mirror of
https://git.imnavajas.es/jjimenez/safekat.git
synced 2025-07-25 22:52:08 +00:00
170 lines
4.9 KiB
PHP
Executable File
170 lines
4.9 KiB
PHP
Executable File
<?php
|
|
|
|
use App\Models\Usuarios\GroupModel;
|
|
use App\Models\Usuarios\PermisosModel;
|
|
use CodeIgniter\HTTP\RedirectResponse;
|
|
|
|
if (!function_exists('generate_php_roles_constant')) {
|
|
function generate_php_roles_constant()
|
|
{
|
|
// Generate the array of keys
|
|
$array = (new GroupModel())->getRolesList();
|
|
|
|
// Start of the file
|
|
$phpCode = "<?php\n\n";
|
|
|
|
// Add constant name
|
|
$phpCode .= "const SK_ROLES = [\n";
|
|
|
|
// Loop through the array and create constant
|
|
// Loop through the array and create constant
|
|
foreach ($array as $key => $values) {
|
|
$phpCode .= " '{$key}' => [\n";
|
|
foreach ($values as $subkey => $value) {
|
|
$phpCode .= " '{$subkey}' => '{$value}',\n";
|
|
}
|
|
$phpCode .= " ],\n";
|
|
}
|
|
|
|
// Close the array
|
|
$phpCode .= "];\n";
|
|
|
|
$dirPath = APPPATH . "Config/RBAC";
|
|
if (!is_dir($dirPath)) {
|
|
mkdir($dirPath, 0775, true); // true permite crear carpetas anidadas
|
|
}
|
|
|
|
$filePath = $dirPath . "/roles.php";
|
|
file_put_contents($filePath, $phpCode);
|
|
|
|
}
|
|
}
|
|
|
|
|
|
if (!function_exists('generate_php_permissions_constant')) {
|
|
function generate_php_permissions_constant()
|
|
{
|
|
// Generate the array of keys
|
|
$array = (new PermisosModel())->getPermissionsList();
|
|
|
|
// Start of the file
|
|
$phpCode = "<?php\n\n";
|
|
|
|
// Add constant name
|
|
$phpCode .= "const SK_PERMISSIONS = [\n";
|
|
|
|
// Loop through the array and create constant
|
|
foreach ($array as $key => $value) {
|
|
// Using single quotes to ensure keys/values are emitted as literals
|
|
$phpCode .= "\t'{$key}' => '{$value}',\n";
|
|
}
|
|
|
|
// Close the array
|
|
$phpCode .= "];\n";
|
|
|
|
$dirPath = APPPATH . "Config/RBAC";
|
|
if (!is_dir($dirPath)) {
|
|
mkdir($dirPath, 0775, true); // true permite crear carpetas anidadas
|
|
}
|
|
|
|
$filePath = $dirPath . "/permissions.php";
|
|
file_put_contents($filePath, $phpCode);
|
|
|
|
}
|
|
}
|
|
|
|
if (!function_exists('generate_php_permissions_matrix_constant')) {
|
|
function generate_php_permissions_matrix_constant()
|
|
{
|
|
$matrix = (new GroupModel())->getRolesPermissionMatrix();
|
|
|
|
|
|
// Start of the file
|
|
$phpCode = "<?php\n";
|
|
|
|
// Add constant name
|
|
$phpCode .= "const SK_PERMISSION_MATRIX = [\n";
|
|
|
|
// Loop through the array and create constant
|
|
foreach ($matrix as $role => $permissions) {
|
|
$phpCode .= "\t\"{$role}\" => [\n";
|
|
foreach ($permissions as $permission) {
|
|
$phpCode .= "\t\t\"{$permission}\",\n";
|
|
}
|
|
$phpCode .= "\t],\n";
|
|
}
|
|
// Close the array
|
|
$phpCode .= "];\n";
|
|
|
|
$dirPath = APPPATH . "Config/RBAC";
|
|
if (!is_dir($dirPath)) {
|
|
mkdir($dirPath, 0775, true); // true permite crear carpetas anidadas
|
|
}
|
|
|
|
$filePath = $dirPath . "/permissionMatrix.php";
|
|
file_put_contents($filePath, $phpCode);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!function_exists('checkPermission')) {
|
|
/**
|
|
* Checks if the user has the required permission and redirects accordingly.
|
|
*
|
|
* @param string $sectionPermission The permission to check.
|
|
* @param string|null $redirectRoute The route to redirect to if the permission is not granted.
|
|
* @return RedirectResponse|null Redirect response if the user does not have permission, null otherwise.
|
|
*/
|
|
function checkPermission(string $sectionPermission, string $redirectRoute = null)
|
|
{
|
|
$session = \Config\Services::session();
|
|
$response = \Config\Services::response();
|
|
|
|
if (!auth()->user()->can($sectionPermission)) {
|
|
$session->setFlashdata('errorMessage', lang('Basic.global.permissionDenied'));
|
|
|
|
$route = $redirectRoute ?? 'home';
|
|
return $response->redirect(route_to($route));
|
|
}
|
|
|
|
return null;
|
|
}
|
|
}
|
|
|
|
if (!function_exists('checkGroups')) {
|
|
/**
|
|
* Verifica si el usuario pertenece a alguno de los grupos especificados.
|
|
*
|
|
* @param array $groups Lista de grupos permitidos.
|
|
* @param string|null $redirectRoute Ruta de redirección si no pertenece a ningún grupo.
|
|
* @return \CodeIgniter\HTTP\RedirectResponse|null
|
|
*/
|
|
function checkGroups(array $groups, string $redirectRoute = null)
|
|
{
|
|
$session = \Config\Services::session();
|
|
$response = \Config\Services::response();
|
|
$auth = auth(); // Shield auth service
|
|
|
|
$user = $auth->user();
|
|
|
|
$inGroup = false;
|
|
foreach ($groups as $group) {
|
|
if ($user->inGroup($group)) {
|
|
$inGroup = true;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!$inGroup) {
|
|
$session->setFlashdata('errorMessage', 'No tiene permisos de acceso.');
|
|
$route = $redirectRoute ?? 'home';
|
|
return $response->redirect(route_to($route));
|
|
}
|
|
|
|
return null;
|
|
}
|
|
}
|
|
|