'test@example.com',
]);
$user->assignRole($role1);
$user = Factory(App\User::class)->create([
'name' => 'Example Admin User',
'email' => 'admin@example.com',
]);
$user->assignRole($role2);
$user = Factory(App\User::class)->create([
'name' => 'Example Super-Admin User',
'email' => 'superadmin@example.com',
]);
$user->assignRole($role3);
}
}
```
- re-migrate and seed the database:
```sh
composer dump-autoload
php artisan migrate:fresh --seed --seeder=PermissionsDemoSeeder
```
### Grant Super-Admin access
Super-Admins are a common feature. Using the following approach allows that when your Super-Admin user is logged in, all permission-checks in your app which call `can()` or `@can()` will return true.
- Add a Gate::before check in your `AuthServiceProvider`:
```diff
public function boot()
{
$this->registerPolicies();
//
+ // Implicitly grant "Super Admin" role all permission checks using can()
+ Gate::before(function ($user, $ability) {
+ if ($user->hasRole('Super-Admin')) {
+ return true;
+ }
+ });
}
```
### Application Code
The permissions created in the seeder above imply that there will be some sort of Posts or Article features, and that various users will have various access control levels to manage/view those objects.
Your app will have Models, Controllers, routes, Views, Factories, Policies, Tests, middleware, and maybe additional Seeders.
You can see examples of these in the demo app at https://github.com/drbyte/spatie-permissions-demo/
## Sharing
To share your app on Github for easy collaboration:
- create a new public repository on Github, without any extras like readme/etc.
- follow github's sample code for linking your local repo and uploading the code. It will look like this:
```sh
git remote add origin git@github.com:YOURUSERNAME/REPONAME.git
git push -u origin master
```
The above only needs to be done once.
- then add the rest of your code by making new commits:
```sh
git add .
git commit -m "Explain what your commit is about here"
git push origin master
```
Repeat the above process whenever you change code that you want to share.
Those are the basics!

140
vendor/spatie/laravel-permission/docs/basic-usage/role-permissions.md vendored Normal file
View File

@@ -0,0 +1,140 @@
---
title: Using permissions via roles
weight: 3
---
A role can be assigned to any user:
```php
$user->assignRole('writer');
// You can also assign multiple roles at once
$user->assignRole('writer', 'admin');
// or as an array
$user->assignRole(['writer', 'admin']);
```
A role can be removed from a user:
```php
$user->removeRole('writer');
```
Roles can also be synced:
```php
// All current roles will be removed from the user and replaced by the array given
$user->syncRoles(['writer', 'admin']);
```
You can determine if a user has a certain role:
```php
$user->hasRole('writer');
// or at least one role from an array of roles:
$user->hasRole(['editor', 'moderator']);
```
You can also determine if a user has any of a given list of roles:
```php
$user->hasAnyRole(['writer', 'reader']);
// or
$user->hasAnyRole('writer', 'reader');
```
You can also determine if a user has all of a given list of roles:
```php
$user->hasAllRoles(Role::all());
```
The `assignRole`, `hasRole`, `hasAnyRole`, `hasAllRoles` and `removeRole` functions can accept a
string, a `\Spatie\Permission\Models\Role` object or an `\Illuminate\Support\Collection` object.
A permission can be given to a role:
```php
$role->givePermissionTo('edit articles');
```
You can determine if a role has a certain permission:
```php
$role->hasPermissionTo('edit articles');
```
A permission can be revoked from a role:
```php
$role->revokePermissionTo('edit articles');
```
The `givePermissionTo` and `revokePermissionTo` functions can accept a
string or a `Spatie\Permission\Models\Permission` object.
Permissions are inherited from roles automatically.
Additionally, individual permissions can be assigned to the user too.
For instance:
```php
$role = Role::findByName('writer');
$role->givePermissionTo('edit articles');
$user->assignRole('writer');
$user->givePermissionTo('delete articles');
```
In the above example, a role is given permission to edit articles and this role is assigned to a user.
Now the user can edit articles and additionally delete articles. The permission of 'delete articles' is the user's direct permission because it is assigned directly to them.
When we call `$user->hasDirectPermission('delete articles')` it returns `true`,
but `false` for `$user->hasDirectPermission('edit articles')`.
This method is useful if one builds a form for setting permissions for roles and users in an application and wants to restrict or change inherited permissions of roles of the user, i.e. allowing to change only direct permissions of the user.
You can check if the user has All or Any of a set of permissions directly assigned:
```php
// Check if the user has All direct permissions
$user->hasAllDirectPermissions(['edit articles', 'delete articles']);
// Check if the user has Any permission directly
$user->hasAnyDirectPermission(['create articles', 'delete articles']);
```
By following the previous example, when we call `$user->hasAllDirectPermissions(['edit articles', 'delete articles'])`
it returns `true`, because the user has all these direct permissions.
When we call
`$user->hasAnyDirectPermission('edit articles')`, it returns `true` because the user has one of the provided permissions.
You can list all of these permissions:
```php
// Direct permissions
$user->getDirectPermissions() // Or $user->permissions;
// Permissions inherited from the user's roles
$user->getPermissionsViaRoles();
// All permissions which apply on the user (inherited and direct)
$user->getAllPermissions();
```
All these responses are collections of `Spatie\Permission\Models\Permission` objects.
If we follow the previous example, the first response will be a collection with the `delete article` permission and
the second will be a collection with the `edit article` permission and the third will contain both.
If we follow the previous example, the first response will be a collection with the `delete article` permission and
the second will be a collection with the `edit article` permission and the third will contain both.
### NOTE about using permission names in policies
When calling `authorize()` for a policy method, if you have a permission named the same as one of those policy methods, your permission "name" will take precedence and not fire the policy. For this reason it may be wise to avoid naming your permissions the same as the methods in your policy. While you can define your own method names, you can read more about the defaults Laravel offers in Laravel's documentation at https://laravel.com/docs/authorization#writing-policies

49
vendor/spatie/laravel-permission/docs/basic-usage/super-admin.md vendored Normal file
View File

@@ -0,0 +1,49 @@
---
title: Defining a Super-Admin
weight: 5
---
We strongly recommend that a Super-Admin be handled by setting a global `Gate::before` or `Gate::after` rule which checks for the desired role.
Then you can implement the best-practice of primarily using permission-based controls (@can and $user->can, etc) throughout your app, without always having to check for "is this a super-admin" everywhere. Best not to use role-checking (ie: `hasRole`) when you have Super Admin features like this.
## `Gate::before`
If you want a "Super Admin" role to respond `true` to all permissions, without needing to assign all those permissions to a role, you can use Laravel's `Gate::before()` method. For example:
```php
use Illuminate\Support\Facades\Gate;
class AuthServiceProvider extends ServiceProvider
{
public function boot()
{
$this->registerPolicies();
// Implicitly grant "Super Admin" role all permissions
// This works in the app by using gate-related functions like auth()->user->can() and @can()
Gate::before(function ($user, $ability) {
return $user->hasRole('Super Admin') ? true : null;
});
}
}
```
NOTE: `Gate::before` rules need to return `null` rather than `false`, else it will interfere with normal policy operation. [See more.](https://laracasts.com/discuss/channels/laravel/policy-gets-never-called#reply=492526)
Jeffrey Way explains the concept of a super-admin (and a model owner, and model policies) in the [Laravel 6 Authorization Filters](https://laracasts.com/series/laravel-6-from-scratch/episodes/51) video and some related lessons in that chapter.
## `Gate::after`
Alternatively you might want to move the Super Admin check to the `Gate::after` phase instead, particularly if your Super Admin shouldn't be allowed to do things your app doesn't want "anyone" to do, such as writing more than 1 review, or bypassing unsubscribe rules, etc.
The following code snippet is inspired from [Freek's blog article](https://murze.be/when-to-use-gateafter-in-laravel) where this topic is discussed further.
```php
// somewhere in a service provider
Gate::after(function ($user, $ability) {
return $user->hasRole('Super Admin'); // note this returns boolean
});
```

68
vendor/spatie/laravel-permission/docs/basic-usage/wildcard-permissions.md vendored Normal file
View File

@@ -0,0 +1,68 @@
---
title: Wildcard permissions
weight: 3
---
Wildcard permissions can be enabled in the permission config file:
```php
// config/permission.php
'enable_wildcard_permission' => true,
```
When enabled, wildcard permissions offers you a flexible representation for a variety of permission schemes. The idea
behind wildcard permissions is inspired by the default permission implementation of
[Apache Shiro](https://shiro.apache.org/permissions.html).
A wildcard permission string is made of one or more parts separated by dots (.).
```php
$permission = 'posts.create.1';
```
The meaning of each part of the string depends on the application layer.
> You can use as many parts as you like. So you are not limited to the three-tiered structure, even though
this is the common use-case, representing {resource}.{action}.{target}.
> NOTE: You must actually create the permissions (eg: `posts.create.1`) before you can assign them, and must also create any wildcard permission patterns (eg: `posts.create.*`) before you can check for them.
### Using Wildcards
Each part can also contain wildcards (*). So let's say we assign the following permission to a user:
```php
Permission::create(['name'=>'posts.*']);
$user->givePermissionTo('posts.*');
// is the same as
Permission::create(['name'=>'posts']);
$user->givePermissionTo('posts');
```
Everyone who is assigned to this permission will be allowed every action on posts. It is not necessary to use a
wildcard on the last part of the string. This is automatically assumed.
