add acl to side menu

daniel-cintra · daniel-cintra · commit 683d10c40257 · 2023-04-14T13:04:24.000-03:00
diff --git a/src/Acl/Services/GetUserPermissions.php b/src/Acl/Services/GetUserPermissions.php
@@ -13,8 +13,6 @@ public function run(int $userId): array
             $query->get(['id', 'name']);
         }])->findOrFail($userId);
 
-        // ray($user->permissions);
-
         //if has direct permissions use it
         if ($user->permissions->count()) {
             return $this->mapPermissions($user->permissions);
diff --git a/stubs/app/Http/Middleware/HandleInertiaRequests.php b/stubs/app/Http/Middleware/HandleInertiaRequests.php
@@ -4,6 +4,7 @@
 
 use Illuminate\Http\Request;
 use Inertia\Middleware;
+use Modular\Modular\Acl\Services\ListUserPermissions;
 use Tightenco\Ziggy\Ziggy;
 
 class HandleInertiaRequests extends Middleware
@@ -32,9 +33,13 @@ public function version(Request $request)
      */
     public function share(Request $request)
     {
+        $user = $request->user();
+
         return array_merge(parent::share($request), [
             'auth' => [
-                'user' => $request->user(),
+                'user' => $user,
+                'permissions' => $user ? (new ListUserPermissions)->run($user->id) : [],
+                'isRootUser' => $user ? ($user->hasRole('root') ? true : false) : false,
             ],
             'ziggy' => fn () => array_merge((new Ziggy)->toArray(), [
                 'location' => $request->url(),
diff --git a/stubs/database/seeders/DatabaseSeeder.php b/stubs/database/seeders/DatabaseSeeder.php
@@ -2,10 +2,10 @@
 
 namespace Database\Seeders;
 
-// use Illuminate\Database\Console\Seeds\WithoutModelEvents;
 use Illuminate\Database\Seeder;
 use Illuminate\Support\Facades\Schema;
 use Modular\Modular\User\Models\User;
+use Spatie\Permission\Models\Role;
 
 class DatabaseSeeder extends Seeder
 {
@@ -18,14 +18,16 @@ public function run()
     {
         Schema::disableForeignKeyConstraints();
 
-        User::factory()->create([
+        $testUser = User::factory()->create([
             'name' => 'Example User',
             'email' => 'user@example.com',
             'email_verified_at' => now(),
             'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
         ]);
 
-        User::factory(11)->create();
+        Role::create(['name' => 'root']);
+
+        $testUser->assignRole('root');
 
         Schema::enableForeignKeyConstraints();
     }
diff --git a/stubs/resources/js/Components/AppMenuItem.vue b/stubs/resources/js/Components/AppMenuItem.vue
@@ -1,7 +1,7 @@
 <template>
     <li class="block">
         <Link
-            v-if="menuItem.label && menuItem.link"
+            v-if="menuItem.label && menuItem.link && can(menuItem.permission)"
             :href="menuItem.link"
             class="flex px-2 py-2 text-skin-base-content transition duration-300 ease-in hover:bg-skin-base-300"
         >
@@ -10,7 +10,7 @@
         </Link>
 
         <span
-            v-if="menuItem.label && !menuItem.link"
+            v-if="menuItem.label && !menuItem.link && can(menuItem.permission)"
             class="mt-3 block px-2 py-2 text-xs uppercase"
         >
             {{ __(menuItem.label) }}
@@ -21,10 +21,14 @@
 </template>
 
 <script setup>
+import useAuthCan from '@/Composables/useAuthCan'
+
 const props = defineProps({
     menuItem: {
         type: Object,
         default: () => {}
     }
 })
+
+const { can } = useAuthCan()
 </script>
diff --git a/stubs/resources/js/Composables/useAuthCan.js b/stubs/resources/js/Composables/useAuthCan.js
@@ -0,0 +1,15 @@
+import { usePage } from '@inertiajs/vue3'
+
+export default function useAuthCan() {
+    const can = (permission) => {
+        const auth = usePage().props.auth
+
+        if (auth && auth.isRootUser) {
+            return true
+        }
+
+        return auth && auth.permissions.includes(permission)
+    }
+
+    return { can }
+}
diff --git a/tests/AdminAuthTest.php b/tests/AdminAuthTest.php
@@ -7,8 +7,10 @@
 });
 
 it('allows authenticated access', function () {
+    $user = User::factory()->create();
+
     $this->withoutVite();
-    $this->actingAs(User::factory()->create())->get(route('dashboard.index'))->assertOk();
+    $this->actingAs($user)->get(route('dashboard.index'))->assertOk();
 });
 
 it('can render login page', function () {
diff --git a/tests/Overrides/Http/Middleware/HandleInertiaRequests.php b/tests/Overrides/Http/Middleware/HandleInertiaRequests.php
@@ -5,8 +5,6 @@
 use Illuminate\Http\Request;
 use Inertia\Middleware;
 
-// use Tightenco\Ziggy\Ziggy;
-
 class HandleInertiaRequests extends Middleware
 {
     /**
@@ -33,15 +31,15 @@ public function version(Request $request)
      */
     public function share(Request $request)
     {
+        $user = $request->user();
+
         return array_merge(parent::share($request), [
             'auth' => [
-                'user' => $request->user(),
+                'user' => $user,
+                'permissions' => [],
+                'isRootUser' => true,
             ],
-            // 'ziggy' => function () use ($request) {
-            //     return array_merge((new Ziggy)->toArray(), [
-            //         'location' => $request->url(),
-            //     ]);
-            // },
+
             'flash' => fn () => [
                 'success' => $request->session()->get('success'),
                 'error' => $request->session()->get('error'),
