- Add single-line class docblocks to all 59 repository classes and interfaces describing scope and responsibility - Add multi-line docblocks to key services documenting business rules: AuthService (6-step login cascade), ImportService (3-phase CSV workflow), TenantScopeService (strict/permissive modes), PermissionService (RBAC resolution + two-tier caching), UserAccountService (atomicity + audit) - Add transaction(callable) wrapper to DatabaseSessionRepository to DRY up begin/commit/rollback boilerplate Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
76 lines
2.4 KiB
PHP
76 lines
2.4 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Repository\Access;
|
|
|
|
use MintyPHP\DB;
|
|
|
|
/** Manages which roles a given role is allowed to assign (role hierarchy). */
|
|
class RoleAssignableRoleRepository implements RoleAssignableRoleRepositoryInterface
|
|
{
|
|
public function listAssignableRoleIdsByRoleId(int $roleId): array
|
|
{
|
|
$rows = DB::select(
|
|
'select assignable_role_id from role_assignable_roles where role_id = ?',
|
|
(string) $roleId
|
|
);
|
|
if (!is_array($rows)) {
|
|
return [];
|
|
}
|
|
$ids = [];
|
|
foreach ($rows as $row) {
|
|
$data = $row['role_assignable_roles'] ?? $row;
|
|
if (is_array($data) && isset($data['assignable_role_id'])) {
|
|
$ids[] = (int) $data['assignable_role_id'];
|
|
}
|
|
}
|
|
return array_values(array_unique($ids));
|
|
}
|
|
|
|
public function listAssignableRoleIdsByRoleIds(array $roleIds): array
|
|
{
|
|
$roleIds = array_values(array_unique(array_map('intval', $roleIds)));
|
|
$roleIds = array_values(array_filter($roleIds, static fn (int $id): bool => $id > 0));
|
|
if (!$roleIds) {
|
|
return [];
|
|
}
|
|
|
|
$placeholders = implode(',', array_fill(0, count($roleIds), '?'));
|
|
$rows = DB::select(
|
|
'select distinct assignable_role_id from role_assignable_roles where role_id in (' .
|
|
$placeholders .
|
|
')',
|
|
...array_map('strval', $roleIds)
|
|
);
|
|
|
|
if (!is_array($rows)) {
|
|
return [];
|
|
}
|
|
|
|
$ids = [];
|
|
foreach ($rows as $row) {
|
|
$data = $row['role_assignable_roles'] ?? $row;
|
|
if (is_array($data) && isset($data['assignable_role_id'])) {
|
|
$ids[] = (int) $data['assignable_role_id'];
|
|
}
|
|
}
|
|
return array_values(array_unique($ids));
|
|
}
|
|
|
|
public function replaceForRole(int $roleId, array $assignableRoleIds): bool
|
|
{
|
|
DB::delete('delete from role_assignable_roles where role_id = ?', (string) $roleId);
|
|
$ids = array_values(array_unique(array_filter(array_map('intval', $assignableRoleIds))));
|
|
if (!$ids) {
|
|
return true;
|
|
}
|
|
foreach ($ids as $assignableRoleId) {
|
|
DB::insert(
|
|
'insert into role_assignable_roles (role_id, assignable_role_id, created) values (?,?,NOW())',
|
|
(string) $roleId,
|
|
(string) $assignableRoleId
|
|
);
|
|
}
|
|
return true;
|
|
}
|
|
}
|