```php
// will be true
$user->can('posts.create');
$user->can('posts.edit');
$user->can('posts.delete');
```
### Subparts
Besides the use of parts and wildcards, subparts can also be used. Subparts are divided with commas (,). This is a
powerful feature that lets you create complex permission schemes.
```php
// user can only do the actions create, update and view on both resources posts and users
$user->givePermissionTo('posts,users.create,update,view');
// user can do the actions create, update, view on any available resource
$user->givePermissionTo('*.create,update,view');
// user can do any action on posts with ids 1, 4 and 6
$user->givePermissionTo('posts.*.1,4,6');
```
> As said before, the meaning of each part is determined by the application layer! So, you are free to use each part as you like. And you can use as many parts and subparts as you want.

4
vendor/spatie/laravel-permission/docs/best-practices/_index.md vendored Normal file
View File

@@ -0,0 +1,4 @@
---
title: Best Practices
weight: 2
---

23
vendor/spatie/laravel-permission/docs/best-practices/performance.md vendored Normal file
View File

@@ -0,0 +1,23 @@
---
title: Performance Tips
weight: 10
---
Often we think in terms of "roles have permissions" so we lookup a Role, and call `$role->givePermissionTo()`
to indicate what users with that role are allowed to do. This is perfectly fine!
And yet, in some situations, particularly if your app is deleting and adding new permissions frequently,
you may find that things are more performant if you lookup the permission and assign it to the role, like:
`$permission->assignRole($role)`.
The end result is the same, but sometimes it runs quite a lot faster.
Also, because of the way this package enforces some protections for you, on large databases you may find
that instead of creating permissions with `Permission::create([attributes])` it might be faster to
`$permission = Permission::make([attributes]); $permission->saveOrFail();`
On small apps, most of the above will be moot, and unnecessary.
As always, if you choose to bypass the provided object methods for adding/removing/syncing roles and permissions
by manipulating Role and Permission objects directly in the database,
you will need to manually reset the cache with the PermissionRegistrar's method for that,
as described in the Cache section of the docs.

11
vendor/spatie/laravel-permission/docs/best-practices/roles-vs-permissions.md vendored Normal file
View File

@@ -0,0 +1,11 @@
---
title: Roles vs Permissions
weight: 1
---
It is generally best to code your app around `permissions` only. That way you can always use the native Laravel `@can` and `can()` directives everywhere in your app.
Roles can still be used to group permissions for easy assignment, and you can still use the role-based helper methods if truly necessary. But most app-related logic can usually be best controlled using the `can` methods, which allows Laravel's Gate layer to do all the heavy lifting.
eg: `users` have `roles`, and `roles` have `permissions`, and your app always checks for `permissions`, not `roles`.

12
vendor/spatie/laravel-permission/docs/best-practices/using-policies.md vendored Normal file
View File

@@ -0,0 +1,12 @@
---
title: Model Policies
weight: 2
---
The best way to incorporate access control for application features is with [Laravel's Model Policies](https://laravel.com/docs/authorization#creating-policies).
Using Policies allows you to simplify things by abstracting your "control" rules into one place, where your application logic can be combined with your permission rules.
Jeffrey Way explains the concept simply in the [Laravel 6 Authorization Filters](https://laracasts.com/series/laravel-6-from-scratch/episodes/51) and [policies](https://laracasts.com/series/laravel-6-from-scratch/episodes/63) videos and in other related lessons in that chapter. He also mentions how to set up a super-admin, both in a model policy and globally in your application.
You can find an example of implementing a model policy with this Laravel Permissions package in this demo app: https://github.com/drbyte/spatie-permissions-demo/blob/master/app/Policies/PostPolicy.php

6
vendor/spatie/laravel-permission/docs/changelog.md vendored Normal file
View File

@@ -0,0 +1,6 @@
---
title: Changelog
weight: 10
---
All notable changes to laravel-permission are documented [on GitHub](https://github.com/spatie/laravel-permission/blob/master/CHANGELOG.md)

BIN
vendor/spatie/laravel-permission/docs/images/header.jpg vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 383 KiB

44
vendor/spatie/laravel-permission/docs/installation-laravel.md vendored Normal file
View File

@@ -0,0 +1,44 @@
---
title: Installation in Laravel
weight: 4
---
This package can be used with Laravel 5.8 or higher.
1. Consult the Prerequisites page for important considerations regarding your User models!
2. This package publishes a `config/permission.php` file. If you already have a file by that name, you must rename or remove it.
3. You can install the package via composer:
composer require spatie/laravel-permission
4. Optional: The service provider will automatically get registered. Or you may manually add the service provider in your `config/app.php` file:
```
'providers' => [
// ...
Spatie\Permission\PermissionServiceProvider::class,
];
```
5. You should publish [the migration](https://github.com/spatie/laravel-permission/blob/master/database/migrations/create_permission_tables.php.stub) and the [`config/permission.php` config file](https://github.com/spatie/laravel-permission/blob/master/config/permission.php) with:
```
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
```
6. NOTE: If you are using UUIDs, see the Advanced section of the docs on UUID steps, before you continue. It explains some changes you may want to make to the migrations and config file before continuing. It also mentions important considerations after extending this package's models for UUID capability.
7. Run the migrations: After the config and migration have been published and configured, you can create the tables for this package by running:
php artisan migrate
8. Add the necessary trait to your User model: Consult the Basic Usage section of the docs for how to get started using the features of this package.
### Default config file contents
You can view the default config file contents at:
https://github.com/spatie/laravel-permission/blob/master/config/permission.php

71
vendor/spatie/laravel-permission/docs/installation-lumen.md vendored Normal file
View File

@@ -0,0 +1,71 @@
---
title: Installation in Lumen
weight: 5
---
NOTE: Lumen is not officially supported by this package. However, the following are some steps which may help get you started.
First, install the package via Composer:
``` bash
composer require spatie/laravel-permission
```
Copy the required files:
```bash
mkdir -p config
cp vendor/spatie/laravel-permission/config/permission.php config/permission.php
cp vendor/spatie/laravel-permission/database/migrations/create_permission_tables.php.stub database/migrations/2018_01_01_000000_create_permission_tables.php
```
You will also need the `config/auth.php` file. If you don't already have it, copy it from the vendor folder:
```bash
cp vendor/laravel/lumen-framework/config/auth.php config/auth.php
```
Then, in `bootstrap/app.php`, uncomment the `auth` middleware, and register this package's middleware:
```php
$app->routeMiddleware([
'auth' => App\Http\Middleware\Authenticate::class,
'permission' => Spatie\Permission\Middlewares\PermissionMiddleware::class,
'role' => Spatie\Permission\Middlewares\RoleMiddleware::class,
]);
```
... and in the same file, in the ServiceProviders section, register the package configuration, service provider, and cache alias:
```php
$app->configure('permission');
$app->alias('cache', \Illuminate\Cache\CacheManager::class); // if you don't have this already
$app->register(Spatie\Permission\PermissionServiceProvider::class);
```
... and in the same file, since the Authorization layer uses guards you will need to uncomment the AuthServiceProvider line:
```php
$app->register(App\Providers\AuthServiceProvider::class);
```
Ensure your database configuration is set in your `.env` (or `config/database.php` if you have one).
Run the migrations to create the tables for this package:
```bash
php artisan migrate
```
---
### User Model
NOTE: Remember that Laravel's authorization layer requires that your `User` model implement the `Illuminate\Contracts\Auth\Access\Authorizable` contract. In Lumen you will then also need to use the `Laravel\Lumen\Auth\Authorizable` trait.
---
### User Table
NOTE: If you are working with a fresh install of Lumen, then you probably also need a migration file for your Users table. You can create your own, or you can copy a basic one from Laravel:
https://github.com/laravel/laravel/blob/master/database/migrations/2014_10_12_000000_create_users_table.php
(You will need to run `php artisan migrate` after adding this file.)
Remember to update your ModelFactory.php to match the fields in the migration you create/copy.

34
vendor/spatie/laravel-permission/docs/introduction.md vendored Normal file
View File

@@ -0,0 +1,34 @@
---
title: Introduction
weight: 1
---
This package allows you to manage user permissions and roles in a database.
Once installed you can do stuff like this:
```php
// Adding permissions to a user
$user->givePermissionTo('edit articles');
// Adding permissions via a role
$user->assignRole('writer');
$role->givePermissionTo('edit articles');
```
If you're using multiple guards we've got you covered as well. Every guard will have its own set of permissions and roles that can be assigned to the guard's users. Read about it in the [using multiple guards](https://docs.spatie.be/laravel-permission/v3/basic-usage/multiple-guards/) section of the readme.
Because all permissions will be registered on [Laravel's gate](https://laravel.com/docs/authorization), you can check if a user has a permission with Laravel's default `can` function:
```php
$user->can('edit articles');
```
and Blade directives:
```blade
@can('edit articles')
...
@endcan
```

33
vendor/spatie/laravel-permission/docs/prerequisites.md vendored Normal file
View File

@@ -0,0 +1,33 @@
---
title: Prerequisites
weight: 3
---
This package can be used in Laravel 5.8 or higher.
This package uses Laravel's Gate layer to provide Authorization capabilities.
The Gate/authorization layer requires that your `User` model implement the `Illuminate\Contracts\Auth\Access\Authorizable` contract.
Otherwise the `can()` and `authorize()` methods will not work in your controllers, policies, templates, etc.
In the `Installation` instructions you'll see that the `HasRoles` trait must be added to the User model to enable this package's features.
