* change usage novauser.gates.user.model to auth.providers.users.model

* make custom ActionResource * change CustomAuthorize to NovauserAuthorize. * patch NovaServiceProvider * add route web to test permission on local * add action to navigation.
anditsung · Apr 30, 2020 · 1bf692f · 1bf692f
1 parent d919f1a
commit 1bf692f
Show file tree

Hide file tree

Showing 16 changed files with 812 additions and 40 deletions.
diff --git a/config/novauser.php b/config/novauser.php
@@ -54,6 +54,11 @@
     'binds' => [
         'login' => \Tsung\NovaUserManagement\Http\Controllers\Auth\LoginController::class,
 
-        'authorize' => \Tsung\NovaUserManagement\Http\Middleware\CustomAuthorize::class,
-    ]
+        'authorize' => \Tsung\NovaUserManagement\Http\Middleware\NovauserAuthorize::class,
+    ],
+
+    /*
+     * set true to show actions resource on navigation
+     */
+    'show-actions' => false,
 ];
diff --git a/dist/js/tool.js b/dist/js/tool.js
diff --git a/resources/js/components/permission-checkbox/form/List.vue b/resources/js/components/permission-checkbox/form/List.vue
@@ -12,7 +12,7 @@
                 :key="group"
                 class="flex flex-col mb-4 pr-4 w-1/2"
             >
-                <div class="p-3 bg-40 border-l border-t border-r border-60">
+                <div class="flex p-3 bg-40 border-l border-t border-r border-60">
                     <h4>{{ group }}</h4>
                 </div>
 
@@ -116,6 +116,14 @@
                 }
                 this.check(option);
             },
-        }
+
+            selectAllGroupName(group) {
+                return "Select all " + group
+            },
+
+            toggleGroup(group) {
+
+            }
+        },
     }
 </script>
diff --git a/resources/views/navigation.blade.php b/resources/views/navigation.blade.php
@@ -48,6 +48,19 @@
             </li>
         @endcan
 
+        @if(Config::get('novauser.show-actions') == true)
+            <li class="leading-wide mb-4 text-sm">
+                <router-link :to="{
+                name: 'index',
+                params: {
+                    resourceName: 'action-events'
+                }
+            }" class="text-white ml-8 no-underline dim">
+                    {{ __("Actions") }}
+                </router-link>
+            </li>
+        @endif
+
     </template>
 </nova-sidebar>
 @endcanany
diff --git a/routes/web.php b/routes/web.php
@@ -9,3 +9,35 @@
 //        Route::get('/password/reset/{token}', \Laravel\Nova\Http\Controllers\ResetPasswordController::class . '@showResetForm')->name('password.reset');
 //        Route::post('/password/reset', \Laravel\Nova\Http\Controllers\ResetPasswordController::class . '@reset');
 //});
+
+Route::group(['middleware'=> 'web'], function() {
+
+    // to check user permissions
+    if(app()->environment('local')) {
+        Route::get('/perm', function() {
+            $user = Auth()->user();
+            if($user) {
+                $permissionModel = config('novauser.gates.permission.model');
+                $permissions = $permissionModel::all();
+                echo "PERMISSION FOR {$user->name}<br>";
+                foreach($permissions as $permission) {
+                    $text = "";
+                    if($user->can($permission->name)) {
+                        $text .= "<b style='color: green'>allow</b>";
+                    }
+                    else {
+                        $text .= "<b style='color: red'>not allow</b>";
+                    }
+                    $text .= " to {$permission->name}<br>";
+                    echo $text;
+                }
+            }
+            else {
+                echo "NO USER DETECTED";
+            }
+            die();
+        });
+    }
+});
+
+
diff --git a/src/Commands/Init.php b/src/Commands/Init.php
@@ -16,7 +16,7 @@ class Init extends Command
     public function handle()
     {
         $guard = config('nova.guard') ?: config('auth.defaults.guard');
-        $userModel = config('novauser.gates.user.model');
+        $userModel = config('auth.providers.users.model');
         $roleModel = config('novauser.gates.role.model');
         $permissionModel = config('novauser.gates.permission.model');
 

diff --git a/src/Commands/Install.php b/src/Commands/Install.php
@@ -14,31 +14,46 @@ class Install extends Command
 
     public function handle()
     {
-        $this->info('Replacing Default User Model');
         $this->replaceUserModel();
-        $this->info("Done");
 
