diff --git a/database/seeders/PermissionSeeder.php b/database/seeders/PermissionSeeder.php index 8acb45e4da..7ba4437677 100644 --- a/database/seeders/PermissionSeeder.php +++ b/database/seeders/PermissionSeeder.php @@ -3,9 +3,7 @@ namespace Database\Seeders; use Illuminate\Database\Seeder; -use ProcessMaker\Models\Group; use ProcessMaker\Models\Permission; -use ProcessMaker\Models\User; class PermissionSeeder extends Seeder { @@ -118,24 +116,16 @@ class PermissionSeeder extends Seeder ], ]; - private $defaultPermissions = [ - 'view-my_requests', - ]; - public function run($seedUser = null) { foreach ($this->permissionGroups as $groupName => $permissions) { foreach ($permissions as $permissionString) { - $permission = Permission::updateOrCreate([ + Permission::updateOrCreate([ 'name' => $permissionString, ], [ 'title' => ucwords(preg_replace('/(\-|_)/', ' ', $permissionString)), 'group' => $groupName, ]); - - if (in_array($permissionString, $this->defaultPermissions)) { - $this->assignDefaultPermission($permission); - } } } @@ -146,26 +136,4 @@ public function run($seedUser = null) $seedUser->save(); } } - - /** - * Assign default permission to users and groups. - */ - private function assignDefaultPermission(Permission $permission): void - { - $userIds = User::nonSystem()->pluck('id'); - $groupIds = Group::pluck('id'); - - // Define the chunk size for the permission assignment - $chunkSize = 500; - - // Attach user IDs in chunks - $userIds->chunk($chunkSize)->each(function ($chunk) use ($permission) { - $permission->users()->attach($chunk); - }); - - // Attach group IDs in chunks - $groupIds->chunk($chunkSize)->each(function ($chunk) use ($permission) { - $permission->groups()->attach($chunk); - }); - } } diff --git a/tests/Feature/Api/PermissionsTest.php b/tests/Feature/Api/PermissionsTest.php index 23ae7f07f5..acdfa93829 100644 --- a/tests/Feature/Api/PermissionsTest.php +++ b/tests/Feature/Api/PermissionsTest.php @@ -234,32 +234,20 @@ public function testSetPermissionsViewMyRequestForUser() */ public function testSetPermissionsViewMyRequestForUsersAndGroupCreated() { - //Set up the users and groups + // Set up the users and groups $users = User::factory()->count(5)->create(); $groups = Group::factory()->count(3)->create(); - //Run the seeder + // Run the seeder $this->seed(PermissionSeeder::class); $permissionName = 'view-my_requests'; $permissionTitle = 'View My Requests'; - //Verify that the permission exists + // Verify that the permission exists $this->assertDatabaseHas('permissions', [ 'name' => $permissionName, 'group' => 'Cases and Requests', 'title' => $permissionTitle, ]); - - //Verify that the permission is assigned to users - $permission = Permission::where('name', $permissionName)->first(); - $this->assertNotNull($permission); - foreach ($users as $user) { - $this->assertTrue($user->hasPermission($permissionName)); - } - - //Verify that the permission is assigned to groups - foreach ($groups as $group) { - $this->assertTrue($permission->groups->contains($group)); - } } } diff --git a/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php b/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php new file mode 100644 index 0000000000..a3f0f12992 --- /dev/null +++ b/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php @@ -0,0 +1,72 @@ +where('name', 'view-my_requests') + ->value('id'); + + if ($permissionId) { + $this->assignDefaultPermission($permissionId); + } + } + + /** + * Assign view-my_requests permission to active users + * + * @param int $permissionId The ID of the permission + * @return void + */ + private function assignDefaultPermission(int $permissionId): void + { + $chunkSize = 500; + DB::table('users AS u') + // Check if the user has the permission + ->leftJoin('assignables AS a', function ($join) use ($permissionId) { + $join->on('u.id', '=', 'a.assignable_id') + ->where('a.assignable_type', 'ProcessMaker\Models\User') + ->where('a.permission_id', $permissionId); + }) + // Filters + ->whereNull('a.permission_id') + ->where('u.is_system', false) + ->where('u.status', 'ACTIVE') + ->select('u.id') + ->orderBy('u.id') + ->chunk($chunkSize, function ($users) use ($permissionId) { + $records = array_map(function ($user) use ($permissionId) { + return [ + 'permission_id' => $permissionId, + 'assignable_id' => $user->id, + 'assignable_type' => 'ProcessMaker\Models\User', + ]; + }, $users->toArray()); + + // Insert rows + DB::table('assignables')->insert($records); + }, 'u.id'); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + $permissionId = DB::table('permissions') + ->where('name', 'view-my_requests') + ->value('id'); + DB::table('assignables') + ->where('permission_id', $permissionId) + ->where('assignable_type', 'ProcessMaker\Models\User') + ->delete(); + } +}