Thus, a typical basic User model would have these basic minimum requirements:
```php
use Illuminate\Foundation\Auth\User as Authenticatable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles;
// ...
}
```
Additionally, your `User` model/object MUST NOT have a `role` or `roles` property (or field in the database), nor a `roles()` method on it. Those will interfere with the properties and methods added by the `HasRoles` trait provided by this package, thus causing unexpected outcomes when this package's methods are used to inspect roles and permissions.
Similarly, your `User` model/object MUST NOT have a `permission` or `permissions` property (or field in the database), nor a `permissions()` method on it. Those will interfere with the properties and methods added by the `HasPermissions` trait provided by this package (which is invoked via the `HasRoles` trait).
This package publishes a `config/permission.php` file. If you already have a file by that name, you must rename or remove it, as it will conflict with this package. You could optionally merge your own values with those required by this package, as long as the keys that this package expects are present. See the source file for more details.

8
vendor/spatie/laravel-permission/docs/questions-issues.md vendored Normal file
View File

@@ -0,0 +1,8 @@
---
title: Questions and issues
weight: 9
---
Find yourself stuck using the package? Found a bug? Do you have general questions or suggestions for improving the package? Feel free to [create an issue on GitHub](https://github.com/spatie/laravel-permission/issues), we'll try to address it as soon as possible.
If you've found a bug regarding security please mail [freek@spatie.be](mailto:freek@spatie.be) instead of using the issue tracker.

BIN
vendor/spatie/laravel-permission/docs/sponsor-logo.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.9 KiB

8
vendor/spatie/laravel-permission/docs/support-us.md vendored Normal file
View File

@@ -0,0 +1,8 @@
---
title: Support us
weight: 2
---
We invest a lot of resources into creating [best in class open source packages](https://spatie.be/open-source). You can support us by [buying one of our paid products](https://spatie.be/open-source/support-us).
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on [our contact page](https://spatie.be/about-us). We publish all received postcards on [our virtual postcard wall](https://spatie.be/open-source/postcards).

15
vendor/spatie/laravel-permission/docs/upgrading.md vendored Normal file
View File

@@ -0,0 +1,15 @@
---
title: Upgrading
weight: 6
---
### Upgrading from v2 to v3
There are no special requirements for upgrading from v2 to v3, other than changing `^2.xx` (xx can vary) to `^3.0` in your `composer.json` and running `composer update`. Of course, your app must meet the minimum requirements as well.
### Upgrading from v1 to v2
If you're upgrading from v1 to v2, there's no built-in automatic migration/conversion of your data.
You will need to carefully adapt your code and your data manually.
Tip: @fabricecw prepared [a gist which may make your data migration easier](https://gist.github.com/fabricecw/58ee93dd4f99e78724d8acbb851658a4).
You will also need to remove your old `laravel-permission.php` config file and publish the new one `permission.php`, and edit accordingly (setting up your custom settings again in the new file, where relevant).

22
vendor/spatie/laravel-permission/src/Commands/CacheReset.php vendored Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace Spatie\Permission\Commands;
use Illuminate\Console\Command;
use Spatie\Permission\PermissionRegistrar;
class CacheReset extends Command
{
protected $signature = 'permission:cache-reset';
protected $description = 'Reset the permission cache';
public function handle()
{
if (app(PermissionRegistrar::class)->forgetCachedPermissions()) {
$this->info('Permission cache flushed.');
} else {
$this->error('Unable to flush cache.');
}
}
}

24
vendor/spatie/laravel-permission/src/Commands/CreatePermission.php vendored Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace Spatie\Permission\Commands;
use Illuminate\Console\Command;
use Spatie\Permission\Contracts\Permission as PermissionContract;
class CreatePermission extends Command
{
protected $signature = 'permission:create-permission
{name : The name of the permission}
{guard? : The name of the guard}';
protected $description = 'Create a permission';
public function handle()
{
$permissionClass = app(PermissionContract::class);
$permission = $permissionClass::findOrCreate($this->argument('name'), $this->argument('guard'));
$this->info("Permission `{$permission->name}` created");
}
}

50
vendor/spatie/laravel-permission/src/Commands/CreateRole.php vendored Normal file
View File

@@ -0,0 +1,50 @@
<?php
namespace Spatie\Permission\Commands;
use Illuminate\Console\Command;
use Spatie\Permission\Contracts\Role as RoleContract;
use Spatie\Permission\Contracts\Permission as PermissionContract;
class CreateRole extends Command
{
protected $signature = 'permission:create-role
{name : The name of the role}
{guard? : The name of the guard}
{permissions? : A list of permissions to assign to the role, separated by | }';
protected $description = 'Create a role';
public function handle()
{
$roleClass = app(RoleContract::class);
$role = $roleClass::findOrCreate($this->argument('name'), $this->argument('guard'));
$role->givePermissionTo($this->makePermissions($this->argument('permissions')));
$this->info("Role `{$role->name}` created");
}
/**
* @param array|null|string $string
*/
protected function makePermissions($string = null)
{
if (empty($string)) {
return;
}
$permissionClass = app(PermissionContract::class);
$permissions = explode('|', $string);
$models = [];
foreach ($permissions as $permission) {
$models[] = $permissionClass::findOrCreate(trim($permission), $this->argument('guard'));
}
return collect($models);
}
}

54
vendor/spatie/laravel-permission/src/Commands/Show.php vendored Normal file
View File

@@ -0,0 +1,54 @@
<?php
namespace Spatie\Permission\Commands;
use Illuminate\Console\Command;
use Illuminate\Support\Collection;
use Spatie\Permission\Contracts\Role as RoleContract;
use Spatie\Permission\Contracts\Permission as PermissionContract;
class Show extends Command
{
protected $signature = 'permission:show
{guard? : The name of the guard}
{style? : The display style (default|borderless|compact|box)}';
protected $description = 'Show a table of roles and permissions per guard';
public function handle()
{
$permissionClass = app(PermissionContract::class);
$roleClass = app(RoleContract::class);
$style = $this->argument('style') ?? 'default';
$guard = $this->argument('guard');
if ($guard) {
$guards = Collection::make([$guard]);
} else {
$guards = $permissionClass::pluck('guard_name')->merge($roleClass::pluck('guard_name'))->unique();
}
foreach ($guards as $guard) {
$this->info("Guard: $guard");
$roles = $roleClass::whereGuardName($guard)->orderBy('name')->get()->mapWithKeys(function ($role) {
return [$role->name => $role->permissions->pluck('name')];
});
$permissions = $permissionClass::whereGuardName($guard)->orderBy('name')->pluck('name');
$body = $permissions->map(function ($permission) use ($roles) {
return $roles->map(function (Collection $role_permissions) use ($permission) {
return $role_permissions->contains($permission) ? ' ✔' : ' ·';
})->prepend($permission);
});
$this->table(
$roles->keys()->prepend('')->toArray(),
$body->toArray(),
$style
);
}
}
}

49
vendor/spatie/laravel-permission/src/Contracts/Permission.php vendored Normal file
View File

@@ -0,0 +1,49 @@
<?php
namespace Spatie\Permission\Contracts;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
interface Permission
{
/**
* A permission can be applied to roles.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
*/
public function roles(): BelongsToMany;
/**
* Find a permission by its name.
*
* @param string $name
* @param string|null $guardName
*
* @throws \Spatie\Permission\Exceptions\PermissionDoesNotExist
*
* @return Permission
*/
public static function findByName(string $name, $guardName): self;
/**
* Find a permission by its id.
*
* @param int $id
* @param string|null $guardName
*
* @throws \Spatie\Permission\Exceptions\PermissionDoesNotExist
*
* @return Permission
*/
public static function findById(int $id, $guardName): self;
/**
* Find or Create a permission by its name and guard name.
*
* @param string $name
* @param string|null $guardName
*
* @return Permission
*/
public static function findOrCreate(string $name, $guardName): self;
}

58
vendor/spatie/laravel-permission/src/Contracts/Role.php vendored Normal file
View File

@@ -0,0 +1,58 @@
<?php
namespace Spatie\Permission\Contracts;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
interface Role
{
/**
* A role may be given various permissions.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
*/
public function permissions(): BelongsToMany;
/**
* Find a role by its name and guard name.
*
* @param string $name
* @param string|null $guardName
*
* @return \Spatie\Permission\Contracts\Role
*
* @throws \Spatie\Permission\Exceptions\RoleDoesNotExist
*/
public static function findByName(string $name, $guardName): self;
/**
* Find a role by its id and guard name.
*
* @param int $id
* @param string|null $guardName
*
* @return \Spatie\Permission\Contracts\Role
*
* @throws \Spatie\Permission\Exceptions\RoleDoesNotExist
*/
public static function findById(int $id, $guardName): self;
/**
* Find or create a role by its name and guard name.
*
* @param string $name
* @param string|null $guardName
*
* @return \Spatie\Permission\Contracts\Role
*/
public static function findOrCreate(string $name, $guardName): self;
/**
* Determine if the user may perform the given permission.
