Added inheritance back into users/groups

app/Helpers/Helper.php

@@ -373,6 +373,7 @@ public static function checkUploadIsImage($file)
  public static function selectedPermissionsArray($permissions, $selected_arr = array())
  {
 
+
  $permissions_arr = array();
 
  foreach ($permissions as $permission) {
@@ -384,7 +385,7 @@ public static function selectedPermissionsArray($permissions, $selected_arr = ar
 
  if ($selected_arr) {
  if (array_key_exists($permission_name,$selected_arr)) {
- $permissions_arr[$permission_name] = ($selected_arr[$permission_name] == 1) ? '1': '0';
+ $permissions_arr[$permission_name] = $selected_arr[$permission_name];
  } else {
  $permissions_arr[$permission_name] = '0';
  }

app/Http/Controllers/UsersController.php

@@ -278,7 +278,6 @@ public function postEdit(UpdateUserRequest $request, $id = null)
  return redirect()->route('users')->with('error', $error);
  }
 
- $user_groups = array ($request->input('groups'));
  // Update the user
  $user->first_name = e($request->input('first_name'));
  $user->last_name = e($request->input('last_name'));
@@ -297,11 +296,8 @@ public function postEdit(UpdateUserRequest $request, $id = null)
  $user->manager_id = e($request->input('manager_id'));
  $user->notes = e($request->input('notes'));
  $user->permissions = json_encode($request->input('permission'));
- if ($request->has('groups')) {
- $user->groups()->sync($request->input('groups'));
- } else {
- $user->groups()->sync(array());
- }
+
+
 
 
  if ($user->manager_id == "") {
@@ -312,6 +308,12 @@ public function postEdit(UpdateUserRequest $request, $id = null)
  $user->location_id = null;
  }
 
+ if ($request->has('groups')) {
+ $user->groups()->sync($request->input('groups'));
+ } else {
+ $user->groups()->sync(array());
+ }
+
 
  // Do we want to update the user password?
  if (($request->has('password')) && (!config('app.lock_passwords'))) {
@@ -330,6 +332,8 @@ public function postEdit(UpdateUserRequest $request, $id = null)
 
  // Was the user updated?
  if ($user->save()) {
+
+
  // Prepare the success message
  $success = trans('admin/users/message.success.update');
 

app/Http/Middleware/CheckPermissions.php

@@ -6,6 +6,7 @@
 use Config;
 use Route;
 use Gate;
+use Log;
 
 class CheckPermissions
 {
@@ -19,8 +20,10 @@ class CheckPermissions
  */
  public function handle($request, Closure $next, $section = null)
  {
+ Log::debug($section .' is the section');
 
  if (Gate::allows($section)) {
+
  return $next($request);
  }
 

app/Models/User.php

@@ -45,7 +45,7 @@ public function hasAccess($section)
  if ($this->isSuperUser()) {
  return true;
  }
- $permitted = false;
+
  $user_groups = $this->groups;
 
 
@@ -55,19 +55,25 @@ public function hasAccess($section)
 
  $user_permissions = json_decode($this->permissions, true);
 
+ //If the user is explicitly granted, return false
  if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1')) ) {
- $permitted = true;
+ return true;
+ }
+
+ // If the user is explicitly denied, return false
+ if (($user_permissions=='') || array_key_exists($section, $user_permissions) && ($user_permissions[$section]=='-1')) {
+ return false;
  }
 
+ // Loop through the groups to see if any of them grant this permission
  foreach ($user_groups as $user_group) {
  $group_permissions = json_decode($user_group->permissions, true);
  if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) {
- $permitted = true;
+ return true;
  }
  }
 
-
- return $permitted;
+ return false;
  }
 
  public function isSuperUser() {
@@ -211,13 +217,7 @@ public function manager()
  */
  public function groups()
  {
- static $static_cache = null;
-
- if (!$static_cache) {
- $static_cache = $this->belongsToMany('\App\Models\Group', 'users_groups');
- }
- return $static_cache;
- //return $this->belongsToMany('\App\Models\Group', 'users_groups');
+ return $this->belongsToMany('\App\Models\Group', 'users_groups');
  }
 
 

resources/views/users/edit.blade.php

@@ -30,7 +30,9 @@
  color: #555555;
  cursor:text;
 }
-
+.radio-padding {
+ padding-left: 50px;
+}
 </style>
 
 <div class="row">
@@ -242,7 +244,7 @@
  </div>
 
  <!-- Notes -->
- <div class="form-group {!! $errors->has('notes') ? ' has-error' : '' !!}">
+ <div class="form-group{!! $errors->has('notes') ? ' has-error' : '' !!}">
  <label for="notes" class="col-md-3 control-label">{{ trans('admin/users/table.notes') }}</label>
  <div class="col-md-9">
  <textarea class="form-control" id="notes" name="notes">{{ Input::old('notes', $user->notes) }}</textarea>
@@ -251,7 +253,7 @@
  </div>
 
  <!-- Groups -->
- <div class="form-group {{ $errors->has('groups') ? 'has-error' : '' }}">
+ <div class="form-group{{ $errors->has('groups') ? ' has-error' : '' }}">
  <label class="col-md-3 control-label" for="groups"> {{ trans('general.groups') }}</label>
  <div class="col-md-5">
  <div class="controls">
@@ -295,6 +297,7 @@
  </div><!-- /.tab-pane -->
  <div class="tab-pane" id="tab_2">
  <div class="col-md-10 col-md-offset-2">
+
  @foreach ($permissions as $area => $permission)
 
  @for ($i = 0; $i < count($permission); $i++)
@@ -308,14 +311,18 @@
 
  <!-- radio -->
  <div class="form-group" style="padding-left: 15px;">
-
+ 
  <label class="radio-padding">
- {{ Form::radio('permission['.$permission_name.']', 1, $userPermissions[$permission_name], ['class' => 'minimal']) }}
+ {{ Form::radio('permission['.$permission_name.']', '1', $userPermissions[$permission_name] == '1', ['class' => 'minimal']) }}
  Grant</label>
 
  <label class="radio-padding">
- {{ Form::radio('permission['.$permission_name.']', 0, !$userPermissions[$permission_name], ['class' => 'minimal']) }}
+ {{ Form::radio('permission['.$permission_name.']', '-1', $userPermissions[$permission_name] == '-1', ['class' => 'minimal']) }}
  Deny</label>
+
+ <label class="radio-padding">
+ {{ Form::radio('permission['.$permission_name.']', '0', $userPermissions[$permission_name] =='0', ['class' => 'minimal']) }}
+ Inherit</label>
  </div>
  <hr>
  @endif