Team level roles & permissions

andrewdrake · andrewdrake · commit 3f79f476eab5 · 2021-09-12T13:50:57.000+10:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -21,6 +21,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
 ### Removed --->
 
+## 0.6.7 - 2021-09-11
+### Added
+- Roles & Permissions team support
+
 ## 0.6.6 - 2021-09-03
 ### Changed
 - Default field level encryption security setting to false
diff --git a/README.md b/README.md
@@ -29,6 +29,7 @@ This package will add CRM functionality to your laravel projects
  - Secure registration & login
  - Reset forgotten password
  - Laravel Jetstream/Spark teams support
+ - Team level roles & permissions
 
 ## Installation (10-15mins)
 
diff --git a/config/package.php b/config/package.php
@@ -13,6 +13,6 @@
     |
     */
 
-    'version' => '0.6.6',
+    'version' => '0.6.7',
     
     ];
diff --git a/src/Console/LaravelCrmPermissions.php b/src/Console/LaravelCrmPermissions.php
@@ -0,0 +1,117 @@
+<?php
+
+namespace VentureDrake\LaravelCrm\Console;
+
+use Carbon\Carbon;
+use DB;
+use Illuminate\Console\Command;
+use Illuminate\Support\Composer;
+
+class LaravelCrmPermissions extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'laravelcrm:permissions';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Install Laravel CRM package';
+
+    /**
+     * The Composer instance.
+     *
+     * @var \Illuminate\Foundation\Composer
+     */
+    protected $composer;
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct(Composer $composer)
+    {
+        parent::__construct();
+        $this->composer = $composer;
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $this->info('Updating LaravelCRM Permissions...');
+
+        $this->comment('Clearing permissions cache');
+
+        app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
+        
+        foreach (DB::table('teams')->get() as $team) {
+            foreach (DB::table('roles')
+                         ->whereNull('team_id')
+                         ->get() as $role) {
+                $this->info('Inserting role '.$role->name.' for team '.$team->name);
+                
+                DB::table('roles')->updateOrInsert([
+                    'name' => $role->name,
+                    'guard_name' => $role->guard_name,
+                    'description' => $role->description,
+                    'crm_role' => $role->crm_role,
+                    'team_id' => $team->id,
+                ], [
+                    'created_at' => Carbon::now(),
+                    'updated_at' => Carbon::now(),
+                ]);
+
+                if ($newRole = DB::table('roles')->where([
+                    'name' => $role->name,
+                    'guard_name' => $role->guard_name,
+                    'description' => $role->description,
+                    'crm_role' => $role->crm_role,
+                    'team_id' => $team->id,
+                ])->first()) {
+                    foreach (DB::table('permissions')
+                                 ->leftJoin('role_has_permissions', 'permissions.id', '=', 'role_has_permissions.permission_id')
+                                 ->where('role_has_permissions.role_id', $role->id)
+                                 ->get() as $permission) {
+                        $this->info('Inserting permission '.$permission->name.' for role '.$role->name);
+                        
+                        DB::table('permissions')->updateOrInsert([
+                            'name' => $permission->name,
+                            'guard_name' => $permission->guard_name,
+                            'description' => $permission->description,
+                            'crm_permission' => $permission->crm_permission,
+                            'team_id' => $team->id,
+                        ], [
+                            'created_at' => Carbon::now(),
+                            'updated_at' => Carbon::now(),
+                        ]);
+
+                        if ($newPermission = DB::table('permissions')->where([
+                            'name' => $permission->name,
+                            'guard_name' => $permission->guard_name,
+                            'description' => $permission->description,
+                            'crm_permission' => $permission->crm_permission,
+                            'team_id' => $team->id,
+                        ])->first()) {
+                            DB::table('role_has_permissions')->updateOrInsert([
+                                'permission_id' => $newPermission->id,
+                                'role_id' => $newRole->id,
+                            ]);
+                        }
+                    }
+                }
+            }
+        }
+        
+        $this->info('LaravelCRM Permissions Update Complete.');
+    }
+}
diff --git a/src/Http/Controllers/Jetstream/CurrentTeamController.php b/src/Http/Controllers/Jetstream/CurrentTeamController.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace VentureDrake\LaravelCrm\Http\Controllers\Jetstream;
+
+use Illuminate\Http\Request;
+use Illuminate\Routing\Controller;
+use Laravel\Jetstream\Jetstream;
+
+class CurrentTeamController extends Controller
+{
+    /**
+     * Update the authenticated user's current team.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(Request $request)
+    {
+        $team = Jetstream::newTeamModel()->findOrFail($request->team_id);
+
+        if ($request->user()->switchTeam($team)) {
+            app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
+        } else {
+            abort(403);
+        }
+
+        return redirect(config('fortify.home'), 303);
+    }
+}
diff --git a/src/Http/Middleware/HasCrmAccess.php b/src/Http/Middleware/HasCrmAccess.php
@@ -23,8 +23,8 @@ public function handle($request, Closure $next)
             abort('403');
         }
        