*
* @param string|\Spatie\Permission\Contracts\Permission $permission
*
* @return bool
*/
public function hasPermissionTo($permission): bool;
}

14
vendor/spatie/laravel-permission/src/Exceptions/GuardDoesNotMatch.php vendored Normal file
View File

@@ -0,0 +1,14 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
use Illuminate\Support\Collection;
class GuardDoesNotMatch extends InvalidArgumentException
{
public static function create(string $givenGuard, Collection $expectedGuards)
{
return new static("The given role or permission should use guard `{$expectedGuards->implode(', ')}` instead of `{$givenGuard}`.");
}
}

13
vendor/spatie/laravel-permission/src/Exceptions/PermissionAlreadyExists.php vendored Normal file
View File

@@ -0,0 +1,13 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
class PermissionAlreadyExists extends InvalidArgumentException
{
public static function create(string $permissionName, string $guardName)
{
return new static("A `{$permissionName}` permission already exists for guard `{$guardName}`.");
}
}

18
vendor/spatie/laravel-permission/src/Exceptions/PermissionDoesNotExist.php vendored Normal file
View File

@@ -0,0 +1,18 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
class PermissionDoesNotExist extends InvalidArgumentException
{
public static function create(string $permissionName, string $guardName = '')
{
return new static("There is no permission named `{$permissionName}` for guard `{$guardName}`.");
}
public static function withId(int $permissionId, string $guardName = '')
{
return new static("There is no [permission] with id `{$permissionId}` for guard `{$guardName}`.");
}
}

13
vendor/spatie/laravel-permission/src/Exceptions/RoleAlreadyExists.php vendored Normal file
View File

@@ -0,0 +1,13 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
class RoleAlreadyExists extends InvalidArgumentException
{
public static function create(string $roleName, string $guardName)
{
return new static("A role `{$roleName}` already exists for guard `{$guardName}`.");
}
}

18
vendor/spatie/laravel-permission/src/Exceptions/RoleDoesNotExist.php vendored Normal file
View File

@@ -0,0 +1,18 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
class RoleDoesNotExist extends InvalidArgumentException
{
public static function named(string $roleName)
{
return new static("There is no role named `{$roleName}`.");
}
public static function withId(int $roleId)
{
return new static("There is no role with id `{$roleId}`.");
}
}

72
vendor/spatie/laravel-permission/src/Exceptions/UnauthorizedException.php vendored Normal file
View File

@@ -0,0 +1,72 @@
<?php
namespace Spatie\Permission\Exceptions;
use Symfony\Component\HttpKernel\Exception\HttpException;
class UnauthorizedException extends HttpException
{
private $requiredRoles = [];
private $requiredPermissions = [];
public static function forRoles(array $roles): self
{
$message = 'User does not have the right roles.';
if (config('permission.display_permission_in_exception')) {
$permStr = implode(', ', $roles);
$message = 'User does not have the right roles. Necessary roles are '.$permStr;
}
$exception = new static(403, $message, null, []);
$exception->requiredRoles = $roles;
return $exception;
}
public static function forPermissions(array $permissions): self
{
$message = 'User does not have the right permissions.';
if (config('permission.display_permission_in_exception')) {
$permStr = implode(', ', $permissions);
$message = 'User does not have the right permissions. Necessary permissions are '.$permStr;
}
$exception = new static(403, $message, null, []);
$exception->requiredPermissions = $permissions;
return $exception;
}
public static function forRolesOrPermissions(array $rolesOrPermissions): self
{
$message = 'User does not have any of the necessary access rights.';
if (config('permission.display_permission_in_exception') && config('permission.display_role_in_exception')) {
$permStr = implode(', ', $rolesOrPermissions);
$message = 'User does not have the right permissions. Necessary permissions are '.$permStr;
}
$exception = new static(403, $message, null, []);
$exception->requiredPermissions = $rolesOrPermissions;
return $exception;
}
public static function notLoggedIn(): self
{
return new static(403, 'User is not logged in.', null, []);
}
public function getRequiredRoles(): array
{
return $this->requiredRoles;
}
public function getRequiredPermissions(): array
{
return $this->requiredPermissions;
}
}

13
vendor/spatie/laravel-permission/src/Exceptions/WildcardPermissionInvalidArgument.php vendored Normal file
View File

@@ -0,0 +1,13 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
class WildcardPermissionInvalidArgument extends InvalidArgumentException
{
public static function create()
{
return new static('Wildcard permission must be string, permission id or permission instance');
}
}

13
vendor/spatie/laravel-permission/src/Exceptions/WildcardPermissionNotProperlyFormatted.php vendored Normal file
View File

@@ -0,0 +1,13 @@
<?php
namespace Spatie\Permission\Exceptions;
use InvalidArgumentException;
class WildcardPermissionNotProperlyFormatted extends InvalidArgumentException
{
public static function create(string $permission)
{
return new static("Wildcard permission `{$permission}` is not properly formatted.");
}
}

55
vendor/spatie/laravel-permission/src/Guard.php vendored Normal file
View File

@@ -0,0 +1,55 @@
<?php
namespace Spatie\Permission;
use Illuminate\Support\Collection;
class Guard
{
/**
* return collection of (guard_name) property if exist on class or object
* otherwise will return collection of guards names that exists in config/auth.php.
* @param $model
* @return Collection
*/
public static function getNames($model): Collection
{
if (is_object($model)) {
if (\method_exists($model, 'guardName')) {
$guardName = $model->guardName();
} else {
$guardName = $model->guard_name ?? null;
}
}
if (! isset($guardName)) {
$class = is_object($model) ? get_class($model) : $model;
$guardName = (new \ReflectionClass($class))->getDefaultProperties()['guard_name'] ?? null;
}
if ($guardName) {
return collect($guardName);
}
return collect(config('auth.guards'))
->map(function ($guard) {
if (! isset($guard['provider'])) {
return;
}
return config("auth.providers.{$guard['provider']}.model");
})
->filter(function ($model) use ($class) {
return $class === $model;
})
->keys();
}
public static function getDefaultName($class): string
{
$default = config('auth.defaults.guard');
return static::getNames($class)->first() ?: $default;
}
}

28
vendor/spatie/laravel-permission/src/Middlewares/PermissionMiddleware.php vendored Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace Spatie\Permission\Middlewares;
use Closure;
use Spatie\Permission\Exceptions\UnauthorizedException;
class PermissionMiddleware
{
public function handle($request, Closure $next, $permission)
{
if (app('auth')->guest()) {
throw UnauthorizedException::notLoggedIn();
}
$permissions = is_array($permission)
? $permission
: explode('|', $permission);
foreach ($permissions as $permission) {
if (app('auth')->user()->can($permission)) {
return $next($request);
}
}
throw UnauthorizedException::forPermissions($permissions);
}
}

27
vendor/spatie/laravel-permission/src/Middlewares/RoleMiddleware.php vendored Normal file
View File

@@ -0,0 +1,27 @@
<?php
namespace Spatie\Permission\Middlewares;
use Closure;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Exceptions\UnauthorizedException;
class RoleMiddleware
{
public function handle($request, Closure $next, $role)
{
if (Auth::guest()) {
throw UnauthorizedException::notLoggedIn();
}
$roles = is_array($role)
? $role
: explode('|', $role);
if (! Auth::user()->hasAnyRole($roles)) {
throw UnauthorizedException::forRoles($roles);
}
return $next($request);
}
}

27
vendor/spatie/laravel-permission/src/Middlewares/RoleOrPermissionMiddleware.php vendored Normal file
View File

@@ -0,0 +1,27 @@
<?php
namespace Spatie\Permission\Middlewares;
use Closure;
use Illuminate\Support\Facades\Auth;
use Spatie\Permission\Exceptions\UnauthorizedException;
class RoleOrPermissionMiddleware
{
public function handle($request, Closure $next, $roleOrPermission)
{
if (Auth::guest()) {
throw UnauthorizedException::notLoggedIn();
}
$rolesOrPermissions = is_array($roleOrPermission)
? $roleOrPermission
: explode('|', $roleOrPermission);
if (! Auth::user()->hasAnyRole($rolesOrPermissions) && ! Auth::user()->hasAnyPermission($rolesOrPermissions)) {
throw UnauthorizedException::forRolesOrPermissions($rolesOrPermissions);
}
return $next($request);
}
}

145
vendor/spatie/laravel-permission/src/Models/Permission.php vendored Normal file
View File

@@ -0,0 +1,145 @@
<?php
namespace Spatie\Permission\Models;
use Spatie\Permission\Guard;
use Illuminate\Support\Collection;
use Spatie\Permission\Traits\HasRoles;
use Illuminate\Database\Eloquent\Model;
use Spatie\Permission\PermissionRegistrar;
use Spatie\Permission\Traits\RefreshesPermissionCache;
use Illuminate\Database\Eloquent\Relations\MorphToMany;
use Spatie\Permission\Exceptions\PermissionDoesNotExist;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Spatie\Permission\Exceptions\PermissionAlreadyExists;
use Spatie\Permission\Contracts\Permission as PermissionContract;
class Permission extends Model implements PermissionContract
{
use HasRoles;
use RefreshesPermissionCache;
protected $guarded = ['id'];
public function __construct(array $attributes = [])
{
$attributes['guard_name'] = $attributes['guard_name'] ?? config('auth.defaults.guard');
parent::__construct($attributes);
$this->setTable(config('permission.table_names.permissions'));
}
public static function create(array $attributes = [])
{
$attributes['guard_name'] = $attributes['guard_name'] ?? Guard::getDefaultName(static::class);
$permission = static::getPermissions(['name' => $attributes['name'], 'guard_name' => $attributes['guard_name']])->first();
if ($permission) {
throw PermissionAlreadyExists::create($attributes['name'], $attributes['guard_name']);
}
return static::query()->create($attributes);
}
/**
* A permission can be applied to roles.
