OwlCyberSecurity - MANAGER

Edit File: PermissionsController.php

<?php

namespace App\Http\Controllers;

use App\Http\Requests\UpdatePermissionRequest;
use App\Models\Role;
use App\Models\RoleHasPermission;
use App\Models\RolePermission;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role as ModelsRole;
use Throwable;

class PermissionsController extends Controller
{
    // returns permissions index
    public function index(){
        return view('permissions.index' , ['title' => 'Permissions Lising']);
    }

// returns permissions listing
    public function permissions_listing(Request $request){
        // Get required data
        $draw = $request->get('draw');
        $start = $request->get('start');
        $length = $request->get('length');
        $orderArray = $request->get('order');
        $orderBy = $orderArray[0]['column'];
        $orderDir = $orderArray[0]['dir'];
        $searchArray = $request->get('search');
        $searchValue = $searchArray['value'];

// preparing select query
        $q = RoleHasPermission::selectRaw('
            permissions.id as permission_id,
            REPLACE(permissions.name , "_" , " ") AS permission_name,
            GROUP_CONCAT(UPPER(roles.name)) AS role_name,
            IF(permissions.status = 0 , "Active" , "Inactive") as permission_status,
            DATE_FORMAT(permissions.created_at , "%d/%m/%Y") as permissions_created_at
        ')
        ->leftjoin('roles' , 'role_has_permissions.role_id' , 'roles.id')
        ->leftjoin('permissions' , 'role_has_permissions.permission_id' , 'permissions.id')
        ->groupBy('role_has_permissions.permission_id');

// counting total records
        $totalPermissions = $q->get()->count();

// search functionality with having
        if(isset($searchValue) && !empty($searchValue)){
            $formated_search = preg_replace('/[^\sA-Za-z0-9@.,\/\-]/', '', strtolower($searchValue));
            $q->havingRaw('(
                permission_name LIKE "%'.$formated_search.'%"
                OR role_name LIKE "%'.$formated_search.'%"
                OR permission_status LIKE "%'.$formated_search.'%"
                OR permissions_created_at LIKE "%'.$formated_search.'%"
            )');
        }

// column ordering with raw
        if(isset($orderBy) && isset($orderDir)){
            $columns = [
                0 => DB::raw('REPLACE(permissions.name , "_" , " ")'),
                1 => DB::raw('GROUP_CONCAT(UPPER(roles.name))'),
                2 => DB::raw('IF(permissions.status = 0 , "Active" , "Inactive")'),
                3 => DB::raw('DATE_FORMAT(permissions.created_at , "%d/%m/%Y")')
            ];
            if(array_key_exists($orderBy , $columns)){
                $q->orderBy($columns[$orderBy] , $orderDir);
            }
        }

// filtered count
        $filteredPermissions = $q->get()->count();

// requested data size
        $records = $q->skip($start)->take($length)->get();

// formating data
        $permissionsData = [];
        foreach($records as $r){
            $permissionsData[] = [
                'name' => ucfirst($r->permission_name),
                'assigned_to' => $r->role_name,
                'status' => $r->permission_status,
                'created_at' => $r->permissions_created_at,
                'action' => '<a href="'.route('get_permissions_edit.edit_permissions' , ['id' => $r->permission_id]).'"><button class="custom-blue-btn w-100">Edit</button></a>',
            ];
        }

// returning response
        return response()->json([
            "draw" => intval($draw),
            "iTotalRecords" => $totalPermissions,
            "iTotalDisplayRecords" => $filteredPermissions,
            "aaData" => $permissionsData
        ] ,200);
    }

// returns edit permission view
    public function edit($id){
        // requested permission data with all roles
        if($id > 0){
            $permission = RolePermission::selectRaw('
                REPLACE(permissions.name , "_" , " ") AS permission_name,
                permissions.id AS permission_id,
                permissions.status AS permission_status 
            ')->where('id' , $id)->first();
            if(!empty($permission)){
                $roles = Role::selectRaw('
                    roles.id,
                    roles.name
                ')
                ->with('role_has_permissions' , function($q) use ($id){
                    $q->where('permission_id' , $id);
                })
                ->get();
                return view('permissions.edit' , ['permission' => $permission , 'role' => $roles  , 'title' => 'Edit Permission']);
            }
        }
        return redirect('login');
    }

// update permission
    public function update(UpdatePermissionRequest $request , $id){
        // begin transacation
        DB::beginTransaction();
        try {
            if($id > 0){
                // get permission
                $permission = Permission::where('id' , $id)->first();
                // if permission exist
                if(!empty($permission)){
                    // get all models
                    $allRoles = ModelsRole::where('id' , '!=' , 1)->get();
                    // get request data
                    $assignedTo = $request->get('assignedTo');
                    $assignedTo = is_array($assignedTo) ? $assignedTo : [];
                    if(!in_array(1 , $assignedTo)){
                        return redirect('admin/permissions/edit/'.$id)->with('message' , 'Admin must have permission to this.');
                    }
                    $status = $request->get('status');
                    // looping all roles
                    foreach($allRoles as $r){
                        // for assign permission
                        if(in_array($r->id , $assignedTo) && !$r->hasPermissionTo($permission)){
                            $r->givePermissionTo($permission);
                        }
                        // for revoke permission
                        else if(!in_array($r->id , $assignedTo) && $r->hasPermissionTo($permission)){
                            $r->revokePermissionTo($permission);
                        }
                    }
                    $permission->update(['status' => $status]);
                    // save changes
                    DB::commit();
                    return redirect('admin/permissions/edit/'.$id)->with('success' , 'Permission updated');
                }
                return redirect('admin/permissions/edit/'.$id)->with('message' , 'Permission not found');
            }
        } catch (Throwable $th){
            // undo changes
            DB::rollBack();
            return redirect()->back()->with('message' , $th->getMessage());
        }
    }
    
}