jjimenez/safekat
1
0
Fork 0
mirror of https://git.imnavajas.es/jjimenez/safekat.git synced 2025-07-25 22:52:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Añadido helper para crear los archivos de costantes de RBAC

Browse Source
This commit is contained in:
imnavajas
2024-05-06 13:34:16 +02:00
parent 122e194b16
commit 7492616dc6
15 changed files with 363 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
ci4/app/Config/AuthGroups.php
View File

@ -14,6 +14,8 @@ declare(strict_types=1);
namespace Config; namespace Config;
require "RBAC/roles.php"; require "RBAC/roles.php";
require "RBAC/permissions.php";
require "RBAC/permissionMatrix.php";
use CodeIgniter\Shield\Config\AuthGroups as ShieldAuthGroups; use CodeIgniter\Shield\Config\AuthGroups as ShieldAuthGroups;
@ -25,7 +27,7 @@ class AuthGroups extends ShieldAuthGroups
* -------------------------------------------------------------------- * --------------------------------------------------------------------
* The group that a newly registered user is added to. * The group that a newly registered user is added to.
*/ */
public string $defaultGroup = 'user'; public string $defaultGroup = 'cliente';
/** /**
* -------------------------------------------------------------------- * --------------------------------------------------------------------
@ -52,16 +54,7 @@ class AuthGroups extends ShieldAuthGroups
* *
* If a permission is not listed here it cannot be used. * If a permission is not listed here it cannot be used.
*/ */
public array $permissions = [ public array $permissions = SK_PERMISSIONS;
'admin.access' => 'Can access the sites admin area',
'admin.settings' => 'Can access the main site settings',
'users.manage-admins' => 'Can manage other admins',
'users.list' => 'Can list user stuff',
'users.create' => 'Can create new non-admin users',
'users.edit' => 'Can edit existing non-admin users',
'users.delete' => 'Can delete existing non-admin users',
'beta.access' => 'Can access beta-level features',
];
/** /**
* -------------------------------------------------------------------- * --------------------------------------------------------------------
@ -71,31 +64,5 @@ class AuthGroups extends ShieldAuthGroups
* *
* This defines group-level permissions. * This defines group-level permissions.
*/ */
public array $matrix = [ public array $matrix = SK_PERMISSION_MATRIX;
"superadmin"=> [
"admin.*",
"users.*",
"beta.*"
],
"admin"=> [
"admin.access",
"users.create",
"users.edit",
"users.delete",
"beta.access"
],
"developer"=> [
"admin.access",
"admin.settings",
"users.create",
"users.edit",
"beta.access"
],
"user"=> [
"users.list"
],
"beta"=> [
"beta.access"
]
];
} }

77
ci4/app/Config/RBAC/permissionMatrix.php Normal file
View File

@ -0,0 +1,77 @@
<?php
const SK_PERMISSION_MATRIX = [
"admin" => [
"clientes.create",
"clientes.edit",
"clientes.menu",
"plantillaTarifa.create",
"plantillaTarifa.edit",
"plantillaTarifa.delete",
"plantillaTarifa.menu",
"presupuesto.create",
"presupuesto.edit",
"presupuesto.delete",
"presupuesto.menu",
"tarifaPreimpresion.create",
"tarifaPreimpresion.edit",
"tarifaPreimpresion.delete",
"tarifaPreimpresion.menu",
"tarifaManipulado.create",
"tarifaManipulado.edit",
"tarifaManipulado.delete",
"tarifaManipulado.menu",
"tarifaAcabado.create",
"tarifaAcabado.edit",
"tarifaAcabado.delete",
"tarifaAcabado.menu",
"tarifaEncuadernacion.create",
"tarifaEncuadernacion.edit",
"tarifaEncuadernacion.delete",
"tarifaEncuadernacion.menu",
"tarifaEnvio.create",
"tarifaEnvio.edit",
"tarifaEnvio.delete",
"tarifaEnvio.menu",
],
"cliente" => [
"token.token",
"token.menu",
"Profile.index",
"Profile.store",
"Profile.menu",
"Activity.index",
"Activity.menu",
"save.save",
"save.menu",
],
"comercial" => [
"token.token",
"token.menu",
],
"produccion" => [
"token.token",
"token.menu",
],
"maquina" => [
"token.token",
"token.menu",
],
"maquetador" => [
"token.token",
"token.menu",
],
"director" => [
"token.token",
"token.menu",
],
"contabilidad" => [
"token.token",
"token.menu",
],
"editor" => [
"token.token",
"token.menu",
"Profile.index",
"Profile.menu",
],
];