*/
public function roles(): BelongsToMany
{
return $this->belongsToMany(
config('permission.models.role'),
config('permission.table_names.role_has_permissions'),
'permission_id',
'role_id'
);
}
/**
* A permission belongs to some users of the model associated with its guard.
*/
public function users(): MorphToMany
{
return $this->morphedByMany(
getModelForGuard($this->attributes['guard_name']),
'model',
config('permission.table_names.model_has_permissions'),
'permission_id',
config('permission.column_names.model_morph_key')
);
}
/**
* Find a permission by its name (and optionally guardName).
*
* @param string $name
* @param string|null $guardName
*
* @throws \Spatie\Permission\Exceptions\PermissionDoesNotExist
*
* @return \Spatie\Permission\Contracts\Permission
*/
public static function findByName(string $name, $guardName = null): PermissionContract
{
$guardName = $guardName ?? Guard::getDefaultName(static::class);
$permission = static::getPermissions(['name' => $name, 'guard_name' => $guardName])->first();
if (! $permission) {
throw PermissionDoesNotExist::create($name, $guardName);
}
return $permission;
}
/**
* Find a permission by its id (and optionally guardName).
*
* @param int $id
* @param string|null $guardName
*
* @throws \Spatie\Permission\Exceptions\PermissionDoesNotExist
*
* @return \Spatie\Permission\Contracts\Permission
*/
public static function findById(int $id, $guardName = null): PermissionContract
{
$guardName = $guardName ?? Guard::getDefaultName(static::class);
$permission = static::getPermissions(['id' => $id, 'guard_name' => $guardName])->first();
if (! $permission) {
throw PermissionDoesNotExist::withId($id, $guardName);
}
return $permission;
}
/**
* Find or create permission by its name (and optionally guardName).
*
* @param string $name
* @param string|null $guardName
*
* @return \Spatie\Permission\Contracts\Permission
*/
public static function findOrCreate(string $name, $guardName = null): PermissionContract
{
$guardName = $guardName ?? Guard::getDefaultName(static::class);
$permission = static::getPermissions(['name' => $name, 'guard_name' => $guardName])->first();
if (! $permission) {
return static::query()->create(['name' => $name, 'guard_name' => $guardName]);
}
return $permission;
}
/**
* Get the current cached permissions.
*/
protected static function getPermissions(array $params = []): Collection
{
return app(PermissionRegistrar::class)
->setPermissionClass(static::class)
->getPermissions($params);
}
}

158
vendor/spatie/laravel-permission/src/Models/Role.php vendored Normal file
View File

@@ -0,0 +1,158 @@
<?php
namespace Spatie\Permission\Models;
use Spatie\Permission\Guard;
use Illuminate\Database\Eloquent\Model;
use Spatie\Permission\Traits\HasPermissions;
use Spatie\Permission\Exceptions\RoleDoesNotExist;
use Spatie\Permission\Exceptions\GuardDoesNotMatch;
use Spatie\Permission\Exceptions\RoleAlreadyExists;
use Spatie\Permission\Contracts\Role as RoleContract;
use Spatie\Permission\Traits\RefreshesPermissionCache;
use Illuminate\Database\Eloquent\Relations\MorphToMany;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
class Role extends Model implements RoleContract
{
use HasPermissions;
use RefreshesPermissionCache;
protected $guarded = ['id'];
public function __construct(array $attributes = [])
{
$attributes['guard_name'] = $attributes['guard_name'] ?? config('auth.defaults.guard');
parent::__construct($attributes);
$this->setTable(config('permission.table_names.roles'));
}
public static function create(array $attributes = [])
{
$attributes['guard_name'] = $attributes['guard_name'] ?? Guard::getDefaultName(static::class);
if (static::where('name', $attributes['name'])->where('guard_name', $attributes['guard_name'])->first()) {
throw RoleAlreadyExists::create($attributes['name'], $attributes['guard_name']);
}
return static::query()->create($attributes);
}
/**
* A role may be given various permissions.
*/
public function permissions(): BelongsToMany
{
return $this->belongsToMany(
config('permission.models.permission'),
config('permission.table_names.role_has_permissions'),
'role_id',
'permission_id'
);
}
/**
* A role belongs to some users of the model associated with its guard.
*/
public function users(): MorphToMany
{
return $this->morphedByMany(
getModelForGuard($this->attributes['guard_name']),
'model',
config('permission.table_names.model_has_roles'),
'role_id',
config('permission.column_names.model_morph_key')
);
}
/**
* Find a role by its name and guard name.
*
* @param string $name
* @param string|null $guardName
*
* @return \Spatie\Permission\Contracts\Role|\Spatie\Permission\Models\Role
*
* @throws \Spatie\Permission\Exceptions\RoleDoesNotExist
*/
public static function findByName(string $name, $guardName = null): RoleContract
{
$guardName = $guardName ?? Guard::getDefaultName(static::class);
$role = static::where('name', $name)->where('guard_name', $guardName)->first();
if (! $role) {
throw RoleDoesNotExist::named($name);
}
return $role;
}
public static function findById(int $id, $guardName = null): RoleContract
{
$guardName = $guardName ?? Guard::getDefaultName(static::class);
$role = static::where('id', $id)->where('guard_name', $guardName)->first();
if (! $role) {
throw RoleDoesNotExist::withId($id);
}
return $role;
}
/**
* Find or create role by its name (and optionally guardName).
*
* @param string $name
* @param string|null $guardName
*
* @return \Spatie\Permission\Contracts\Role
*/
public static function findOrCreate(string $name, $guardName = null): RoleContract
{
$guardName = $guardName ?? Guard::getDefaultName(static::class);
$role = static::where('name', $name)->where('guard_name', $guardName)->first();
if (! $role) {
return static::query()->create(['name' => $name, 'guard_name' => $guardName]);
}
return $role;
}
/**
* Determine if the user may perform the given permission.
*
* @param string|Permission $permission
*
* @return bool
*
* @throws \Spatie\Permission\Exceptions\GuardDoesNotMatch
*/
public function hasPermissionTo($permission): bool
{
if (config('permission.enable_wildcard_permission', false)) {
return $this->hasWildcardPermission($permission, $this->getDefaultGuardName());
}
$permissionClass = $this->getPermissionClass();
if (is_string($permission)) {
$permission = $permissionClass->findByName($permission, $this->getDefaultGuardName());
}
if (is_int($permission)) {
$permission = $permissionClass->findById($permission, $this->getDefaultGuardName());
}
if (! $this->getGuardNames()->contains($permission->guard_name)) {
throw GuardDoesNotMatch::create($permission->guard_name, $this->getGuardNames());
}
return $this->permissions->contains('id', $permission->id);
}
}

179
vendor/spatie/laravel-permission/src/PermissionRegistrar.php vendored Normal file
View File

@@ -0,0 +1,179 @@
<?php
namespace Spatie\Permission;
use Illuminate\Cache\CacheManager;
use Illuminate\Support\Collection;
use Spatie\Permission\Contracts\Role;
use Illuminate\Contracts\Auth\Access\Gate;
use Spatie\Permission\Contracts\Permission;
use Illuminate\Contracts\Auth\Access\Authorizable;
class PermissionRegistrar
{
/** @var \Illuminate\Contracts\Cache\Repository */
protected $cache;
/** @var \Illuminate\Cache\CacheManager */
protected $cacheManager;
/** @var string */
protected $permissionClass;
/** @var string */
protected $roleClass;
/** @var \Illuminate\Support\Collection */
protected $permissions;
/** @var \DateInterval|int */
public static $cacheExpirationTime;
/** @var string */
public static $cacheKey;
/** @var string */
public static $cacheModelKey;
/**
* PermissionRegistrar constructor.
*
* @param \Illuminate\Cache\CacheManager $cacheManager
*/
public function __construct(CacheManager $cacheManager)
{
$this->permissionClass = config('permission.models.permission');
$this->roleClass = config('permission.models.role');
$this->cacheManager = $cacheManager;
$this->initializeCache();
}
protected function initializeCache()
{
self::$cacheExpirationTime = config('permission.cache.expiration_time', config('permission.cache_expiration_time'));
self::$cacheKey = config('permission.cache.key');
self::$cacheModelKey = config('permission.cache.model_key');
$this->cache = $this->getCacheStoreFromConfig();
}
protected function getCacheStoreFromConfig(): \Illuminate\Contracts\Cache\Repository
{
// the 'default' fallback here is from the permission.php config file, where 'default' means to use config(cache.default)
$cacheDriver = config('permission.cache.store', 'default');
// when 'default' is specified, no action is required since we already have the default instance
if ($cacheDriver === 'default') {
return $this->cacheManager->store();
}
// if an undefined cache store is specified, fallback to 'array' which is Laravel's closest equiv to 'none'
if (! \array_key_exists($cacheDriver, config('cache.stores'))) {
$cacheDriver = 'array';
}
return $this->cacheManager->store($cacheDriver);
}
/**
* Register the permission check method on the gate.
* We resolve the Gate fresh here, for benefit of long-running instances.
*
* @return bool
*/
public function registerPermissions(): bool
{
app(Gate::class)->before(function (Authorizable $user, string $ability) {
if (method_exists($user, 'checkPermissionTo')) {
return $user->checkPermissionTo($ability) ?: null;
}
});
return true;
}
/**
* Flush the cache.
*/
public function forgetCachedPermissions()
{
$this->permissions = null;
return $this->cache->forget(self::$cacheKey);
}
/**
* Clear class permissions.
