dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Add new role enum and apply authorization

Browse Source
This commit is contained in:
Jeremy Angele
2024-10-28 15:40:23 +01:00
parent a4b4b93b30
commit 44f0458eb6
2 changed files with 54 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
app/Enums/Role.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace App\Enums;
enum Role: string
{
case MEMBER = 'member';
case ADMIN = 'admin';
case OWNER = 'owner';
public function rank(): int
{
return match ($this) {
self::MEMBER => 1,
self::ADMIN => 2,
self::OWNER => 3,
};
}
public function lt(Role|string $role): bool
{
if (is_string($role)) {
$role = Role::from($role);
}
return $this->rank() < $role->rank();
}
public function gt(Role|string $role): bool
{
if (is_string($role)) {
$role = Role::from($role);
}
return $this->rank() > $role->rank();
}
}

24
app/Livewire/Team/Member.php
View File

@@ -2,6 +2,7 @@
namespace App\Livewire\Team;
use App\Enums\Role;
use App\Models\User;
use Illuminate\Support\Facades\Cache;
use Livewire\Component;
@@ -13,10 +14,11 @@ class Member extends Component
public function makeAdmin()
{
try {
if (! auth()->user()->isAdmin()) {
if (Role::from(auth()->user()->role())->lt(Role::ADMIN)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'admin']);
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => Role::ADMIN->value]);
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());
@@ -26,10 +28,11 @@ class Member extends Component
public function makeOwner()
{
try {
if (! auth()->user()->isOwner()) {
if (Role::from(auth()->user()->role())->lt(Role::OWNER)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'owner']);
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => Role::OWNER->value]);
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());
@@ -39,10 +42,11 @@ class Member extends Component
public function makeReadonly()
{
try {
if (! auth()->user()->isAdmin()) {
if (Role::from(auth()->user()->role())->lt(Role::ADMIN)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'member']);
$this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => Role::MEMBER->value]);
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());
@@ -52,7 +56,8 @@ class Member extends Component
public function remove()
{
try {
if (! auth()->user()->isAdmin()) {
if (Role::from(auth()->user()->role())->lt(Role::ADMIN)
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$this->member->teams()->detach(currentTeam());
@@ -65,4 +70,9 @@ class Member extends Component
$this->dispatch('error', $e->getMessage());
}
}
private function getMemberRole()
{
return $this->member->teams()->where('teams.id', currentTeam()->id)->first()?->pivot?->role;
}
}