48
ci4/app/Config/RBAC/permissions.php Normal file
View File

@ -0,0 +1,48 @@
<?php
const SK_PERMISSIONS = [
'clientes.create' => 'Can create',
'clientes.edit' => 'Can edit',
'clientes.delete' => 'Can delete',
'clientes.menu' => 'Menu shall be visualize',
'plantillaTarifa.create' => 'Can create',
'plantillaTarifa.edit' => 'Can edit',
'plantillaTarifa.delete' => 'Can delete',
'plantillaTarifa.menu' => 'Menu shall be visualize',
'presupuesto.create' => 'Can create',
'presupuesto.edit' => 'Can edit',
'presupuesto.delete' => 'Can delete',
'presupuesto.menu' => 'Menu shall be visualize',
'tarifaPreimpresion.create' => 'Can create',
'tarifaPreimpresion.edit' => 'Can edit',
'tarifaPreimpresion.delete' => 'Can delete',
'tarifaPreimpresion.menu' => 'Menu shall be visualize',
'tarifaManipulado.create' => 'Can create',
'tarifaManipulado.edit' => 'Can edit',
'tarifaManipulado.delete' => 'Can delete',
'tarifaManipulado.menu' => 'Menu shall be visualize',
'tarifaAcabado.create' => 'Can create',
'tarifaAcabado.edit' => 'Can edit',
'tarifaAcabado.delete' => 'Can delete',
'tarifaAcabado.menu' => 'Menu shall be visualize',
'tarifaEncuadernacion.create' => 'Can create',
'tarifaEncuadernacion.edit' => 'Can edit',
'tarifaEncuadernacion.delete' => 'Can delete',
'tarifaEncuadernacion.menu' => 'Menu shall be visualize',
'tarifaEnvio.create' => 'Can create',
'tarifaEnvio.edit' => 'Can edit',
'tarifaEnvio.delete' => 'Can delete',
'tarifaEnvio.menu' => 'Menu shall be visualize',
'proveedores.create' => 'Can create',
'proveedores.edit' => 'Can edit',
'proveedores.delete' => 'Can delete',
'proveedores.menu' => 'Menu shall be visualize',
'ajustes.create' => 'Can create',
'ajustes.edit' => 'Can edit',
'ajustes.delete' => 'Can delete',
'ajustes.menu' => 'Menu shall be visualize',
'actividad.create' => 'Can create',
'actividad.edit' => 'Can edit',
'actividad.delete' => 'Can delete',
'actividad.menu' => 'Menu shall be visualize',
];

48
ci4/app/Config/RBAC/roles.php
View File

@ -1,24 +1,40 @@
<?php <?php
const SK_ROLES = [ const SK_ROLES = [
'superadmin' => [
'title' => 'Super Admin',
'description' => 'Complete control of the site.',
],
'admin' => [ 'admin' => [
'title' => 'Admin', 'title' => 'Administrador',
'description' => 'Day to day administrators of the site.', 'description' => 'Describeme',
], ],
'developer' => [ 'cliente' => [
'title' => 'Developer', 'title' => 'Cliente',
'description' => 'Site programmers.', 'description' => '',
], ],
'user' => [ 'comercial' => [
'title' => 'User', 'title' => 'Comercial',
'description' => 'General users of the site. Often customers.', 'description' => '',
], ],
'beta' => [ 'produccion' => [
'title' => 'Beta User', 'title' => 'Producción',
'description' => 'Has access to beta-level features.', 'description' => '',
], ],
]; 'maquina' => [
'title' => 'Máquina',
'description' => '',
],
'maquetador' => [
'title' => 'Maquetador',
'description' => '',
],
'director' => [
'title' => 'Director',
'description' => '',
],
'contabilidad' => [
'title' => 'Contabilidad',
'description' => '',
],
'editor' => [
'title' => 'Editor',
'description' => '',
],
];

