major update
This commit is contained in:
@@ -5,6 +5,7 @@ namespace MintyPHP\Service\Access;
|
||||
use MintyPHP\Repository\Access\PermissionRepository;
|
||||
use MintyPHP\Repository\Access\RolePermissionRepository;
|
||||
use MintyPHP\Repository\Access\UserRoleRepository;
|
||||
use MintyPHP\Service\Audit\SystemAuditService;
|
||||
|
||||
class PermissionService
|
||||
{
|
||||
@@ -13,7 +14,8 @@ class PermissionService
|
||||
public function __construct(
|
||||
private readonly PermissionRepository $permissionRepository,
|
||||
private readonly RolePermissionRepository $rolePermissionRepository,
|
||||
private readonly UserRoleRepository $userRoleRepository
|
||||
private readonly UserRoleRepository $userRoleRepository,
|
||||
private readonly SystemAuditService $systemAuditService
|
||||
) {
|
||||
}
|
||||
|
||||
@@ -63,6 +65,8 @@ class PermissionService
|
||||
public const DOCS_VIEW = 'docs.view';
|
||||
public const MAIL_LOG_VIEW = 'mail_log.view';
|
||||
public const API_AUDIT_VIEW = 'api_audit.view';
|
||||
public const SYSTEM_AUDIT_VIEW = 'system_audit.view';
|
||||
public const SYSTEM_AUDIT_PURGE = 'system_audit.purge';
|
||||
public const STATS_VIEW = 'stats.view';
|
||||
public const API_TOKENS_MANAGE = 'api_tokens.manage';
|
||||
|
||||
@@ -187,6 +191,15 @@ class PermissionService
|
||||
if (!$createdId) {
|
||||
return ['ok' => false, 'errors' => [t('Permission can not be created')], 'form' => $form];
|
||||
}
|
||||
$this->systemAuditService->record('admin.permissions.create', 'success', [
|
||||
'target_type' => 'permission',
|
||||
'target_id' => (int) $createdId,
|
||||
'metadata' => [
|
||||
'key' => $form['key'],
|
||||
'active' => (int) ($form['active'] ?? 0),
|
||||
'is_system' => (int) ($form['is_system'] ?? 0),
|
||||
],
|
||||
]);
|
||||
return ['ok' => true, 'form' => $form, 'id' => (int) $createdId];
|
||||
}
|
||||
|
||||
@@ -201,10 +214,22 @@ class PermissionService
|
||||
if ($existing && (int) ($existing['id'] ?? 0) !== $id) {
|
||||
return ['ok' => false, 'errors' => [t('Permission key already exists')], 'form' => $form];
|
||||
}
|
||||
$before = $this->permissionRepository->find($id) ?? [];
|
||||
$updated = $this->permissionRepository->update($id, $form);
|
||||
if (!$updated) {
|
||||
return ['ok' => false, 'errors' => [t('Permission can not be updated')], 'form' => $form];
|
||||
}
|
||||
$this->systemAuditService->record('admin.permissions.update', 'success', [
|
||||
'target_type' => 'permission',
|
||||
'target_id' => $id,
|
||||
'before' => [
|
||||
'active' => $before['active'] ?? null,
|
||||
],
|
||||
'after' => [
|
||||
'active' => $form['active'] ?? null,
|
||||
],
|
||||
'metadata' => ['key' => $form['key']],
|
||||
]);
|
||||
return ['ok' => true, 'form' => $form];
|
||||
}
|
||||
|
||||
@@ -221,6 +246,11 @@ class PermissionService
|
||||
if (!$deleted) {
|
||||
return ['ok' => false, 'status' => 500, 'error' => 'delete_failed'];
|
||||
}
|
||||
$this->systemAuditService->record('admin.permissions.delete', 'success', [
|
||||
'target_type' => 'permission',
|
||||
'target_id' => $id,
|
||||
'metadata' => ['key' => (string) ($permission['key'] ?? '')],
|
||||
]);
|
||||
return ['ok' => true, 'permission' => $permission];
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user