From 7316382480c84b7d3a3bb1e7f58744ef48f01bc5 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Thu, 28 Nov 2024 20:16:52 -0400 Subject: [PATCH 1/3] FOUR-21130 --- database/seeders/PermissionSeeder.php | 34 +-------- ...assign_user_permission_view_my_request.php | 72 +++++++++++++++++++ 2 files changed, 73 insertions(+), 33 deletions(-) create mode 100644 upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php diff --git a/database/seeders/PermissionSeeder.php b/database/seeders/PermissionSeeder.php index 8acb45e4da..7ba4437677 100644 --- a/database/seeders/PermissionSeeder.php +++ b/database/seeders/PermissionSeeder.php @@ -3,9 +3,7 @@ namespace Database\Seeders; use Illuminate\Database\Seeder; -use ProcessMaker\Models\Group; use ProcessMaker\Models\Permission; -use ProcessMaker\Models\User; class PermissionSeeder extends Seeder { @@ -118,24 +116,16 @@ class PermissionSeeder extends Seeder ], ]; - private $defaultPermissions = [ - 'view-my_requests', - ]; - public function run($seedUser = null) { foreach ($this->permissionGroups as $groupName => $permissions) { foreach ($permissions as $permissionString) { - $permission = Permission::updateOrCreate([ + Permission::updateOrCreate([ 'name' => $permissionString, ], [ 'title' => ucwords(preg_replace('/(\-|_)/', ' ', $permissionString)), 'group' => $groupName, ]); - - if (in_array($permissionString, $this->defaultPermissions)) { - $this->assignDefaultPermission($permission); - } } } @@ -146,26 +136,4 @@ public function run($seedUser = null) $seedUser->save(); } } - - /** - * Assign default permission to users and groups. - */ - private function assignDefaultPermission(Permission $permission): void - { - $userIds = User::nonSystem()->pluck('id'); - $groupIds = Group::pluck('id'); - - // Define the chunk size for the permission assignment - $chunkSize = 500; - - // Attach user IDs in chunks - $userIds->chunk($chunkSize)->each(function ($chunk) use ($permission) { - $permission->users()->attach($chunk); - }); - - // Attach group IDs in chunks - $groupIds->chunk($chunkSize)->each(function ($chunk) use ($permission) { - $permission->groups()->attach($chunk); - }); - } } diff --git a/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php b/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php new file mode 100644 index 0000000000..745cbe8a14 --- /dev/null +++ b/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php @@ -0,0 +1,72 @@ +where('name', 'view-my_requests') + ->value('id'); + + if ($permissionId) { + $this->assignDefaultPermission($permissionId); + } + } + + /** + * Assign view-my_requests permission to active users and groups + * + * @param int $permissionId The ID of the permission + * @return void + */ + private function assignDefaultPermission(int $permissionId): void + { + $chunkSize = 500; + DB::table('users AS u') + // Check if the user has the permission + ->leftJoin('assignables AS a', function ($join) use ($permissionId) { + $join->on('u.id', '=', 'a.assignable_id') + ->where('a.assignable_type', 'ProcessMaker\Models\User') + ->where('a.permission_id', $permissionId); + }) + // Filters + ->whereNull('a.permission_id') + ->where('u.is_system', false) + ->where('u.status', 'ACTIVE') + ->select('u.id') + ->orderBy('u.id') + ->chunk($chunkSize, function ($users) use ($permissionId) { + $records = array_map(function ($user) use ($permissionId) { + return [ + 'permission_id' => $permissionId, + 'assignable_id' => $user->id, + 'assignable_type' => 'ProcessMaker\Models\User', + ]; + }, $users->toArray()); + + // Insert rows + DB::table('assignables')->insert($records); + }, 'u.id'); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + $permissionId = DB::table('permissions') + ->where('name', 'view-my_requests') + ->value('id'); + DB::table('assignables') + ->where('permission_id', $permissionId) + ->where('assignable_type', 'ProcessMaker\Models\User') + ->delete(); + } +} From de600cfccc95e7ac8e529d5495068399d4eddf76 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Thu, 28 Nov 2024 21:05:48 -0400 Subject: [PATCH 2/3] FOUR-21130: solve the unit test --- tests/Feature/Api/PermissionsTest.php | 14 +++++++++----- ...4502_assign_user_permission_view_my_request.php | 2 +- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/Feature/Api/PermissionsTest.php b/tests/Feature/Api/PermissionsTest.php index 23ae7f07f5..a45ee8f21a 100644 --- a/tests/Feature/Api/PermissionsTest.php +++ b/tests/Feature/Api/PermissionsTest.php @@ -234,30 +234,34 @@ public function testSetPermissionsViewMyRequestForUser() */ public function testSetPermissionsViewMyRequestForUsersAndGroupCreated() { - //Set up the users and groups + // Set up the users and groups $users = User::factory()->count(5)->create(); $groups = Group::factory()->count(3)->create(); - //Run the seeder + // Run the seeder $this->seed(PermissionSeeder::class); $permissionName = 'view-my_requests'; $permissionTitle = 'View My Requests'; - //Verify that the permission exists + // Verify that the permission exists $this->assertDatabaseHas('permissions', [ 'name' => $permissionName, 'group' => 'Cases and Requests', 'title' => $permissionTitle, ]); + // Act + $this->artisan('upgrade:run', [ + '--class' => 'AssignUserPermissionViewMyRequest', + ]); - //Verify that the permission is assigned to users + // Verify that the permission is assigned to users $permission = Permission::where('name', $permissionName)->first(); $this->assertNotNull($permission); foreach ($users as $user) { $this->assertTrue($user->hasPermission($permissionName)); } - //Verify that the permission is assigned to groups + // Verify that the permission is assigned to groups foreach ($groups as $group) { $this->assertTrue($permission->groups->contains($group)); } diff --git a/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php b/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php index 745cbe8a14..a3f0f12992 100644 --- a/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php +++ b/upgrades/2024_11_28_154502_assign_user_permission_view_my_request.php @@ -21,7 +21,7 @@ public function up(): void } /** - * Assign view-my_requests permission to active users and groups + * Assign view-my_requests permission to active users * * @param int $permissionId The ID of the permission * @return void From 637aff9f5532865850ecc3018ea7ab170a2bae35 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Fri, 29 Nov 2024 09:14:37 -0400 Subject: [PATCH 3/3] Remove the unnecesary test --- tests/Feature/Api/PermissionsTest.php | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/tests/Feature/Api/PermissionsTest.php b/tests/Feature/Api/PermissionsTest.php index a45ee8f21a..acdfa93829 100644 --- a/tests/Feature/Api/PermissionsTest.php +++ b/tests/Feature/Api/PermissionsTest.php @@ -249,21 +249,5 @@ public function testSetPermissionsViewMyRequestForUsersAndGroupCreated() 'group' => 'Cases and Requests', 'title' => $permissionTitle, ]); - // Act - $this->artisan('upgrade:run', [ - '--class' => 'AssignUserPermissionViewMyRequest', - ]); - - // Verify that the permission is assigned to users - $permission = Permission::where('name', $permissionName)->first(); - $this->assertNotNull($permission); - foreach ($users as $user) { - $this->assertTrue($user->hasPermission($permissionName)); - } - - // Verify that the permission is assigned to groups - foreach ($groups as $group) { - $this->assertTrue($permission->groups->contains($group)); - } } }