11
ci4/app/Controllers/Configuracion/Group.php
View File

@ -21,8 +21,6 @@ class Group extends \App\Controllers\GoBaseController
protected $indexRoute = 'userGroupList'; protected $indexRoute = 'userGroupList';
private $group_user_model;
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger) public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
{ {
self::$viewPath = getenv('theme.path') . 'form/group/'; self::$viewPath = getenv('theme.path') . 'form/group/';
@ -42,7 +40,6 @@ class Group extends \App\Controllers\GoBaseController
$this->viewData['usingClientSideDataTable'] = true; $this->viewData['usingClientSideDataTable'] = true;
$this->viewData['pageSubTitle'] = lang('Basic.global.ManageAllRecords', [lang('Groups.group')]); $this->viewData['pageSubTitle'] = lang('Basic.global.ManageAllRecords', [lang('Groups.group')]);
// IMN // IMN
$this->group_user_model = new GroupsUsersModel();
$this->viewData['model'] = $this->model; $this->viewData['model'] = $this->model;
parent::index(); parent::index();
@ -56,13 +53,13 @@ class Group extends \App\Controllers\GoBaseController
$postData = $this->request->getPost(); $postData = $this->request->getPost();
$temp_data['id'] = $groupEntity->id; $temp_data['id'] = $groupEntity->id;
$temp_data['name'] = $postData['name']; $temp_data['title'] = $postData['title'];
$temp_data['description'] = $postData['description']; $temp_data['description'] = $postData['description'];
// Clear not rules fields // Clear not rules fields
unset($postData['safekat_token']); unset($postData['safekat_token']);
unset($postData['id']); unset($postData['id']);
unset($postData['name']); unset($postData['title']);
unset($postData['description']); unset($postData['description']);
unset($postData['save']); unset($postData['save']);
unset($postData['selectAll']); unset($postData['selectAll']);
@ -146,13 +143,13 @@ class Group extends \App\Controllers\GoBaseController
$postData = $this->request->getPost(); $postData = $this->request->getPost();
$temp_data['id'] = $groupEntity->id; $temp_data['id'] = $groupEntity->id;
$temp_data['name'] = $postData['name']; $temp_data['title'] = $postData['title'];
$temp_data['description'] = $postData['description']; $temp_data['description'] = $postData['description'];
// Clear not rules fields // Clear not rules fields
unset($postData['safekat_token']); unset($postData['safekat_token']);
unset($postData['id']); unset($postData['id']);
unset($postData['name']); unset($postData['title']);
unset($postData['description']); unset($postData['description']);
unset($postData['save']); unset($postData['save']);
unset($postData['selectAll']); unset($postData['selectAll']);

1
ci4/app/Controllers/Sistema/Actividad.php
View File

@ -29,7 +29,6 @@ class Actividad extends BaseResourceController
['title' => lang("App.menu_activity"), 'route' => route_to('activityList'), 'active' => true] ['title' => lang("App.menu_activity"), 'route' => route_to('activityList'), 'active' => true]
]; ];
parent::initController($request, $response, $logger); parent::initController($request, $response, $logger);
} }

12
ci4/app/Controllers/Test.php
View File

@ -7,6 +7,8 @@ use App\Models\Configuracion\MaquinasTarifasImpresionModel;
use App\Models\Configuracion\PapelGenericoModel; use App\Models\Configuracion\PapelGenericoModel;
use App\Models\Configuracion\MaquinaModel; use App\Models\Configuracion\MaquinaModel;
use App\Models\Presupuestos\PresupuestoModel; use App\Models\Presupuestos\PresupuestoModel;
use App\Models\Usuarios\GroupModel;
use App\Models\Usuarios\PermisosModel;
use App\Services\PresupuestoService; use App\Services\PresupuestoService;
class Test extends BaseController class Test extends BaseController
@ -17,9 +19,13 @@ class Test extends BaseController
public function index() public function index()
{ {
$status = PresupuestoService::checkMaquina(1995); helper('rbac');
var_dump($status);
echo xdebug_info();
echo generate_php_permissions_matrix_constant();
} }

