namespace Cubedesigners\UserDatabase\Jobs;
use Cubedesigners\UserDatabase\Models\Company;
+use Cubedesigners\UserDatabase\Models\User;
use Cubist\Backpack\Jobs\Base;
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\DB;
$rolesByName['elearning:user'],
];
+ $superadmins = [5];
+
// Get existing models
$perms = [];
foreach (DB::connection('extranet_users')->table('model_has_roles')->get() as $item) {
$disabledUsers = array_merge($disabledUsers, array_keys($company->getDisabledUsers()));
}
/** @var $company Company */
- if ($company->id == 7) {
+ $isCube = $company->id == 7;
+
+ if ($isCube) {
$cubeUsers = array_keys($company->getEnabledUsers());
- continue;
}
-
foreach ($company->getEnabledUsers() as $id => $user) {
- $p = [$rolesByName['extranet:client']];
- if ($company->permissions_elearning) {
- $p[] = $rolesByName['elearning:user'];
- }
- switch ($company->e1_ws_grade) {
- case 1:
- $p[] = $rolesByName['fluidbook:client'];
- break;
- case 2:
- $p[] = $rolesByName['fluidbook:client:create'];
- break;
- case 3:
- $p[] = $rolesByName['fluidbook:reseller'];
- break;
- case 4:
- $p[] = $rolesByName['fluidbook:reseller:create'];
- break;
+ $isSuperAdmin = in_array($id, $superadmins);
+
+ $p = [];
+
+ if ($isCube && $isSuperAdmin) {
+ $p = [$rolesByName['superadmin']];
+ } else {
+ if ($isCube) {
+ $u = User::withoutGlobalScopes()->find($id);
+ switch ($u->e1_grade) {
+
+ case 0.5:
+ $p[] = $rolesByName['extranet:team_newbie'];
+ break;
+ case 1:
+ $p[] = $rolesByName['extranet:team'];
+ break;
+ case 2:
+ $p[] = $rolesByName['extranet:admin'];
+ break;
+ case 3:
+ $p[] = $rolesByName['extranet:accountant'];
+ break;
+ case 0 :
+ default:
+ $p[] = $rolesByName['extranet:client'];
+ break;
+ }
+ $p = $p + [$rolesByName['toolbox:admin'], $rolesByName['elearning:admin'], $rolesByName['fluidbook:admin']];
+ } else {
+ $p[] = $rolesByName['extranet:client'];
+ if ($company->permissions_elearning) {
+ $p[] = $rolesByName['elearning:user'];
+ }
+ switch ($company->e1_ws_grade) {
+ case 1:
+ $p[] = $rolesByName['fluidbook:client'];
+ break;
+ case 2:
+ $p[] = $rolesByName['fluidbook:client:create'];
+ break;
+ case 3:
+ $p[] = $rolesByName['fluidbook:reseller'];
+ break;
+ case 4:
+ $p[] = $rolesByName['fluidbook:reseller:create'];
+ break;
+ }
+ }
}
if (!isset($perms[$id])) {
if (count($a)) {
$addPermissions[$id] = $a;
}
- if (count($d)) {
+ if (count($d) && !$isCube) {
$deletePermissions[$id] = $d;
}
}
}
}
+
// Delete all roles of disabled users
DB::connection('extranet_users')->table('model_has_roles')->whereIn('model_id', $disabledUsers)->delete();
// Delete all roles not intented to be given to clients users
DB::connection('extranet_users')->table('model_has_roles')->whereNotIn('role_id', $standardRoles)->whereNotIn('model_id', $cubeUsers)->delete();
// Delete roles not associated to the right model
DB::connection('extranet_users')->table('model_has_roles')->where('model_type', '!=', $modelType)->delete();
- // Delete roles no more granted to the company
+ // Delete roles no more granted to the user
foreach ($deletePermissions as $user => $toDelete) {
DB::connection('extranet_users')->table('model_has_roles')->where('model_id', $user)->whereIn('role_id', $toDelete)->delete();
}
projects / cubedesigners_userdatabase.git / commitdiff