forked from fa/breadcrumb-the-shire
Rename the top-level lib/ directory to core/ so the project root immediately communicates which code is core platform and which lives in modules/. PHP namespaces (MintyPHP\*) are unchanged — only the Composer PSR-4 path mapping moves from lib/ to core/. Module-internal lib/ directories (modules/*/lib/) are untouched. Updated across the full stack: - composer.json PSR-4 mapping - bootstrap entry points (web/index.php, bin/*, tests/bootstrap.php) - tooling configs (phpstan.neon, phpunit.xml, php-cs-fixer) - 26 architecture contract tests - enforcement-policy, guard-catalog, quality-gates - all documentation (CLAUDE.md, README, 25 docs/, .agents/skills/) - bin/qa-extended.sh search paths - .claude/settings.local.json permission paths Workflow: .agents/runs/CORE-LIB-RENAME-001/ (Analyst → Planner → Executor → Code Review (4 findings fixed) → Security Review → Acceptance Test → Finalizer) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
76 lines
2.4 KiB
PHP
76 lines
2.4 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Repository\Access;
|
|
|
|
use MintyPHP\DB;
|
|
|
|
/** Manages which roles a given role is allowed to assign (role hierarchy). */
|
|
class RoleAssignableRoleRepository implements RoleAssignableRoleRepositoryInterface
|
|
{
|
|
public function listAssignableRoleIdsByRoleId(int $roleId): array
|
|
{
|
|
$rows = DB::select(
|
|
'select assignable_role_id from role_assignable_roles where role_id = ?',
|
|
(string) $roleId
|
|
);
|
|
if (!is_array($rows)) {
|
|
return [];
|
|
}
|
|
$ids = [];
|
|
foreach ($rows as $row) {
|
|
$data = $row['role_assignable_roles'] ?? $row;
|
|
if (is_array($data) && isset($data['assignable_role_id'])) {
|
|
$ids[] = (int) $data['assignable_role_id'];
|
|
}
|
|
}
|
|
return array_values(array_unique($ids));
|
|
}
|
|
|
|
public function listAssignableRoleIdsByRoleIds(array $roleIds): array
|
|
{
|
|
$roleIds = array_values(array_unique(array_map('intval', $roleIds)));
|
|
$roleIds = array_values(array_filter($roleIds, static fn (int $id): bool => $id > 0));
|
|
if (!$roleIds) {
|
|
return [];
|
|
}
|
|
|
|
$placeholders = implode(',', array_fill(0, count($roleIds), '?'));
|
|
$rows = DB::select(
|
|
'select distinct assignable_role_id from role_assignable_roles where role_id in (' .
|
|
$placeholders .
|
|
')',
|
|
...array_map('strval', $roleIds)
|
|
);
|
|
|
|
if (!is_array($rows)) {
|
|
return [];
|
|
}
|
|
|
|
$ids = [];
|
|
foreach ($rows as $row) {
|
|
$data = $row['role_assignable_roles'] ?? $row;
|
|
if (is_array($data) && isset($data['assignable_role_id'])) {
|
|
$ids[] = (int) $data['assignable_role_id'];
|
|
}
|
|
}
|
|
return array_values(array_unique($ids));
|
|
}
|
|
|
|
public function replaceForRole(int $roleId, array $assignableRoleIds): bool
|
|
{
|
|
DB::delete('delete from role_assignable_roles where role_id = ?', (string) $roleId);
|
|
$ids = array_values(array_unique(array_filter(array_map('intval', $assignableRoleIds))));
|
|
if (!$ids) {
|
|
return true;
|
|
}
|
|
foreach ($ids as $assignableRoleId) {
|
|
DB::insert(
|
|
'insert into role_assignable_roles (role_id, assignable_role_id, created) values (?,?,NOW())',
|
|
(string) $roleId,
|
|
(string) $assignableRoleId
|
|
);
|
|
}
|
|
return true;
|
|
}
|
|
}
|