Split filter drawer contracts

This commit is contained in:
2026-03-19 18:41:08 +01:00
parent 0f8fff8daf
commit 98520dcc6a
5 changed files with 174 additions and 2 deletions

View File

@@ -16,7 +16,7 @@ final class ModulePermissionSynchronizer
}
/**
* @return array{created: int, updated: int, unchanged: int, total: int}
* @return array{created: int, updated: int, unchanged: int, deactivated: int, total: int}
*/
public function sync(): array
{
@@ -66,14 +66,62 @@ final class ModulePermissionSynchronizer
$updated++;
}
$deactivated = $this->deactivateOrphaned();
return [
'created' => $created,
'updated' => $updated,
'unchanged' => $unchanged,
'deactivated' => $deactivated,
'total' => $total,
];
}
/**
* Deactivate system permissions that no active module claims.
*
* Only touches is_system=1 rows (module-owned). Admin-created permissions
* (is_system=0) are never modified. Setting active=0 is reversible — if the
* module is re-enabled, the next sync will set active=1 again.
*/
private function deactivateOrphaned(): int
{
$activeKeys = $this->moduleRegistry->getPermissionKeys();
$systemPermissions = $this->permissionRepository->listSystem();
$deactivated = 0;
foreach ($systemPermissions as $permission) {
$key = (string) $permission['key'];
$id = (int) $permission['id'];
$isActive = (int) $permission['active'];
if ($key === '' || $id <= 0) {
continue;
}
// Already inactive — nothing to do
if ($isActive === 0) {
continue;
}
// Still claimed by an active module — keep it
if (in_array($key, $activeKeys, true)) {
continue;
}
// Orphaned: system permission not claimed by any active module → deactivate
$this->permissionRepository->update($id, [
'key' => $key,
'description' => (string) $permission['description'],
'active' => 0,
'is_system' => 1,
]);
$deactivated++;
}
return $deactivated;
}
/**
* @param array<string, mixed> $existing
* @param array<string, mixed> $desired

View File

@@ -115,4 +115,13 @@ class PermissionRepository implements PermissionRepositoryInterface
$result = DB::delete('delete from permissions where id = ?', (string) $id);
return (bool) $result;
}
public function listSystem(): array
{
$rows = DB::select(
'select id, `key`, description, active, is_system, created from permissions where is_system = 1 order by `key` asc'
);
return RepositoryArrayHelper::unwrapList($rows, 'permissions');
}
}

View File

@@ -20,4 +20,7 @@ interface PermissionRepositoryInterface
public function update(int $id, array $data): bool;
public function delete(int $id): bool;
/** @return list<array{id: int, key: string, description: string, active: int, is_system: int}> */
public function listSystem(): array;
}