* This is only intended to be called by the PermissionServiceProvider on boot,
* so that long-running instances like Swoole don't keep old data in memory.
*/
public function clearClassPermissions()
{
$this->permissions = null;
}
/**
* Get the permissions based on the passed params.
*
* @param array $params
*
* @return \Illuminate\Support\Collection
*/
public function getPermissions(array $params = []): Collection
{
if ($this->permissions === null) {
$this->permissions = $this->cache->remember(self::$cacheKey, self::$cacheExpirationTime, function () {
return $this->getPermissionClass()
->with('roles')
->get();
});
}
$permissions = clone $this->permissions;
foreach ($params as $attr => $value) {
$permissions = $permissions->where($attr, $value);
}
return $permissions;
}
/**
* Get an instance of the permission class.
*
* @return \Spatie\Permission\Contracts\Permission
*/
public function getPermissionClass(): Permission
{
return app($this->permissionClass);
}
public function setPermissionClass($permissionClass)
{
$this->permissionClass = $permissionClass;
return $this;
}
/**
* Get an instance of the role class.
*
* @return \Spatie\Permission\Contracts\Role
*/
public function getRoleClass(): Role
{
return app($this->roleClass);
}
/**
* Get the instance of the Cache Store.
*
* @return \Illuminate\Contracts\Cache\Store
*/
public function getCacheStore(): \Illuminate\Contracts\Cache\Store
{
return $this->cache->getStore();
}
}

170
vendor/spatie/laravel-permission/src/PermissionServiceProvider.php vendored Normal file
View File

@@ -0,0 +1,170 @@
<?php
namespace Spatie\Permission;
use Illuminate\Routing\Route;
use Illuminate\Support\Collection;
use Illuminate\Filesystem\Filesystem;
use Illuminate\Support\ServiceProvider;
use Illuminate\View\Compilers\BladeCompiler;
use Spatie\Permission\Contracts\Role as RoleContract;
use Spatie\Permission\Contracts\Permission as PermissionContract;
class PermissionServiceProvider extends ServiceProvider
{
public function boot(PermissionRegistrar $permissionLoader, Filesystem $filesystem)
{
if (function_exists('config_path')) { // function not available and 'publish' not relevant in Lumen
$this->publishes([
__DIR__.'/../config/permission.php' => config_path('permission.php'),
], 'config');
$this->publishes([
__DIR__.'/../database/migrations/create_permission_tables.php.stub' => $this->getMigrationFileName($filesystem),
], 'migrations');
}
$this->registerMacroHelpers();
$this->commands([
Commands\CacheReset::class,
Commands\CreateRole::class,
Commands\CreatePermission::class,
Commands\Show::class,
]);
$this->registerModelBindings();
$permissionLoader->clearClassPermissions();
$permissionLoader->registerPermissions();
$this->app->singleton(PermissionRegistrar::class, function ($app) use ($permissionLoader) {
return $permissionLoader;
});
}
public function register()
{
$this->mergeConfigFrom(
__DIR__.'/../config/permission.php',
'permission'
);
$this->registerBladeExtensions();
}
protected function registerModelBindings()
{
$config = $this->app->config['permission.models'];
if (! $config) {
return;
}
$this->app->bind(PermissionContract::class, $config['permission']);
$this->app->bind(RoleContract::class, $config['role']);
}
protected function registerBladeExtensions()
{
$this->app->afterResolving('blade.compiler', function (BladeCompiler $bladeCompiler) {
$bladeCompiler->directive('role', function ($arguments) {
list($role, $guard) = explode(',', $arguments.',');
return "<?php if(auth({$guard})->check() && auth({$guard})->user()->hasRole({$role})): ?>";
});
$bladeCompiler->directive('elserole', function ($arguments) {
list($role, $guard) = explode(',', $arguments.',');
return "<?php elseif(auth({$guard})->check() && auth({$guard})->user()->hasRole({$role})): ?>";
});
$bladeCompiler->directive('endrole', function () {
return '<?php endif; ?>';
});
$bladeCompiler->directive('hasrole', function ($arguments) {
list($role, $guard) = explode(',', $arguments.',');
return "<?php if(auth({$guard})->check() && auth({$guard})->user()->hasRole({$role})): ?>";
});
$bladeCompiler->directive('endhasrole', function () {
return '<?php endif; ?>';
});
$bladeCompiler->directive('hasanyrole', function ($arguments) {
list($roles, $guard) = explode(',', $arguments.',');
return "<?php if(auth({$guard})->check() && auth({$guard})->user()->hasAnyRole({$roles})): ?>";
});
$bladeCompiler->directive('endhasanyrole', function () {
return '<?php endif; ?>';
});
$bladeCompiler->directive('hasallroles', function ($arguments) {
list($roles, $guard) = explode(',', $arguments.',');
return "<?php if(auth({$guard})->check() && auth({$guard})->user()->hasAllRoles({$roles})): ?>";
});
$bladeCompiler->directive('endhasallroles', function () {
return '<?php endif; ?>';
});
$bladeCompiler->directive('unlessrole', function ($arguments) {
list($role, $guard) = explode(',', $arguments.',');
return "<?php if(!auth({$guard})->check() || ! auth({$guard})->user()->hasRole({$role})): ?>";
});
$bladeCompiler->directive('endunlessrole', function () {
return '<?php endif; ?>';
});
});
}
protected function registerMacroHelpers()
{
if (! method_exists(Route::class, 'macro')) { // Lumen
return;
}
Route::macro('role', function ($roles = []) {
if (! is_array($roles)) {
$roles = [$roles];
}
$roles = implode('|', $roles);
$this->middleware("role:$roles");
return $this;
});
Route::macro('permission', function ($permissions = []) {
if (! is_array($permissions)) {
$permissions = [$permissions];
}
$permissions = implode('|', $permissions);
$this->middleware("permission:$permissions");
return $this;
});
}
/**
* Returns existing migration file if found, else uses the current timestamp.
*
* @param Filesystem $filesystem
* @return string
*/
protected function getMigrationFileName(Filesystem $filesystem): string
{
$timestamp = date('Y_m_d_His');
return Collection::make($this->app->databasePath().DIRECTORY_SEPARATOR.'migrations'.DIRECTORY_SEPARATOR)
->flatMap(function ($path) use ($filesystem) {
return $filesystem->glob($path.'*_create_permission_tables.php');
})->push($this->app->databasePath()."/migrations/{$timestamp}_create_permission_tables.php")
->first();
}
}

496
vendor/spatie/laravel-permission/src/Traits/HasPermissions.php vendored Normal file
View File

@@ -0,0 +1,496 @@
<?php
namespace Spatie\Permission\Traits;
use Spatie\Permission\Guard;
use Illuminate\Support\Collection;
use Illuminate\Database\Eloquent\Builder;
use Spatie\Permission\WildcardPermission;
use Spatie\Permission\PermissionRegistrar;
use Spatie\Permission\Contracts\Permission;
use Spatie\Permission\Exceptions\GuardDoesNotMatch;
use Illuminate\Database\Eloquent\Relations\MorphToMany;
use Spatie\Permission\Exceptions\PermissionDoesNotExist;
use Spatie\Permission\Exceptions\WildcardPermissionInvalidArgument;
trait HasPermissions
{
private $permissionClass;
public static function bootHasPermissions()
{
static::deleting(function ($model) {
if (method_exists($model, 'isForceDeleting') && ! $model->isForceDeleting()) {
return;
}
$model->permissions()->detach();
});
}
public function getPermissionClass()
{
if (! isset($this->permissionClass)) {
$this->permissionClass = app(PermissionRegistrar::class)->getPermissionClass();
}
return $this->permissionClass;
}
/**
* A model may have multiple direct permissions.
*/
public function permissions(): MorphToMany
{
return $this->morphToMany(
config('permission.models.permission'),
'model',
config('permission.table_names.model_has_permissions'),
config('permission.column_names.model_morph_key'),
'permission_id'
);
}
/**
* Scope the model query to certain permissions only.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string|array|\Spatie\Permission\Contracts\Permission|\Illuminate\Support\Collection $permissions
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopePermission(Builder $query, $permissions): Builder
{
$permissions = $this->convertToPermissionModels($permissions);
$rolesWithPermissions = array_unique(array_reduce($permissions, function ($result, $permission) {
return array_merge($result, $permission->roles->all());
}, []));
return $query->where(function (Builder $query) use ($permissions, $rolesWithPermissions) {
$query->whereHas('permissions', function (Builder $subQuery) use ($permissions) {
$subQuery->whereIn(config('permission.table_names.permissions').'.id', \array_column($permissions, 'id'));
});
if (count($rolesWithPermissions) > 0) {
$query->orWhereHas('roles', function (Builder $subQuery) use ($rolesWithPermissions) {
$subQuery->whereIn(config('permission.table_names.roles').'.id', \array_column($rolesWithPermissions, 'id'));
});
}
});
}
/**
* @param string|array|\Spatie\Permission\Contracts\Permission|\Illuminate\Support\Collection $permissions
*
* @return array
*/
protected function convertToPermissionModels($permissions): array
{
if ($permissions instanceof Collection) {
$permissions = $permissions->all();
}
$permissions = is_array($permissions) ? $permissions : [$permissions];
return array_map(function ($permission) {
if ($permission instanceof Permission) {
return $permission;
}
return $this->getPermissionClass()->findByName($permission, $this->getDefaultGuardName());
}, $permissions);
}
/**
* Determine if the model may perform the given permission.