-        if (config('laravel-crm.crm_owner') == auth()->user()->email && (! auth()->user()->hasRole('Owner') || ! auth()->user()->hasCrmAccess())) {
-            auth()->user()->syncRoles(['Owner']);
+        if (! config('laravel-crm.teams') && config('laravel-crm.crm_owner') == auth()->user()->email && (! auth()->user()->hasRole('Owner') || ! auth()->user()->hasCrmAccess())) {
+            auth()->user()->assignRole(['Owner']);
 
             auth()->user()->forceFill([
                 'crm_access' => 1,
diff --git a/src/Http/routes.php b/src/Http/routes.php
@@ -503,7 +503,7 @@
         ->middleware(['can:delete,role']);
 });
 
-/* CRM routes (AJAX) */
+/* CRM (AJAX) */
 Route::group(['prefix' => 'crm', 'middleware' => 'auth.laravel-crm'], function () {
     Route::group(['prefix' => 'people', 'middleware' => 'auth.laravel-crm'], function () {
         Route::get('{person}/autocomplete', 'VentureDrake\LaravelCrm\Http\Controllers\PersonController@autocomplete')
@@ -524,3 +524,8 @@
             ->middleware(['can:viewAny,VentureDrake\LaravelCrm\Models\Product']);
     });
 });
+
+/* Jetstream */
+Route::put('/current-team', 'VentureDrake\LaravelCrm\Http\Controllers\Jetstream\CurrentTeamController@update')
+    ->name('current-team.update')
+    ->middleware(['auth', 'verified']);
diff --git a/src/LaravelCrmServiceProvider.php b/src/LaravelCrmServiceProvider.php
@@ -11,6 +11,7 @@
 use Illuminate\Support\Facades\Route;
 use Illuminate\Support\ServiceProvider;
 use VentureDrake\LaravelCrm\Console\LaravelCrmInstall;
+use VentureDrake\LaravelCrm\Console\LaravelCrmPermissions;
 use VentureDrake\LaravelCrm\Http\Middleware\Authenticate;
 use VentureDrake\LaravelCrm\Http\Middleware\HasCrmAccess;
 use VentureDrake\LaravelCrm\Http\Middleware\LastOnlineAt;
@@ -90,14 +91,18 @@ class_alias('App\Models\Team', 'App\Team');
         Phone::observe(PhoneObserver::class);
         Email::observe(EmailObserver::class);
         Setting::observe(SettingObserver::class);
-
-        if ((app()->version() >= 8 && class_exists('App\Models\User')) || (class_exists('App\Models\User') && ! class_exists('App\User'))) {
-            \App\Models\Team::observe(TeamObserver::class);
+        
+        if (class_exists('App\Models\User')) {
             \App\Models\User::observe(UserObserver::class);
         } else {
-            \App\Team::observe(TeamObserver::class);
             \App\User::observe(UserObserver::class);
         }
+
+        if (class_exists('App\Models\Team')) {
+            \App\Models\Team::observe(TeamObserver::class);
+        } elseif (class_exists('App\Team')) {
+            \App\Team::observe(TeamObserver::class);
+        }
         
         // Paginate on Collection
         if (! Collection::hasMacro('paginate')) {
@@ -175,6 +180,7 @@ function ($perPage = 30, $page = null, $options = []) {
             // Registering package commands.
             $this->commands([
                 LaravelCrmInstall::class,
+                LaravelCrmPermissions::class,
             ]);
 
             // Register the model factories
diff --git a/src/Observers/TeamObserver.php b/src/Observers/TeamObserver.php
@@ -3,9 +3,8 @@
 namespace VentureDrake\LaravelCrm\Observers;
 
 use App\Team;
+use Carbon\Carbon;
 use DB;
-use Spatie\Permission\Models\Permission;
-use Spatie\Permission\Models\Role;
 
