72 lines
2.5 KiB
PHP
72 lines
2.5 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @author Ball Studios <https://git.balls.studio>
|
|
* @license MIT
|
|
*/
|
|
|
|
namespace Pterodactyl\Addons\AdvancedAdmin\Http\Controllers\Admin;
|
|
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Routing\Controller;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Http\Requests\Roles\CreateRoleRequest;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Http\Requests\Roles\UpdateRoleRequest;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Http\Resources\RoleResource;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Models\Role;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Services\Roles\RoleService;
|
|
|
|
class RoleController extends Controller
|
|
{
|
|
public function __construct(private readonly RoleService $roleService) {}
|
|
|
|
/** GET /api/application/addons/roles */
|
|
public function index(Request $request): JsonResponse
|
|
{
|
|
$this->authorizeAdmin($request);
|
|
|
|
$roles = Role::with('permissions')
|
|
->orderByDesc('priority')
|
|
->paginate(50);
|
|
|
|
return RoleResource::collection($roles)->response();
|
|
}
|
|
|
|
/** GET /api/application/addons/roles/{role} */
|
|
public function show(Request $request, Role $role): JsonResponse
|
|
{
|
|
$this->authorizeAdmin($request);
|
|
return (new RoleResource($role->load('permissions')))->response();
|
|
}
|
|
|
|
/** POST /api/application/addons/roles */
|
|
public function store(CreateRoleRequest $request): JsonResponse
|
|
{
|
|
$this->authorizeAdmin($request);
|
|
$role = $this->roleService->create($request->validated(), $request->user()->id);
|
|
return (new RoleResource($role->load('permissions')))->response()->setStatusCode(201);
|
|
}
|
|
|
|
/** PATCH /api/application/addons/roles/{role} */
|
|
public function update(UpdateRoleRequest $request, Role $role): JsonResponse
|
|
{
|
|
$this->authorizeAdmin($request);
|
|
$updated = $this->roleService->update($role, $request->validated(), $request->user()->id);
|
|
return (new RoleResource($updated->load('permissions')))->response();
|
|
}
|
|
|
|
/** DELETE /api/application/addons/roles/{role} */
|
|
public function destroy(Request $request, Role $role): JsonResponse
|
|
{
|
|
$this->authorizeAdmin($request);
|
|
$force = (bool) $request->boolean('force', false);
|
|
$this->roleService->delete($role, $request->user()->id, $force);
|
|
return response()->json(['deleted' => true]);
|
|
}
|
|
|
|
private function authorizeAdmin(Request $request): void
|
|
{
|
|
abort_unless($request->user() && $request->user()->root_admin, 403, 'Admin access required.');
|
|
}
|
|
}
|