6
ci4/app/Entities/Usuarios/GroupEntity.php
View File

@ -8,11 +8,13 @@ class GroupEntity extends \CodeIgniter\Entity\Entity
protected $attributes = [ protected $attributes = [
"id" => null, "id" => null,
"keyword" => null, "keyword" => null,
"name" => null, "title" => null,
"description" => null, "description" => null,
"rules" => null, "rules" => null,
"created_at" => null, "created_at" => null,
"updated_at" => null, "updated_at" => null,
]; ];
protected $casts = []; protected $casts = [
"rules" => "json",
];
} }

6
ci4/app/Helpers/general_helper.php
View File

@ -8,8 +8,10 @@ function ruleIsChecked($rules, $section, $method){
if ($rules==null){ if ($rules==null){
return false; return false;
} }
$json = json_decode($rules); if(is_string($rules)){
foreach($json as $key=>$value){ $rules = json_decode($rules);
}
foreach($rules as $key=>$value){
if($key==$section){ if($key==$section){
foreach($value as $item){ foreach($value as $item){
if($item==$method){ if($item==$method){

96
ci4/app/Helpers/rbac_helper.php Normal file
View File

@ -0,0 +1,96 @@
<?php
use App\Models\Usuarios\GroupModel;
use App\Models\Usuarios\PermisosModel;
if (!function_exists('generate_php_roles_constant')) {
function generate_php_roles_constant()
{
// Generate the array of keys
$array = (new GroupModel())->getRolesList();
// Start of the file
$phpCode = "<?php\n\n";
// Add constant name
$phpCode .= "const SK_ROLES = [\n";
// Loop through the array and create constant
// Loop through the array and create constant
foreach ($array as $key => $values) {
$phpCode .= " '{$key}' => [\n";
foreach ($values as $subkey => $value) {
$phpCode .= " '{$subkey}' => '{$value}',\n";
}
$phpCode .= " ],\n";
}
// Close the array
$phpCode .= "];\n";
// Write PHP code to a file
$filePath = APPPATH . "Config/RBAC/roles.php";
file_put_contents($filePath, $phpCode);
}
}
if (!function_exists('generate_php_permissions_constant')) {
function generate_php_permissions_constant()
{
// Generate the array of keys
$array = (new PermisosModel())->getPermissionsList();
// Start of the file
$phpCode = "<?php\n\n";
// Add constant name
$phpCode .= "const SK_PERMISSIONS = [\n";
// Loop through the array and create constant
foreach ($array as $key => $value) {
// Using single quotes to ensure keys/values are emitted as literals
$phpCode .= "\t'{$key}' => '{$value}',\n";
}
// Close the array
$phpCode .= "];\n";
// Write PHP code to a file
$filePath = APPPATH . "Config/RBAC/permissions.php";
file_put_contents($filePath, $phpCode);
}
}
if (!function_exists('generate_php_permissions_matrix_constant')) {
function generate_php_permissions_matrix_constant()
{
$matrix = (new GroupModel())->getRolesPermissionMatrix();
// Start of the file
$phpCode = "<?php\n";
// Add constant name
$phpCode .= "const SK_PERMISSION_MATRIX = [\n";
// Loop through the array and create constant
foreach ($matrix as $role => $permissions) {
$phpCode .= "\t\"{$role}\" => [\n";
foreach ($permissions as $permission) {
$phpCode .= "\t\t\"{$permission}\",\n";
}
$phpCode .= "\t],\n";
}
// Close the array
$phpCode .= "];\n";
// Write PHP code to a file
$filePath = APPPATH . "Config/RBAC/permissionMatrix.php";
file_put_contents($filePath, $phpCode);
}
}