-        $this->info('Replacing Default User Nova');
         $this->replaceUserNova();
-        $this->info("Done");
 
-        $this->info("Publish Novauser Config");
         $this->publishConfig();
-        $this->info('Done');
+
+        $this->patchingNovaServiceProviderGate();
     }
 
     private function replaceUserModel()
     {
+        $this->info('Replacing Default User Model');
         copy(__DIR__.'/../Stub/Models/User.stub', app_path('User.php'));
+        $this->info("Done");
     }
 
     private function replaceUserNova()
     {
+        $this->info('Replacing Default User Nova');
         copy(__DIR__.'/../Stub/Nova/User.stub', app_path('Nova/User.php'));
+        $this->info("Done");
     }
 
     private function publishConfig()
     {
+        $this->info("Publish Novauser Config");
         $this->call('vendor:publish', ['--tag' => 'novauser-config']);
+        $this->info('Done');
+    }
+
+    private function patchingNovaServiceProviderGate()
+    {
+        $novaServiceProviderPath = app_path('Providers/NovaServiceProvider.php');
+
+        $this->info("Patching NovaServiceProvider gate method");
+        $gate_regex = "/in_array[\(\$\w\-\>\,\[\s\/]+.+/";
+        $patchGate = '$user->hasPermissionTo(\'viewNova\');';
+        $novaServiceProviderContent = file_get_contents($novaServiceProviderPath);
+        $novaServiceProviderContent = preg_replace($gate_regex, $patchGate, $novaServiceProviderContent);
+        file_put_contents($novaServiceProviderPath, $novaServiceProviderContent);
+        $this->info("Done");
     }
 }
diff --git a/src/Http/Controllers/Auth/LoginController.php b/src/Http/Controllers/Auth/LoginController.php
@@ -20,7 +20,7 @@ protected function authenticated(Request $request, $user)
 
     private function isActive($user)
     {
-        $userModel = config('novauser.gates.user.model');
+        $userModel = config('auth.providers.users.model');
         $user = $userModel::where($this->username(), $user)->first();
         if($user) {
             return $user->is_active;

diff --git a/src/Http/Middleware/CustomAuthorize.php b/src/Http/Middleware/CustomAuthorize.php
diff --git a/src/Http/Middleware/NovauserAuthorize.php b/src/Http/Middleware/NovauserAuthorize.php
@@ -0,0 +1,70 @@
+<?php
+
+
+namespace Tsung\NovaUserManagement\Http\Middleware;
+
+
+use Laravel\Nova\Nova;
+use Spatie\Permission\PermissionRegistrar;
+
+class NovauserAuthorize
+{
+    public function handle($request, $next)
+    {
+        if(Nova::check($request)) {
+
+            //$this->logonUserStillActive($request);
+
+            $this->forgetCachedPermissions($request);
+
+            return $next($request);
+        }
+        else {
+            // if the user dont have viewNova permissions then redirect to '/'
+            // return abort(403);
+            return redirect('/');
+        }
+    }
+
+    /**
+     * @param $request
+     *
+     * this method will check user is still active, if not logout the user,
+     * note: nova will redirect the user if dont have viewNova permission but the user still login
+     * dont need this cause web user and admin user using the same model
+     */
+    private function logonUserStillActive($request)
+    {
+        $user = $request->user();
+        if ($user) {
+            if( ! $user = auth()->user()->is_active) {
+                auth()->logout();
+            }
+        }
+    }
+
+    /**
+     * @param $request
+     *
+     * this method will reset cache for permission after adding
+     * laravel nova using cache permission, so it need to be reset before useable
+     */
+    private function forgetCachedPermissions($request)
+    {
+        if ( $request->is('nova-api/*/detach') || $request->is('nova-api/*/*/attach*/*') ) {
+//            $permissionKey = Nova::resourceForModel(app(PermissionRegistrar::class)->getPermissionClass())::uriKey();
+//
+//            if ($request->viaRelationship === $permissionKey) {
+//                app(PermissionRegistrar::class)->forgetCachedPermissions();
+//            }
+
+            /*
+             * if the request->viaRelationship is roles / permissions will reset permission cache
+             */
+            if( $request->viaRelationship === "roles" || $request->viaRelationship === "permissions" ) {
+                app(PermissionRegistrar::class)->forgetCachedPermissions();
+            }
+        }
+    }
+
+}