*
* @param string|int|\Spatie\Permission\Contracts\Permission $permission
* @param string|null $guardName
*
* @return bool
* @throws PermissionDoesNotExist
*/
public function hasPermissionTo($permission, $guardName = null): bool
{
if (config('permission.enable_wildcard_permission', false)) {
return $this->hasWildcardPermission($permission, $guardName);
}
$permissionClass = $this->getPermissionClass();
if (is_string($permission)) {
$permission = $permissionClass->findByName(
$permission,
$guardName ?? $this->getDefaultGuardName()
);
}
if (is_int($permission)) {
$permission = $permissionClass->findById(
$permission,
$guardName ?? $this->getDefaultGuardName()
);
}
if (! $permission instanceof Permission) {
throw new PermissionDoesNotExist;
}
return $this->hasDirectPermission($permission) || $this->hasPermissionViaRole($permission);
}
/**
* Validates a wildcard permission against all permissions of a user.
*
* @param string|int|\Spatie\Permission\Contracts\Permission $permission
* @param string|null $guardName
*
* @return bool
*/
protected function hasWildcardPermission($permission, $guardName = null): bool
{
$guardName = $guardName ?? $this->getDefaultGuardName();
if (is_int($permission)) {
$permission = $this->getPermissionClass()->findById($permission, $guardName);
}
if ($permission instanceof Permission) {
$permission = $permission->name;
}
if (! is_string($permission)) {
throw WildcardPermissionInvalidArgument::create();
}
foreach ($this->getAllPermissions() as $userPermission) {
if ($guardName !== $userPermission->guard_name) {
continue;
}
$userPermission = new WildcardPermission($userPermission->name);
if ($userPermission->implies($permission)) {
return true;
}
}
return false;
}
/**
* @deprecated since 2.35.0
* @alias of hasPermissionTo()
*/
public function hasUncachedPermissionTo($permission, $guardName = null): bool
{
return $this->hasPermissionTo($permission, $guardName);
}
/**
* An alias to hasPermissionTo(), but avoids throwing an exception.
*
* @param string|int|\Spatie\Permission\Contracts\Permission $permission
* @param string|null $guardName
*
* @return bool
*/
public function checkPermissionTo($permission, $guardName = null): bool
{
try {
return $this->hasPermissionTo($permission, $guardName);
} catch (PermissionDoesNotExist $e) {
return false;
}
}
/**
* Determine if the model has any of the given permissions.
*
* @param array ...$permissions
*
* @return bool
* @throws \Exception
*/
public function hasAnyPermission(...$permissions): bool
{
$permissions = collect($permissions)->flatten();
foreach ($permissions as $permission) {
if ($this->checkPermissionTo($permission)) {
return true;
}
}
return false;
}
/**
* Determine if the model has all of the given permissions.
*
* @param array ...$permissions
*
* @return bool
* @throws \Exception
*/
public function hasAllPermissions(...$permissions): bool
{
$permissions = collect($permissions)->flatten();
foreach ($permissions as $permission) {
if (! $this->hasPermissionTo($permission)) {
return false;
}
}
return true;
}
/**
* Determine if the model has, via roles, the given permission.
*
* @param \Spatie\Permission\Contracts\Permission $permission
*
* @return bool
*/
protected function hasPermissionViaRole(Permission $permission): bool
{
return $this->hasRole($permission->roles);
}
/**
* Determine if the model has the given permission.
*
* @param string|int|\Spatie\Permission\Contracts\Permission $permission
*
* @return bool
* @throws PermissionDoesNotExist
*/
public function hasDirectPermission($permission): bool
{
$permissionClass = $this->getPermissionClass();
if (is_string($permission)) {
$permission = $permissionClass->findByName($permission, $this->getDefaultGuardName());
}
if (is_int($permission)) {
$permission = $permissionClass->findById($permission, $this->getDefaultGuardName());
}
if (! $permission instanceof Permission) {
throw new PermissionDoesNotExist;
}
return $this->permissions->contains('id', $permission->id);
}
/**
* Return all the permissions the model has via roles.
*/
public function getPermissionsViaRoles(): Collection
{
return $this->loadMissing('roles', 'roles.permissions')
->roles->flatMap(function ($role) {
return $role->permissions;
})->sort()->values();
}
/**
* Return all the permissions the model has, both directly and via roles.
*/
public function getAllPermissions(): Collection
{
/** @var Collection $permissions */
$permissions = $this->permissions;
if ($this->roles) {
$permissions = $permissions->merge($this->getPermissionsViaRoles());
}
return $permissions->sort()->values();
}
/**
* Grant the given permission(s) to a role.
*
* @param string|array|\Spatie\Permission\Contracts\Permission|\Illuminate\Support\Collection $permissions
*
* @return $this
*/
public function givePermissionTo(...$permissions)
{
$permissions = collect($permissions)
->flatten()
->map(function ($permission) {
if (empty($permission)) {
return false;
}
return $this->getStoredPermission($permission);
})
->filter(function ($permission) {
return $permission instanceof Permission;
})
->each(function ($permission) {
$this->ensureModelSharesGuard($permission);
})
->map->id
->all();
$model = $this->getModel();
if ($model->exists) {
$this->permissions()->sync($permissions, false);
$model->load('permissions');
} else {
$class = \get_class($model);
$class::saved(
function ($object) use ($permissions, $model) {
static $modelLastFiredOn;
if ($modelLastFiredOn !== null && $modelLastFiredOn === $model) {
return;
}
$object->permissions()->sync($permissions, false);
$object->load('permissions');
$modelLastFiredOn = $object;
}
);
}
$this->forgetCachedPermissions();
return $this;
}
/**
* Remove all current permissions and set the given ones.
*
* @param string|array|\Spatie\Permission\Contracts\Permission|\Illuminate\Support\Collection $permissions
*
* @return $this
*/
public function syncPermissions(...$permissions)
{
$this->permissions()->detach();
return $this->givePermissionTo($permissions);
}
/**
* Revoke the given permission.
*
* @param \Spatie\Permission\Contracts\Permission|\Spatie\Permission\Contracts\Permission[]|string|string[] $permission
*
* @return $this
*/
public function revokePermissionTo($permission)
{
$this->permissions()->detach($this->getStoredPermission($permission));
$this->forgetCachedPermissions();
$this->load('permissions');
return $this;
}
public function getPermissionNames(): Collection
{
return $this->permissions->pluck('name');
}
/**
* @param string|array|\Spatie\Permission\Contracts\Permission|\Illuminate\Support\Collection $permissions
*
* @return \Spatie\Permission\Contracts\Permission|\Spatie\Permission\Contracts\Permission[]|\Illuminate\Support\Collection
*/
protected function getStoredPermission($permissions)
{
$permissionClass = $this->getPermissionClass();
if (is_numeric($permissions)) {
return $permissionClass->findById($permissions, $this->getDefaultGuardName());
}
if (is_string($permissions)) {
return $permissionClass->findByName($permissions, $this->getDefaultGuardName());
}
if (is_array($permissions)) {
return $permissionClass
->whereIn('name', $permissions)
->whereIn('guard_name', $this->getGuardNames())
->get();
}
return $permissions;
}
/**
* @param \Spatie\Permission\Contracts\Permission|\Spatie\Permission\Contracts\Role $roleOrPermission
*
* @throws \Spatie\Permission\Exceptions\GuardDoesNotMatch
*/
protected function ensureModelSharesGuard($roleOrPermission)
{
if (! $this->getGuardNames()->contains($roleOrPermission->guard_name)) {
throw GuardDoesNotMatch::create($roleOrPermission->guard_name, $this->getGuardNames());
}
}
protected function getGuardNames(): Collection
{
return Guard::getNames($this);
}
protected function getDefaultGuardName(): string
{
return Guard::getDefaultName($this);
}
/**
* Forget the cached permissions.
*/
public function forgetCachedPermissions()
{
app(PermissionRegistrar::class)->forgetCachedPermissions();
}
/**
* Check if the model has All of the requested Direct permissions.
* @param array ...$permissions
* @return bool
*/
public function hasAllDirectPermissions(...$permissions): bool
{
$permissions = collect($permissions)->flatten();
foreach ($permissions as $permission) {
if (! $this->hasDirectPermission($permission)) {
return false;
}
}
return true;
}
/**
* Check if the model has Any of the requested Direct permissions.
* @param array ...$permissions
* @return bool
*/
public function hasAnyDirectPermission(...$permissions): bool
{
$permissions = collect($permissions)->flatten();
foreach ($permissions as $permission) {
if ($this->hasDirectPermission($permission)) {
return true;
}
}
return false;
}
}

306
vendor/spatie/laravel-permission/src/Traits/HasRoles.php vendored Normal file
View File

@@ -0,0 +1,306 @@
<?php
namespace Spatie\Permission\Traits;
use Illuminate\Support\Collection;
use Spatie\Permission\Contracts\Role;
use Illuminate\Database\Eloquent\Builder;
use Spatie\Permission\PermissionRegistrar;
use Illuminate\Database\Eloquent\Relations\MorphToMany;
trait HasRoles
{
use HasPermissions;
private $roleClass;
public static function bootHasRoles()
{
static::deleting(function ($model) {
if (method_exists($model, 'isForceDeleting') && ! $model->isForceDeleting()) {
return;
}
$model->roles()->detach();
});
}
public function getRoleClass()
{
if (! isset($this->roleClass)) {
$this->roleClass = app(PermissionRegistrar::class)->getRoleClass();
}
return $this->roleClass;
}
/**
* A model may have multiple roles.