78
ci4/app/Models/Usuarios/GroupModel.php
View File

@ -23,25 +23,25 @@ class GroupModel extends \App\Models\BaseModel
const SORTABLE = [ const SORTABLE = [
1 => "t1.id", 1 => "t1.id",
2 => "t1.keyword", 2 => "t1.keyword",
3 => "t1.name", 3 => "t1.title",
4 => "t1.description", 4 => "t1.description",
5 => "t1.rules", 5 => "t1.rules",
6 => "t1.created_at", 6 => "t1.created_at",
7 => "t1.updated_at", 7 => "t1.updated_at",
]; ];
protected $allowedFields = ["id", "keyword", "name", "description", "rules"]; protected $allowedFields = ["id", "keyword", "title", "description", "rules"];
protected $returnType = "App\Entities\Usuarios\GroupEntity"; protected $returnType = "App\Entities\Usuarios\GroupEntity";
public static $labelField = "name"; public static $labelField = "title";
protected $validationRules = [ protected $validationRules = [
"description" => [ "description" => [
"label" => "UserGroups.description", "label" => "RolesPermisos.description",
"rules" => "max_length[150]", "rules" => "max_length[150]",
], ],
"name" => [ "title" => [
"label" => "UserGroups.name", "label" => "RolesPermisos.title",
"rules" => "required|max_length[50]", "rules" => "required|max_length[50]",
], ],
@ -49,12 +49,12 @@ class GroupModel extends \App\Models\BaseModel
protected $validationMessages = [ protected $validationMessages = [
"description" => [ "description" => [
"max_length" => "UserGroups.validation.description.max_length", "max_length" => "RolesPermisos.validation.description.max_length",
"required" => "UserGroups.validation.description.required", "required" => "RolesPermisos.validation.description.required",
], ],
"name" => [ "title" => [
"max_length" => "UserGroups.validation.name.max_length", "max_length" => "RolesPermisos.validation.title.max_length",
"required" => "UserGroups.validation.name.required", "required" => "RolesPermisos.validation.title.required",
], ],
]; ];
@ -71,7 +71,7 @@ class GroupModel extends \App\Models\BaseModel
$builder = $this->db $builder = $this->db
->table($this->table . " t1") ->table($this->table . " t1")
->select( ->select(
"t1.id AS id, t1.keyword AS keyword, t1.name AS name, t1.description AS description, t1.rules AS rules, "t1.id AS id, t1.keyword AS keyword, t1.title AS title, t1.description AS description, t1.rules AS rules,
t1.token AS token, t1.created_at AS created_at, t1.updated_at AS updated_at" t1.token AS token, t1.created_at AS created_at, t1.updated_at AS updated_at"
); );
@ -81,7 +81,7 @@ class GroupModel extends \App\Models\BaseModel
->groupStart() ->groupStart()
->like("t1.id", $search) ->like("t1.id", $search)
->orLike("t1.keyword", $search) ->orLike("t1.keyword", $search)
->orLike("t1.name", $search) ->orLike("t1.title", $search)
->orLike("t1.description", $search) ->orLike("t1.description", $search)
->orLike("t1.rules", $search) ->orLike("t1.rules", $search)
->orLike("t1.created_at", $search) ->orLike("t1.created_at", $search)
@ -100,4 +100,56 @@ class GroupModel extends \App\Models\BaseModel
->countAllResults(); ->countAllResults();
} }
public function getRolPermissionList($rolId)
{
$rolRecord = $this->find($rolId);
$result = [];
foreach ($rolRecord->rules as $section => $permissions) {
if (!is_null($permissions)) {
foreach ($permissions as $permission) {
$result[$section . "." . $permission] = "Can " . $permission;
}
// Add menu visibility permission (automatic management)
$result[$section . ".menu"] = "Menu shall be visualize";
}
}
return $result;
}
public function getRolesPermissionMatrix()
{
$rolesRecord = $this->findAll();
$result = [];
foreach ($rolesRecord as $rolRecord) {
$rolePermissions = [];
foreach ($rolRecord->rules as $section => $permissions) {
foreach ($permissions as $permission) {
$rolePermissions[] = $section . "." . $permission;
}
// Add menu visibility permission (automatic management)
$rolePermissions[] = $section . ".menu";
}
$result[$rolRecord->keyword] = $rolePermissions;
}
return $result;
}
public function getRolesList()
{
$rolesRecord = $this->findAll();
$result = [];
foreach ($rolesRecord as $rolRecord) {
$result[$rolRecord->keyword] = array(
'title' => $rolRecord->title,
'description' => $rolRecord->description
);
}
return $result;
}
} }

