110 lines
5.5 KiB
PHP
110 lines
5.5 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Default Roles Seeder
|
|
*
|
|
* @author Ball Studios <https://git.balls.studio>
|
|
* @license MIT
|
|
*/
|
|
|
|
namespace Pterodactyl\Addons\AdvancedAdmin\Database\Seeders;
|
|
|
|
use Illuminate\Database\Seeder;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Models\Role;
|
|
use Pterodactyl\Addons\AdvancedAdmin\Models\RolePermission;
|
|
|
|
class DefaultRolesSeeder extends Seeder
|
|
{
|
|
private const ROLES = [
|
|
[
|
|
'name' => 'Owner',
|
|
'description' => 'Full server access — assigned to the server owner',
|
|
'color' => '#f59e0b',
|
|
'priority' => 100,
|
|
'is_default' => false,
|
|
'permissions' => [
|
|
'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow',
|
|
'file.read' => 'allow', 'file.read-content' => 'allow', 'file.create' => 'allow', 'file.update' => 'allow', 'file.delete' => 'allow', 'file.archive' => 'allow', 'file.sftp' => 'allow',
|
|
'backup.read' => 'allow', 'backup.create' => 'allow', 'backup.delete' => 'allow', 'backup.download' => 'allow', 'backup.restore' => 'allow',
|
|
'allocation.read' => 'allow', 'allocation.create' => 'allow', 'allocation.update' => 'allow', 'allocation.delete' => 'allow',
|
|
'startup.read' => 'allow', 'startup.update' => 'allow', 'startup.docker-image' => 'allow',
|
|
'database.read' => 'allow', 'database.create' => 'allow', 'database.update' => 'allow', 'database.delete' => 'allow', 'database.view-password' => 'allow',
|
|
'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'schedule.delete' => 'allow',
|
|
'settings.read' => 'allow', 'settings.rename' => 'allow', 'settings.reinstall' => 'allow',
|
|
'user.read' => 'allow', 'user.create' => 'allow', 'user.update' => 'allow', 'user.delete' => 'allow',
|
|
'activity.read' => 'allow', 'websocket.connect' => 'allow',
|
|
],
|
|
],
|
|
[
|
|
'name' => 'Administrator',
|
|
'description' => 'High-privilege access — can manage files, users, databases',
|
|
'color' => '#ef4444',
|
|
'priority' => 80,
|
|
'is_default' => false,
|
|
'permissions' => [
|
|
'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow',
|
|
'file.read' => 'allow', 'file.read-content' => 'allow', 'file.create' => 'allow', 'file.update' => 'allow', 'file.delete' => 'allow', 'file.archive' => 'allow', 'file.sftp' => 'allow',
|
|
'backup.read' => 'allow', 'backup.create' => 'allow', 'backup.delete' => 'allow', 'backup.download' => 'allow', 'backup.restore' => 'allow',
|
|
'database.read' => 'allow', 'database.create' => 'allow', 'database.update' => 'allow', 'database.delete' => 'allow', 'database.view-password' => 'allow',
|
|
'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'schedule.delete' => 'allow',
|
|
'settings.read' => 'allow', 'user.read' => 'allow', 'user.create' => 'allow', 'user.update' => 'allow',
|
|
'activity.read' => 'allow', 'websocket.connect' => 'allow',
|
|
],
|
|
],
|
|
[
|
|
'name' => 'Moderator',
|
|
'description' => 'Console access, read files, manage schedules',
|
|
'color' => '#3b82f6',
|
|
'priority' => 50,
|
|
'is_default' => false,
|
|
'permissions' => [
|
|
'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow',
|
|
'file.read' => 'allow', 'file.read-content' => 'allow',
|
|
'backup.read' => 'allow', 'backup.create' => 'allow',
|
|
'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow',
|
|
'settings.read' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow',
|
|
],
|
|
],
|
|
[
|
|
'name' => 'Viewer',
|
|
'description' => 'Read-only access — can view console and files',
|
|
'color' => '#6b7280',
|
|
'priority' => 10,
|
|
'is_default' => true,
|
|
'permissions' => [
|
|
'control.console' => 'allow',
|
|
'file.read' => 'allow', 'file.read-content' => 'allow',
|
|
'backup.read' => 'allow',
|
|
'schedule.read' => 'allow',
|
|
'settings.read' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow',
|
|
],
|
|
],
|
|
];
|
|
|
|
public function run(): void
|
|
{
|
|
foreach (self::ROLES as $roleData) {
|
|
if (Role::where('name', $roleData['name'])->exists()) continue;
|
|
|
|
$role = Role::create([
|
|
'name' => $roleData['name'],
|
|
'description' => $roleData['description'],
|
|
'color' => $roleData['color'],
|
|
'priority' => $roleData['priority'],
|
|
'is_default' => $roleData['is_default'],
|
|
'created_by' => null,
|
|
]);
|
|
|
|
foreach ($roleData['permissions'] as $perm => $value) {
|
|
RolePermission::create([
|
|
'role_id' => $role->id,
|
|
'permission' => $perm,
|
|
'value' => $value,
|
|
]);
|
|
}
|
|
|
|
$this->command->info("Created default role: {$roleData['name']}");
|
|
}
|
|
}
|
|
}
|