AspireCloud/database/seeders/AuthorizationSeeder.php
Chuck Adams 35b967b124
Repo Admin API (#123)
* fix: switch redis driver to predis because laravel is hopeless

* chore: add spatie/laravel-permission

* build: composer update and bump

* style: death to captain obvious (zap laravel's banner comments)

* feat: initial roles and perms

* chore: assign User role on User created

* refactor: rename 'aspire_press' config key to 'aspirecloud'

* feat: require json content-type on admin api routes

* chore: implement BulkImport endpoint

* chore: give RepoAdmin users BulkImport permissions

* docs: update README
2024-12-28 15:57:51 -07:00

43 lines
1.2 KiB
PHP

<?php
namespace Database\Seeders;
use App\Auth\Permission;
use App\Auth\Role;
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission as PermissionModel;
use Spatie\Permission\Models\Role as RoleModel;
class AuthorizationSeeder extends Seeder
{
public function run(): void
{
$this->createRoles();
$this->createPermissions();
$this->assignPermissions();
}
private function createRoles(): void
{
foreach (Role::cases() as $role) {
RoleModel::findOrCreate($role->value);
}
}
private function createPermissions(): void
{
foreach (Permission::cases() as $permission) {
PermissionModel::findOrCreate($permission->value);
}
}
private function assignPermissions(): void
{
// SuperAdmins typically bypass permission checks, but it's still useful to grant all perms explicitly
RoleModel::findByName(Role::SuperAdmin->value)->givePermissionTo(...Permission::cases());
RoleModel::findByName(Role::RepoAdmin->value)
->givePermissionTo(Permission::UseAdminSite)
->givePermissionTo(Permission::BulkImport);
}
}