 class TeamObserver
 {
@@ -29,64 +28,77 @@ public function creating(Team $team)
     public function created(Team $team)
     {
         app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
-
-        foreach (DB::table('permissions')
-                    ->whereNull('team_id')
-                    ->get() as $permission) {
-            DB::table('permissions')->insert([
-                'name' => $permission->name,
-                'guard_name' => $permission->guard_name,
-                'description' => $permission->description,
-                'crm_permission' => $permission->crm_permission,
+        
+        // Get the roles
+        foreach (DB::table('roles')
+                     ->whereNull('team_id')
+                     ->get() as $role) {
+            DB::table('roles')->updateOrInsert([
+                'name' => $role->name,
+                'guard_name' => $role->guard_name,
+                'description' => $role->description,
+                'crm_role' => $role->crm_role,
                 'team_id' => $team->id,
+            ], [
+                'created_at' => Carbon::now(),
+                'updated_at' => Carbon::now(),
             ]);
-        }
-
-        $role = Role::create(['name' => 'Owner', 'crm_role' => 1])
-            ->givePermissionTo(Permission::all());
-
-        $role = Role::create(['name' => 'Admin', 'crm_role' => 1])
-            ->givePermissionTo(Permission::all());
+            
+            if ($newRole = DB::table('roles')->where([
+                'name' => $role->name,
+                'guard_name' => $role->guard_name,
+                'description' => $role->description,
+                'crm_role' => $role->crm_role,
+                'team_id' => $team->id,
+            ])->first()) {
+                if ($role->name == 'Owner') {
+                    if ((app()->version() >= 8 && class_exists('App\Models\User')) || (class_exists('App\Models\User') && ! class_exists('App\User'))) {
+                        DB::table('model_has_roles')->updateOrInsert([
+                            'role_id' => $newRole->id,
+                            'model_type' => 'App\Models\User',
+                            'model_id' => auth()->user()->id,
+                        ]);
+                    } else {
+                        DB::table('model_has_roles')->updateOrInsert([
+                            'role_id' => $newRole->id,
+                            'model_type' => 'App\User',
+                            'model_id' => auth()->user()->id,
+                        ]);
+                    }
+                }
+                
+                foreach (DB::table('permissions')
+                             ->leftJoin('role_has_permissions', 'permissions.id', '=', 'role_has_permissions.permission_id')
+                             ->where('role_has_permissions.role_id', $role->id)
+                             ->get() as $permission) {
+                    DB::table('permissions')->updateOrInsert([
+                        'name' => $permission->name,
+                        'guard_name' => $permission->guard_name,
+                        'description' => $permission->description,
+                        'crm_permission' => $permission->crm_permission,
+                        'team_id' => $team->id,
+                    ], [
+                        'created_at' => Carbon::now(),
+                        'updated_at' => Carbon::now(),
+                    ]);
 
-        $role = Role::create(['name' => 'Manager', 'crm_role' => 1])
-            ->givePermissionTo([
-                'create crm leads',
-                'view crm leads',
-                'edit crm leads',
-                'delete crm leads',
-                'create crm deals',
-                'view crm deals',
-                'edit crm deals',
-                'delete crm deals',
-                'create crm people',
-                'view crm people',
-                'edit crm people',
-                'delete crm people',
-                'create crm organisations',
-                'view crm organisations',
-                'edit crm organisations',
-                'delete crm organisations',
-            ]);
+                    if ($newPermission = DB::table('permissions')->where([
+                        'name' => $permission->name,
+                        'guard_name' => $permission->guard_name,
+                        'description' => $permission->description,
+                        'crm_permission' => $permission->crm_permission,
+                        'team_id' => $team->id,
+                    ])->first()) {
+                        DB::table('role_has_permissions')->updateOrInsert([
+                            'permission_id' => $newPermission->id,
+                            'role_id' => $newRole->id,
+                        ]);
+                    }
+                }
+            }
+        }
 
-        $role = Role::create(['name' => 'Employee', 'crm_role' => 1])
-            ->givePermissionTo([
-                'create crm leads',
-                'view crm leads',
-                'edit crm leads',
-                'delete crm leads',
-                'create crm deals',
-                'view crm deals',
-                'edit crm deals',
-                'delete crm deals',
-                'create crm people',
-                'view crm people',
-                'edit crm people',
-                'delete crm people',
-                'create crm organisations',
-                'view crm organisations',
-                'edit crm organisations',
-                'delete crm organisations',
-            ]);
+        auth()->user()->assignRole(['Owner']);
     }
 
     /**
diff --git a/src/Observers/UserObserver.php b/src/Observers/UserObserver.php

Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,6 @@`
`13`	`13`	`\|`
`14`	`14`	`*/`
`15`	`15`
`16`		`- 'version' => '0.6.6',`
	`16`	`+ 'version' => '0.6.7',`
`17`	`17`
`18`	`18`	`];`
Original file line number	Diff line number	Diff line change
`@@ -23,8 +23,8 @@ public function handle($request, Closure $next)`
`23`	`23`	`abort('403');`
`24`	`24`	`}`
`25`	`25`
`26`		`- if (config('laravel-crm.crm_owner') == auth()->user()->email && (! auth()->user()->hasRole('Owner') \|\| ! auth()->user()->hasCrmAccess())) {`
`27`		`- auth()->user()->syncRoles(['Owner']);`
	`26`	`+ if (! config('laravel-crm.teams') && config('laravel-crm.crm_owner') == auth()->user()->email && (! auth()->user()->hasRole('Owner') \|\| ! auth()->user()->hasCrmAccess())) {`
	`27`	`+ auth()->user()->assignRole(['Owner']);`
`28`	`28`
`29`	`29`	`auth()->user()->forceFill([`
`30`	`30`	`'crm_access' => 1,`