Añadido helper para crear los archivos de costantes de RBAC

2025-07-25 22:52:08 +00:00 · 2024-05-06 13:34:16 +02:00
parent 122e194b16
commit 7492616dc6
15 changed files with 363 additions and 118 deletions
--- a/ci4/app/Config/AuthGroups.php
+++ b/ci4/app/Config/AuthGroups.php
@ -14,6 +14,8 @@ declare(strict_types=1);
 namespace Config;

 require "RBAC/roles.php";
+require "RBAC/permissions.php";
+require "RBAC/permissionMatrix.php";

 use CodeIgniter\Shield\Config\AuthGroups as ShieldAuthGroups;

@ -25,7 +27,7 @@ class AuthGroups extends ShieldAuthGroups
     * --------------------------------------------------------------------
     * The group that a newly registered user is added to.
     */
-    public string $defaultGroup = 'user';
+    public string $defaultGroup = 'cliente';

    /**
     * --------------------------------------------------------------------
@ -52,16 +54,7 @@ class AuthGroups extends ShieldAuthGroups
     *
     * If a permission is not listed here it cannot be used.
     */
-    public array $permissions = [
-        'admin.access' => 'Can access the sites admin area',
-        'admin.settings' => 'Can access the main site settings',
-        'users.manage-admins' => 'Can manage other admins',
-        'users.list' => 'Can list user stuff',
-        'users.create' => 'Can create new non-admin users',
-        'users.edit' => 'Can edit existing non-admin users',
-        'users.delete' => 'Can delete existing non-admin users',
-        'beta.access' => 'Can access beta-level features',
-    ];
+    public array $permissions = SK_PERMISSIONS;

