1
0
Files
breadcrumb-the-shire/lib/Service/Access/RoleService.php
fs 25370a1a55 add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00

141 lines
4.2 KiB
PHP

<?php
namespace MintyPHP\Service\Access;
use MintyPHP\Repository\Access\RoleRepository;
use MintyPHP\Service\Settings\SettingService;
class RoleService
{
public static function list(): array
{
return RoleRepository::list();
}
public static function listActive(): array
{
return RoleRepository::listActive();
}
public static function listPaged(array $options): array
{
return RoleRepository::listPaged($options);
}
public static function findByUuid(string $uuid): ?array
{
return RoleRepository::findByUuid($uuid);
}
public static function findById(int $id): ?array
{
return RoleRepository::find($id);
}
public static function createFromAdmin(array $input, int $currentUserId = 0): array
{
$form = self::sanitizeBase($input);
$errors = self::validateBase($form, 0);
if ($errors) {
return ['ok' => false, 'errors' => $errors, 'form' => $form];
}
$createdId = RoleRepository::create([
'description' => $form['description'],
'code' => $form['code'] ?: null,
'active' => $form['active'],
'created_by' => $currentUserId > 0 ? $currentUserId : null,
]);
if (!$createdId) {
return ['ok' => false, 'errors' => [t('Role can not be created')], 'form' => $form];
}
$createdRole = RoleRepository::find((int) $createdId);
$uuid = $createdRole['uuid'] ?? null;
if (!empty($input['is_default'])) {
SettingService::setDefaultRoleId((int) $createdId);
}
return ['ok' => true, 'form' => $form, 'uuid' => $uuid, 'id' => (int) $createdId];
}
public static function updateFromAdmin(int $roleId, array $input, int $currentUserId = 0): array
{
$form = self::sanitizeBase($input);
$errors = self::validateBase($form, $roleId);
if ($errors) {
return ['ok' => false, 'errors' => $errors, 'form' => $form];
}
$updated = RoleRepository::update($roleId, [
'description' => $form['description'],
'code' => $form['code'] ?: null,
'active' => $form['active'],
'modified_by' => $currentUserId > 0 ? $currentUserId : null,
]);
if (!$updated) {
return ['ok' => false, 'errors' => [t('Role can not be updated')], 'form' => $form];
}
return ['ok' => true, 'form' => $form];
}
public static function deleteByUuid(string $uuid): array
{
$uuid = trim($uuid);
if ($uuid === '') {
return ['ok' => false, 'status' => 404, 'error' => 'not_found'];
}
$role = RoleRepository::findByUuid($uuid);
if (!$role || !isset($role['id'])) {
return ['ok' => false, 'status' => 404, 'error' => 'not_found'];
}
if (($role['description'] ?? '') === 'Admin') {
return ['ok' => false, 'status' => 403, 'error' => 'admin_role_protected'];
}
$deleted = RoleRepository::delete((int) $role['id']);
if (!$deleted) {
return ['ok' => false, 'status' => 500, 'error' => 'delete_failed'];
}
return ['ok' => true, 'role' => $role];
}
private static function sanitizeBase(array $input): array
{
return [
'description' => trim((string) ($input['description'] ?? '')),
'code' => trim((string) ($input['code'] ?? '')),
'active' => self::normalizeActive($input['active'] ?? 1),
];
}
private static function validateBase(array $form, int $excludeId): array
{
$errors = [];
if ($form['description'] === '') {
$errors[] = t('Description cannot be empty');
}
$code = $form['code'] ?? '';
if ($code !== '' && RoleRepository::existsByCode($code, $excludeId)) {
$errors[] = t('Role code already exists');
}
return $errors;
}
private static function normalizeActive($value): int
{
$value = strtolower(trim((string) $value));
if (in_array($value, ['0', 'false', 'inactive'], true)) {
return 0;
}
return 1;
}
}