42
ci4/app/Models/Usuarios/PermisosModel.php
View File

@ -59,34 +59,22 @@ class PermisosModel extends \App\Models\BaseModel
]; ];
/**
* Get resource data.
*
* @param string $search
*
* @return \CodeIgniter\Database\BaseBuilder
*/
public function getResource(string $search = "")
{
$builder = $this->db
->table($this->table . " t1")
->select(
"t1.id AS id, t1.keyword AS keyword, t1.name AS name, t1.description AS description, t1.rules AS rules,
t1.token AS token, t1.created_at AS created_at, t1.updated_at AS updated_at"
);
return empty($search) public function getPermissionsList()
? $builder {
: $builder $allRecords = $this->findAll();
->groupStart() $result = [];
->like("t1.id", $search) foreach ($allRecords as $record) {
->orLike("t1.keyword", $search) foreach ($record->rules as $section => $permissions) {
->orLike("t1.name", $search) foreach ($permissions as $permission) {
->orLike("t1.description", $search) $result[$section . "." . $permission] = "Can " . $permission;
->orLike("t1.rules", $search) }
->orLike("t1.created_at", $search) // Add menu visibility permission (automatic management)
->orLike("t1.updated_at", $search) $result[$section . ".menu"] = "Menu shall be visualize";
->groupEnd(); }
}
return $result;
} }
} }

5
ci4/app/Views/themes/backend/vuexy/form/group/viewUserGroupForm.php
View File

@ -21,8 +21,8 @@
<label for="title" class="form-label text-dark"> <label for="title" class="form-label text-dark">
<?= lang("RolesPermisos.rolName") ?> <?= lang("RolesPermisos.rolName") ?>
</label> </label>
<input type="text" name="name" id="name" class="form-control" <input type="text" name="title" id="title" class="form-control"
value="<?= old('name', $group->name) ?>"> value="<?= old('title', $group->title) ?>">
</div> </div>
<div class="col-md-8"> <div class="col-md-8">
<label for="description" class="form-label text-dark"> <label for="description" class="form-label text-dark">
@ -118,5 +118,4 @@ $('input[name="selectAll"]').click(function() {
}); });
}); });
<?= $this->endSection() ?> <?= $this->endSection() ?>

2
ci4/app/Views/themes/backend/vuexy/form/group/viewUserGroupList.php
View File

@ -47,7 +47,7 @@
</div> </div>
<div class="d-flex justify-content-between align-items-end mt-1"> <div class="d-flex justify-content-between align-items-end mt-1">
<div class="role-heading"> <div class="role-heading">
<h4 class="mb-1"><?= esc($item->name) ?></h4> <h4 class="mb-1"><?= esc($item->title) ?></h4>
<a href="<?= route_to('editGroup', $item->id) ?>"> <a href="<?= route_to('editGroup', $item->id) ?>">
<span><?= lang('Basic.global.edit') ?></span> <span><?= lang('Basic.global.edit') ?></span>
</a> </a>

6
ci4/app/Views/themes/backend/vuexy/main/menu_impresion.php
View File

@ -482,11 +482,7 @@
<div data-i18n="<?= lang("App.menu_maquina_defecto") ?>"><?= lang("App.menu_maquina_defecto") ?></div> <div data-i18n="<?= lang("App.menu_maquina_defecto") ?>"><?= lang("App.menu_maquina_defecto") ?></div>
</a> </a>
</li> </li>
<li class="menu-item">
<a href="<?= site_url("configuracion/calendario") ?>" class="menu-link">
<div data-i18n="<?= lang("App.menu_calendario") ?>"><?= lang("App.menu_calendario") ?></div>
</a>
</li>
<li class="menu-item"> <li class="menu-item">
<a href="<?= route_to('paisList') ?>" class="menu-link"> <a href="<?= route_to('paisList') ?>" class="menu-link">
<div data-i18n="<?= lang("App.menu_paises") ?>"><?= lang("App.menu_paises") ?></div> <div data-i18n="<?= lang("App.menu_paises") ?>"><?= lang("App.menu_paises") ?></div>