Skip to content

CUR-3978 implement default UI and backend permissions for all default roles of all organizations #1316

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Sep 23, 2022
Merged

CUR-3978 implement default UI and backend permissions for all default roles of all organizations #1316

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
08f65d3
CUR-3978 assigned default ui and backend permissions for all default …
Sep 23, 2022
2166689
Merge branch 'develop' of https://github.com/ActiveLearningStudio/Act…
Sep 23, 2022
202c3ba
CUR-3978 some changes
Sep 23, 2022
826d8ba
CUR-3978 some changes
Sep 23, 2022
946d03a
CUR-3978 some changes
Sep 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions database/migrations/2022_09_23_500023_organization_role_ui_permission.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<?php

use Illuminate\Database\Migrations\Migration;

class OrganizationRoleUiPermission extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
//
\Artisan::call('db:seed', [
'--class' => OrganizationRoleUiPermissionSeeder::class,
'--force' => true
]);
}

/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
//
}
}
168 changes: 168 additions & 0 deletions database/seeds/OrganizationRoleUiPermissionSeeder.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
<?php

use App\Models\OrganizationRoleType;
use App\Repositories\UiOrganizationPermissionMapping\UiOrganizationPermissionMappingRepositoryInterface;
use Illuminate\Database\Seeder;

class OrganizationRoleUiPermissionSeeder extends Seeder
{
public $uiModules;
public $uiModulePermissions;
public $domain;

/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$adminUiPermissions = [
"Organiziation" => "Edit",
"All Independent Activities" => "Edit",
"Export/Import Activities" => "Edit",
"All Projects" => "Edit",
"Import/Export Projects" => "Edit",
"Activity Types" => "Edit",
"Activity Items" => "Edit",
"Manage Users" => "Edit",
"Manage Roles" => "Edit",
"LMS Settings" => "Edit",
"LTI Tools" => "Edit",
"BrightCove" => "Edit",
"Project" => "Edit",
"Playlist" => "Edit",
"Activity" => "Edit",
"Team" => "Edit",
"Independent Activity" => "Edit",
"My Interactive Video" => "None"
];

$courseCreatorUiPermissions = [
"Organiziation" => "None",
"All Independent Activities" => "None",
"Export/Import Activities" => "None",
"All Projects" => "None",
"Import/Export Projects" => "None",
"Activity Types" => "None",
"Activity Items" => "None",
"Manage Users" => "None",
"Manage Roles" => "None",
"LMS Settings" => "None",
"LTI Tools" => "None",
"BrightCove" => "None",
"Project" => "Edit",
"Playlist" => "Edit",
"Activity" => "Edit",
"Team" => "Edit",
"Independent Activity" => "Edit",
"My Interactive Video" => "None"
];

$memberUiPermissions = [
"Organiziation" => "None",
"All Independent Activities" => "None",
"Export/Import Activities" => "None",
"All Projects" => "None",
"Import/Export Projects" => "None",
"Activity Types" => "None",
"Activity Items" => "None",
"Manage Users" => "None",
"Manage Roles" => "None",
"LMS Settings" => "None",
"LTI Tools" => "None",
"BrightCove" => "None",
"Project" => "View",
"Playlist" => "View",
"Activity" => "View",
"Team" => "View",
"Independent Activity" => "View",
"My Interactive Video" => "None"
];

$selfRegisteredUiPermissions = [
"Organiziation" => "None",
"All Independent Activities" => "None",
"Export/Import Activities" => "None",
"All Projects" => "None",
"Import/Export Projects" => "None",
"Activity Types" => "None",
"Activity Items" => "None",
"Manage Users" => "None",
"Manage Roles" => "None",
"LMS Settings" => "None",
"LTI Tools" => "None",
"BrightCove" => "None",
"Project" => "Edit",
"Playlist" => "Edit",
"Activity" => "Edit",
"Team" => "Edit",
"Independent Activity" => "Edit",
"My Interactive Video" => "None"
];

$roleTypes = OrganizationRoleType::whereIn('name', ['admin', 'course_creator', 'member', 'self_registered'])->get();
$this->uiModules = DB::table('ui_modules')->whereNotNull('parent_id')->pluck('id', 'title');

$uiModulePermissionsList = [];
$uiModulePermissionsResult = DB::table('ui_module_permissions')->get();

foreach ($uiModulePermissionsResult as $uiModulePermission) {
$uiModulePermissionsList[$uiModulePermission->title][$uiModulePermission->ui_module_id] = $uiModulePermission->id;
}

$this->uiModulePermissions = $uiModulePermissionsList;

$this->domain = request()->getHttpHost();

return DB::transaction(function () use($roleTypes, $adminUiPermissions, $courseCreatorUiPermissions, $memberUiPermissions, $selfRegisteredUiPermissions) {
foreach ($roleTypes as $roleType) {
if ($roleType->name === 'admin') {
$this->assignPermissions($adminUiPermissions, $roleType);
} else if ($roleType->name === 'course_creator') {
$this->assignPermissions($courseCreatorUiPermissions, $roleType);
} else if ($roleType->name === 'member') {
$this->assignPermissions($memberUiPermissions, $roleType);
} else if ($roleType->name === 'self_registered') {
$this->assignPermissions($selfRegisteredUiPermissions, $roleType);
}
}
});
}

function assignPermissions($uiPermissions, $roleType)
{
$uiModulePermissionIds = [];

foreach ($uiPermissions as $permissionName => $permissionType) {

if (
$this->domain === 'currikistudio.org' &&
$permissionName === 'Team' &&
($roleType->name === 'course_creator' || $roleType->name === 'self_registered')
) {
$permissionType = 'View';
} else if ($this->domain === 'oci.currikistudio.org') {
if ($permissionName === 'Independent Activity') {
$permissionType = 'None';
} else if ($permissionName === 'My Interactive Video') {
$permissionType = 'View';
}
}

if (isset($this->uiModules[$permissionName])) {
$uiPermissionName = $this->uiModules[$permissionName];
if (isset($this->uiModulePermissions[$permissionType][$uiPermissionName])) {
$uiModulePermissionIds[] = $this->uiModulePermissions[$permissionType][$uiPermissionName];
}
}
}

// assign ui role permissions
$roleType->uiModulePermissions()->sync($uiModulePermissionIds);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use transaction in the seeder.

// assign backend role permissions
$UiOrganizationPermissionMappingRepository = resolve(UiOrganizationPermissionMappingRepositoryInterface::class);
$organizationPermissionTypeIds = $UiOrganizationPermissionMappingRepository->getOrganizationPermissionTypeIds($uiModulePermissionIds);
$roleType->permissions()->sync($organizationPermissionTypeIds);
}
}