feat: tambah policy per role via PermissionSeeder, shield:generate otomatis di seeder
This commit is contained in:
@@ -0,0 +1,51 @@
|
||||
<?php
|
||||
|
||||
namespace Database\Seeders;
|
||||
|
||||
use Illuminate\Database\Seeder;
|
||||
use Spatie\Permission\Models\Permission;
|
||||
use Spatie\Permission\Models\Role;
|
||||
|
||||
class PermissionSeeder extends Seeder
|
||||
{
|
||||
public function run(): void
|
||||
{
|
||||
app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
|
||||
|
||||
$ketua = Role::findByName('ketua');
|
||||
$bendahara = Role::findByName('bendahara');
|
||||
$pengurus = Role::findByName('pengurus');
|
||||
$anggota = Role::findByName('anggota');
|
||||
$auditor = Role::findByName('auditor');
|
||||
|
||||
// Ketua: akses penuh kecuali shield roles
|
||||
$ketua->syncPermissions(Permission::where('name', 'not like', '%Role%')
|
||||
->where('name', 'not like', '%Permission%')
|
||||
->get());
|
||||
|
||||
// Bendahara: hanya kas
|
||||
$bendahara->syncPermissions(Permission::where('name', 'like', '%CashRecord%')
|
||||
->orWhere('name', 'like', '%CashCategory%')
|
||||
->get());
|
||||
|
||||
// Pengurus: kegiatan + lihat anggota & divisi
|
||||
$pengurus->syncPermissions(Permission::where('name', 'like', '%Activity%')
|
||||
->orWhere('name', 'like', 'ViewAny:User')
|
||||
->orWhere('name', 'like', 'View:User')
|
||||
->orWhere('name', 'like', 'ViewAny:Division')
|
||||
->orWhere('name', 'like', 'View:Division')
|
||||
->get());
|
||||
|
||||
// Anggota: hanya lihat kegiatan & voting
|
||||
$anggota->syncPermissions(Permission::whereIn('name', [
|
||||
'ViewAny:Activity', 'View:Activity',
|
||||
'ViewAny:Vote', 'View:Vote',
|
||||
])->get());
|
||||
|
||||
// Auditor: read-only semua + akses audit
|
||||
$auditor->syncPermissions(Permission::where('name', 'like', 'ViewAny:%')
|
||||
->orWhere('name', 'like', 'View:%')
|
||||
->orWhere('name', 'like', '%Audit%')
|
||||
->get());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user