    /**
     * --------------------------------------------------------------------
@ -71,31 +64,5 @@ class AuthGroups extends ShieldAuthGroups
     *
     * This defines group-level permissions.
     */
-	public array $matrix = [
-	    "superadmin"=> [
-	        "admin.*",
-	        "users.*",
-	        "beta.*"
-	    ],
-	    "admin"=> [
-	        "admin.access",
-	        "users.create",
-	        "users.edit",
-	        "users.delete",
-	        "beta.access"
-	    ],
-	    "developer"=> [
-	        "admin.access",
-	        "admin.settings",
-	        "users.create",
-	        "users.edit",
-	        "beta.access"
-	    ],
-	    "user"=> [
-	        "users.list"
-	    ],
-	    "beta"=> [
-	        "beta.access"
-	    ]
-	];
+	public array $matrix = SK_PERMISSION_MATRIX;
 }
--- a/ci4/app/Config/RBAC/permissionMatrix.php
+++ b/ci4/app/Config/RBAC/permissionMatrix.php
@ -0,0 +1,77 @@
+<?php
+const SK_PERMISSION_MATRIX = [
+	"admin" => [
+		"clientes.create",
+		"clientes.edit",
+		"clientes.menu",
+		"plantillaTarifa.create",
+		"plantillaTarifa.edit",
+		"plantillaTarifa.delete",
+		"plantillaTarifa.menu",
+		"presupuesto.create",
+		"presupuesto.edit",
+		"presupuesto.delete",
+		"presupuesto.menu",
+		"tarifaPreimpresion.create",
+		"tarifaPreimpresion.edit",
+		"tarifaPreimpresion.delete",
+		"tarifaPreimpresion.menu",
+		"tarifaManipulado.create",
+		"tarifaManipulado.edit",
+		"tarifaManipulado.delete",
+		"tarifaManipulado.menu",
+		"tarifaAcabado.create",
+		"tarifaAcabado.edit",
+		"tarifaAcabado.delete",
+		"tarifaAcabado.menu",
+		"tarifaEncuadernacion.create",
+		"tarifaEncuadernacion.edit",
+		"tarifaEncuadernacion.delete",
+		"tarifaEncuadernacion.menu",
+		"tarifaEnvio.create",
+		"tarifaEnvio.edit",
+		"tarifaEnvio.delete",
+		"tarifaEnvio.menu",
+	],
+	"cliente" => [
+		"token.token",
+		"token.menu",
+		"Profile.index",
+		"Profile.store",
+		"Profile.menu",
+		"Activity.index",
+		"Activity.menu",
+		"save.save",
+		"save.menu",
+	],
+	"comercial" => [
+		"token.token",
+		"token.menu",
+	],
+	"produccion" => [
+		"token.token",
+		"token.menu",
+	],
+	"maquina" => [
+		"token.token",
+		"token.menu",
+	],
+	"maquetador" => [
+		"token.token",
+		"token.menu",
+	],
+	"director" => [
+		"token.token",
+		"token.menu",
+	],
+	"contabilidad" => [
+		"token.token",
+		"token.menu",
+	],
+	"editor" => [
+		"token.token",
+		"token.menu",
+		"Profile.index",
+		"Profile.menu",
+	],
+];
--- a/ci4/app/Config/RBAC/permissions.php
+++ b/ci4/app/Config/RBAC/permissions.php
@ -0,0 +1,48 @@
+<?php
+
+const SK_PERMISSIONS = [
+	'clientes.create' => 'Can create',
+	'clientes.edit' => 'Can edit',
+	'clientes.delete' => 'Can delete',
+	'clientes.menu' => 'Menu shall be visualize',
+	'plantillaTarifa.create' => 'Can create',
+	'plantillaTarifa.edit' => 'Can edit',
+	'plantillaTarifa.delete' => 'Can delete',
+	'plantillaTarifa.menu' => 'Menu shall be visualize',
+	'presupuesto.create' => 'Can create',
+	'presupuesto.edit' => 'Can edit',
+	'presupuesto.delete' => 'Can delete',
+	'presupuesto.menu' => 'Menu shall be visualize',
+	'tarifaPreimpresion.create' => 'Can create',
+	'tarifaPreimpresion.edit' => 'Can edit',
+	'tarifaPreimpresion.delete' => 'Can delete',
+	'tarifaPreimpresion.menu' => 'Menu shall be visualize',
+	'tarifaManipulado.create' => 'Can create',
+	'tarifaManipulado.edit' => 'Can edit',
+	'tarifaManipulado.delete' => 'Can delete',
+	'tarifaManipulado.menu' => 'Menu shall be visualize',
+	'tarifaAcabado.create' => 'Can create',
+	'tarifaAcabado.edit' => 'Can edit',
+	'tarifaAcabado.delete' => 'Can delete',
+	'tarifaAcabado.menu' => 'Menu shall be visualize',
+	'tarifaEncuadernacion.create' => 'Can create',
+	'tarifaEncuadernacion.edit' => 'Can edit',
+	'tarifaEncuadernacion.delete' => 'Can delete',
+	'tarifaEncuadernacion.menu' => 'Menu shall be visualize',
+	'tarifaEnvio.create' => 'Can create',
+	'tarifaEnvio.edit' => 'Can edit',
+	'tarifaEnvio.delete' => 'Can delete',
+	'tarifaEnvio.menu' => 'Menu shall be visualize',
+	'proveedores.create' => 'Can create',
+	'proveedores.edit' => 'Can edit',
+	'proveedores.delete' => 'Can delete',
+	'proveedores.menu' => 'Menu shall be visualize',
+	'ajustes.create' => 'Can create',
+	'ajustes.edit' => 'Can edit',
+	'ajustes.delete' => 'Can delete',
+	'ajustes.menu' => 'Menu shall be visualize',
+	'actividad.create' => 'Can create',
+	'actividad.edit' => 'Can edit',
+	'actividad.delete' => 'Can delete',
+	'actividad.menu' => 'Menu shall be visualize',
+];
--- a/ci4/app/Config/RBAC/roles.php
+++ b/ci4/app/Config/RBAC/roles.php
@ -1,24 +1,40 @@
 <?php

 const SK_ROLES = [
-    'superadmin' => [
-        'title' => 'Super Admin',
-        'description' => 'Complete control of the site.',
-    ],
    'admin' => [
-        'title' => 'Admin',
-        'description' => 'Day to day administrators of the site.',
+        'title' => 'Administrador',
+        'description' => 'Describeme',
    ],
-    'developer' => [
-        'title' => 'Developer',
-        'description' => 'Site programmers.',
+    'cliente' => [
+        'title' => 'Cliente',
+        'description' => '',
    ],
-    'user' => [
-        'title' => 'User',
-        'description' => 'General users of the site. Often customers.',
+    'comercial' => [
+        'title' => 'Comercial',
+        'description' => '',
    ],
-    'beta' => [
-        'title' => 'Beta User',
-        'description' => 'Has access to beta-level features.',
+    'produccion' => [
+        'title' => 'Producción',
+        'description' => '',
    ],
-];
+    'maquina' => [
+        'title' => 'Máquina',
+        'description' => '',
+    ],
+    'maquetador' => [
+        'title' => 'Maquetador',
+        'description' => '',
+    ],
+    'director' => [
+        'title' => 'Director',
+        'description' => '',
+    ],
+    'contabilidad' => [
+        'title' => 'Contabilidad',
+        'description' => '',
+    ],
+    'editor' => [
+        'title' => 'Editor',
+        'description' => '',
+    ],
+];