112 lines
3.4 KiB
PHP
112 lines
3.4 KiB
PHP
<?php
|
|
|
|
namespace Database\Seeders;
|
|
|
|
use Illuminate\Database\Seeder;
|
|
use App\Models\Role;
|
|
use App\Models\Permission;
|
|
use Illuminate\Support\Facades\DB;
|
|
|
|
class InitialAuthorizationSeeder extends Seeder
|
|
{
|
|
protected $permissions = [
|
|
// Store Management
|
|
['name' => 'View Stores', 'code' => 'stores.view'],
|
|
['name' => 'Manage Stores', 'code' => 'stores.manage'],
|
|
|
|
// Group Management
|
|
['name' => 'View Groups', 'code' => 'groups.view'],
|
|
['name' => 'Manage Groups', 'code' => 'groups.manage'],
|
|
|
|
// Group Types Management
|
|
['name' => 'View Group Types', 'code' => 'group-types.view'],
|
|
['name' => 'Manage Group Types', 'code' => 'group-types.manage'],
|
|
|
|
// User Management
|
|
['name' => 'View Users', 'code' => 'users.view'],
|
|
['name' => 'Manage Users', 'code' => 'users.manage'],
|
|
|
|
// Role Management
|
|
['name' => 'View Roles', 'code' => 'roles.view'],
|
|
['name' => 'Manage Roles', 'code' => 'roles.manage'],
|
|
|
|
// Permission Management
|
|
['name' => 'View Permissions', 'code' => 'permissions.view'],
|
|
['name' => 'Manage Permissions', 'code' => 'permissions.manage'],
|
|
];
|
|
|
|
protected $roles = [
|
|
[
|
|
'name' => 'System Administrator',
|
|
'code' => 'sys.admin',
|
|
'description' => 'Full system access',
|
|
'permissions' => '*' // Special case: all permissions
|
|
],
|
|
[
|
|
'name' => 'Store Manager',
|
|
'code' => 'store.manager',
|
|
'description' => 'Manages individual store operations',
|
|
'permissions' => [
|
|
'stores.view',
|
|
'users.view',
|
|
'groups.view'
|
|
]
|
|
],
|
|
[
|
|
'name' => 'Group Manager',
|
|
'code' => 'group.manager',
|
|
'description' => 'Manages group operations',
|
|
'permissions' => [
|
|
'stores.view',
|
|
'groups.view',
|
|
'groups.manage',
|
|
'users.view'
|
|
]
|
|
],
|
|
[
|
|
'name' => 'User Manager',
|
|
'code' => 'user.manager',
|
|
'description' => 'Manages user accounts',
|
|
'permissions' => [
|
|
'users.view',
|
|
'users.manage'
|
|
]
|
|
]
|
|
];
|
|
|
|
public function run()
|
|
{
|
|
DB::transaction(function () {
|
|
// Create Permissions
|
|
foreach ($this->permissions as $permissionData) {
|
|
Permission::firstOrCreate(
|
|
['code' => $permissionData['code']],
|
|
$permissionData
|
|
);
|
|
}
|
|
|
|
// Create Roles and Assign Permissions
|
|
foreach ($this->roles as $roleData) {
|
|
$permissions = $roleData['permissions'];
|
|
unset($roleData['permissions']);
|
|
|
|
$role = Role::firstOrCreate(
|
|
['code' => $roleData['code']],
|
|
$roleData
|
|
);
|
|
|
|
// Handle permission assignment
|
|
if ($permissions === '*') {
|
|
// Assign all permissions to system admin
|
|
$role->permissions()->sync(Permission::all());
|
|
} else {
|
|
// Assign specific permissions
|
|
$role->permissions()->sync(
|
|
Permission::whereIn('code', $permissions)->pluck('id')
|
|
);
|
|
}
|
|
}
|
|
});
|
|
}
|
|
}
|