Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assign role for a particular model #592

Open
titonova opened this issue May 30, 2022 · 2 comments
Open

Assign role for a particular model #592

titonova opened this issue May 30, 2022 · 2 comments
Labels
proposal

Comments

@titonova
Copy link

Considering that it is possible to do grant an ability only to a specific model

Bouncer::allow($user)->to('edit', $post);

I think it should also be possible to grant a role to a specific model. That is, take all the abilities a particular role has and give it to a user, but only for a particular model. That is:

Bouncer::assign('admin', $post)->to($user);
rather than just Bouncer::assign('admin')->to($user);
@JosephSilber
Copy link
Owner

This is a feature request that keeps on coming up, but it's more complicated than it sounds. Caching becomes really complicated. See here.

In your case, you could use the toManage method:

Bouncer::allow($user)->toManage($post);

This allows all abilities on that model. It's syntactic sugar for:

Bouncer::allow($user)->to('*', $post);

@titonova
Copy link
Author

titonova commented Jun 3, 2022

Ah okay, that makes sense. However, the solution you proposed allows all abilities on that model. But what if we need(as in my case), to only assign abilities of a particular role( that is not an admin or super admin, say editor).

What I came up with though, is a little hack, which I'm 100% sure isnt a great solution at all and I haven't written custom tests for it. But it works.... I'd like your opinion on it please.

I created a helper class called BouncerExt, and within it I put:

    /**
     * Assign a given user with a role(e.g admin etc), but only  for the given model.
     * @link https://github.com/JosephSilber/bouncer/issues/592
     *
     * @param User $user
     * @param string $role
     * @param Object $model
     * @return void
     */
    public static function assignUserWithRoleForModel(User $user, string $role, Object $model)
    {

        $fake_user = User::factory()->create();
        Bouncer::assign($role)->to($fake_user);

        $abilities_of_roles = collect($fake_user->getAbilities()->all());

        // Give all the fake user's abilities to the user
        $abilities_of_roles->map(function($ability) use ($user,$model) {
            // If user already has  such ability, then skip it.
            #if(!$user->abilities()->where('name',$ability->name)->exists()) {
                Bouncer::allow($user)->to($ability->name,$model);
            #}

        });

        $fake_user->delete();

        #dd($fake_user->getAbilities()->all(), $user->getAbilities()->unique('original.name')->all());
    }

Then used as follows:

BouncerExt::assignUserWithRoleForModel(auth()->user(),'editor',$post);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
proposal
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JosephSilber @titonova