*/
public function roles(): MorphToMany
{
return $this->morphToMany(
config('permission.models.role'),
'model',
config('permission.table_names.model_has_roles'),
config('permission.column_names.model_morph_key'),
'role_id'
);
}
/**
* Scope the model query to certain roles only.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string|array|\Spatie\Permission\Contracts\Role|\Illuminate\Support\Collection $roles
* @param string $guard
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeRole(Builder $query, $roles, $guard = null): Builder
{
if ($roles instanceof Collection) {
$roles = $roles->all();
}
if (! is_array($roles)) {
$roles = [$roles];
}
$roles = array_map(function ($role) use ($guard) {
if ($role instanceof Role) {
return $role;
}
$method = is_numeric($role) ? 'findById' : 'findByName';
$guard = $guard ?: $this->getDefaultGuardName();
return $this->getRoleClass()->{$method}($role, $guard);
}, $roles);
return $query->whereHas('roles', function (Builder $subQuery) use ($roles) {
$subQuery->whereIn(config('permission.table_names.roles').'.id', \array_column($roles, 'id'));
});
}
/**
* Assign the given role to the model.
*
* @param array|string|\Spatie\Permission\Contracts\Role ...$roles
*
* @return $this
*/
public function assignRole(...$roles)
{
$roles = collect($roles)
->flatten()
->map(function ($role) {
if (empty($role)) {
return false;
}
return $this->getStoredRole($role);
})
->filter(function ($role) {
return $role instanceof Role;
})
->each(function ($role) {
$this->ensureModelSharesGuard($role);
})
->map->id
->all();
$model = $this->getModel();
if ($model->exists) {
$this->roles()->sync($roles, false);
$model->load('roles');
} else {
$class = \get_class($model);
$class::saved(
function ($object) use ($roles, $model) {
static $modelLastFiredOn;
if ($modelLastFiredOn !== null && $modelLastFiredOn === $model) {
return;
}
$object->roles()->sync($roles, false);
$object->load('roles');
$modelLastFiredOn = $object;
});
}
$this->forgetCachedPermissions();
return $this;
}
/**
* Revoke the given role from the model.
*
* @param string|\Spatie\Permission\Contracts\Role $role
*/
public function removeRole($role)
{
$this->roles()->detach($this->getStoredRole($role));
$this->load('roles');
$this->forgetCachedPermissions();
return $this;
}
/**
* Remove all current roles and set the given ones.
*
* @param array|\Spatie\Permission\Contracts\Role|string ...$roles
*
* @return $this
*/
public function syncRoles(...$roles)
{
$this->roles()->detach();
return $this->assignRole($roles);
}
/**
* Determine if the model has (one of) the given role(s).
*
* @param string|int|array|\Spatie\Permission\Contracts\Role|\Illuminate\Support\Collection $roles
* @param string|null $guard
* @return bool
*/
public function hasRole($roles, string $guard = null): bool
{
if (is_string($roles) && false !== strpos($roles, '|')) {
$roles = $this->convertPipeToArray($roles);
}
if (is_string($roles)) {
return $guard
? $this->roles->where('guard_name', $guard)->contains('name', $roles)
: $this->roles->contains('name', $roles);
}
if (is_int($roles)) {
return $guard
? $this->roles->where('guard_name', $guard)->contains('id', $roles)
: $this->roles->contains('id', $roles);
}
if ($roles instanceof Role) {
return $this->roles->contains('id', $roles->id);
}
if (is_array($roles)) {
foreach ($roles as $role) {
if ($this->hasRole($role, $guard)) {
return true;
}
}
return false;
}
return $roles->intersect($guard ? $this->roles->where('guard_name', $guard) : $this->roles)->isNotEmpty();
}
/**
* Determine if the model has any of the given role(s).
*
* Alias to hasRole() but without Guard controls
*
* @param string|int|array|\Spatie\Permission\Contracts\Role|\Illuminate\Support\Collection $roles
*
* @return bool
*/
public function hasAnyRole(...$roles): bool
{
return $this->hasRole($roles);
}
/**
* Determine if the model has all of the given role(s).
*
* @param string|array|\Spatie\Permission\Contracts\Role|\Illuminate\Support\Collection $roles
* @param string|null $guard
* @return bool
*/
public function hasAllRoles($roles, string $guard = null): bool
{
if (is_string($roles) && false !== strpos($roles, '|')) {
$roles = $this->convertPipeToArray($roles);
}
if (is_string($roles)) {
return $guard
? $this->roles->where('guard_name', $guard)->contains('name', $roles)
: $this->roles->contains('name', $roles);
}
if ($roles instanceof Role) {
return $this->roles->contains('id', $roles->id);
}
$roles = collect()->make($roles)->map(function ($role) {
return $role instanceof Role ? $role->name : $role;
});
return $roles->intersect(
$guard
? $this->roles->where('guard_name', $guard)->pluck('name')
: $this->getRoleNames()) == $roles;
}
/**
* Return all permissions directly coupled to the model.
*/
public function getDirectPermissions(): Collection
{
return $this->permissions;
}
public function getRoleNames(): Collection
{
return $this->roles->pluck('name');
}
protected function getStoredRole($role): Role
{
$roleClass = $this->getRoleClass();
if (is_numeric($role)) {
return $roleClass->findById($role, $this->getDefaultGuardName());
}
if (is_string($role)) {
return $roleClass->findByName($role, $this->getDefaultGuardName());
}
return $role;
}
protected function convertPipeToArray(string $pipeString)
{
$pipeString = trim($pipeString);
if (strlen($pipeString) <= 2) {
return $pipeString;
}
$quoteCharacter = substr($pipeString, 0, 1);
$endCharacter = substr($quoteCharacter, -1, 1);
if ($quoteCharacter !== $endCharacter) {
return explode('|', $pipeString);
}
if (! in_array($quoteCharacter, ["'", '"'])) {
return explode('|', $pipeString);
}
return explode('|', trim($pipeString, $quoteCharacter));
}
}

19
vendor/spatie/laravel-permission/src/Traits/RefreshesPermissionCache.php vendored Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace Spatie\Permission\Traits;
use Spatie\Permission\PermissionRegistrar;
trait RefreshesPermissionCache
{
public static function bootRefreshesPermissionCache()
{
static::saved(function () {
app(PermissionRegistrar::class)->forgetCachedPermissions();
});
static::deleted(function () {
app(PermissionRegistrar::class)->forgetCachedPermissions();
});
}
}

124
vendor/spatie/laravel-permission/src/WildcardPermission.php vendored Normal file
View File

@@ -0,0 +1,124 @@
<?php
namespace Spatie\Permission;
use Illuminate\Support\Collection;
use Spatie\Permission\Exceptions\WildcardPermissionNotProperlyFormatted;
class WildcardPermission
{
/** @var string */
const WILDCARD_TOKEN = '*';
/** @var string */
const PART_DELIMITER = '.';
/** @var string */
const SUBPART_DELIMITER = ',';
/** @var string */
protected $permission;
/** @var Collection */
protected $parts;
/**
* @param string $permission
*/
public function __construct(string $permission)
{
$this->permission = $permission;
$this->parts = collect();
$this->setParts();
}
/**
* @param string|WildcardPermission $permission
*
* @return bool
*/
public function implies($permission): bool
{
if (is_string($permission)) {
$permission = new self($permission);
}
$otherParts = $permission->getParts();
$i = 0;
foreach ($otherParts as $otherPart) {
if ($this->getParts()->count() - 1 < $i) {
return true;
}
if (! $this->parts->get($i)->contains(self::WILDCARD_TOKEN)
&& ! $this->containsAll($this->parts->get($i), $otherPart)) {
return false;
}
$i++;
}
for ($i; $i < $this->parts->count(); $i++) {
if (! $this->parts->get($i)->contains(self::WILDCARD_TOKEN)) {
return false;
}
}
return true;
}
/**
* @param Collection $part
* @param Collection $otherPart
*
* @return bool
*/
protected function containsAll(Collection $part, Collection $otherPart): bool
{
foreach ($otherPart->toArray() as $item) {
if (! $part->contains($item)) {
return false;
}
}
return true;
}
/**
* @return Collection
*/
public function getParts(): Collection
{
return $this->parts;
}
/**
* Sets the different parts and subparts from permission string.
*
* @return void
*/
protected function setParts(): void
{
if (empty($this->permission) || $this->permission == null) {
throw WildcardPermissionNotProperlyFormatted::create($this->permission);
}
$parts = collect(explode(self::PART_DELIMITER, $this->permission));
$parts->each(function ($item, $key) {
$subParts = collect(explode(self::SUBPART_DELIMITER, $item));
if ($subParts->isEmpty() || $subParts->contains('')) {
throw WildcardPermissionNotProperlyFormatted::create($this->permission);
}
$this->parts->add($subParts);
});
if ($this->parts->isEmpty()) {
throw WildcardPermissionNotProperlyFormatted::create($this->permission);
}
}
}

20
vendor/spatie/laravel-permission/src/helpers.php vendored Normal file
View File

@@ -0,0 +1,20 @@
<?php
if (! function_exists('getModelForGuard')) {
/**
* @param string $guard
*
* @return string|null
*/
function getModelForGuard(string $guard)
{
return collect(config('auth.guards'))
->map(function ($guard) {
if (! isset($guard['provider'])) {
return;
}
return config("auth.providers.{$guard['provider']}.model");
})->get($guard);
}
}