better image uploading & user roles

2025-12-10 05:42:58 +00:00 · 2025-08-09 23:01:27 -04:00 · 2025-08-09 23:01:27 -04:00 · f60ae41bf6
commit f60ae41bf6
parent 21e59d775a
26 changed files with 741 additions and 70 deletions
--- a/database/migrations/2025_05_21_053453_create_posts_table.php
+++ b/database/migrations/2025_05_21_053453_create_posts_table.php
@ -15,6 +15,7 @@ return new class extends Migration
            $table->id();
 			$table->enum('rating', ['unknown', 'safe', 'suggestive', 'explicit'])->default('unknown');
 			$table->string('extension')->nullable();
+			$table->string('hash')->unique();
 			$table->boolean('featured')->default(false);
            $table->timestamps();
 			$table->softDeletes();
--- a/database/migrations/2025_07_30_161829_create_permission_tables.php
+++ b/database/migrations/2025_07_30_161829_create_permission_tables.php
@ -0,0 +1,136 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        $teams = config('permission.teams');
+        $tableNames = config('permission.table_names');
+        $columnNames = config('permission.column_names');
+        $pivotRole = $columnNames['role_pivot_key'] ?? 'role_id';
+        $pivotPermission = $columnNames['permission_pivot_key'] ?? 'permission_id';
+
+        throw_if(empty($tableNames), new Exception('Error: config/permission.php not loaded. Run [php artisan config:clear] and try again.'));
+        throw_if($teams && empty($columnNames['team_foreign_key'] ?? null), new Exception('Error: team_foreign_key on config/permission.php not loaded. Run [php artisan config:clear] and try again.'));
+
+        Schema::create($tableNames['permissions'], static function (Blueprint $table) {
+            // $table->engine('InnoDB');
+            $table->bigIncrements('id'); // permission id
+            $table->string('name');       // For MyISAM use string('name', 225); // (or 166 for InnoDB with Redundant/Compact row format)
+            $table->string('guard_name'); // For MyISAM use string('guard_name', 25);
+            $table->timestamps();
+
+            $table->unique(['name', 'guard_name']);
+        });
+
+        Schema::create($tableNames['roles'], static function (Blueprint $table) use ($teams, $columnNames) {
+            // $table->engine('InnoDB');
+            $table->bigIncrements('id'); // role id
+            if ($teams || config('permission.testing')) { // permission.testing is a fix for sqlite testing
+                $table->unsignedBigInteger($columnNames['team_foreign_key'])->nullable();
+                $table->index($columnNames['team_foreign_key'], 'roles_team_foreign_key_index');
+            }
+            $table->string('name');       // For MyISAM use string('name', 225); // (or 166 for InnoDB with Redundant/Compact row format)
+            $table->string('guard_name'); // For MyISAM use string('guard_name', 25);
+            $table->timestamps();
+            if ($teams || config('permission.testing')) {
+                $table->unique([$columnNames['team_foreign_key'], 'name', 'guard_name']);
+            } else {
+                $table->unique(['name', 'guard_name']);
+            }
+        });
+
+        Schema::create($tableNames['model_has_permissions'], static function (Blueprint $table) use ($tableNames, $columnNames, $pivotPermission, $teams) {
+            $table->unsignedBigInteger($pivotPermission);
+
+            $table->string('model_type');
+            $table->unsignedBigInteger($columnNames['model_morph_key']);
+            $table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_permissions_model_id_model_type_index');
+
+            $table->foreign($pivotPermission)
+                ->references('id') // permission id
+                ->on($tableNames['permissions'])
+                ->onDelete('cascade');
+            if ($teams) {
+                $table->unsignedBigInteger($columnNames['team_foreign_key']);
+                $table->index($columnNames['team_foreign_key'], 'model_has_permissions_team_foreign_key_index');
+
+                $table->primary([$columnNames['team_foreign_key'], $pivotPermission, $columnNames['model_morph_key'], 'model_type'],
+                    'model_has_permissions_permission_model_type_primary');
+            } else {
+                $table->primary([$pivotPermission, $columnNames['model_morph_key'], 'model_type'],
+                    'model_has_permissions_permission_model_type_primary');
+            }
+
+        });
+
+        Schema::create($tableNames['model_has_roles'], static function (Blueprint $table) use ($tableNames, $columnNames, $pivotRole, $teams) {
+            $table->unsignedBigInteger($pivotRole);
+
+            $table->string('model_type');
+            $table->unsignedBigInteger($columnNames['model_morph_key']);
+            $table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_roles_model_id_model_type_index');
+
+            $table->foreign($pivotRole)
+                ->references('id') // role id
+                ->on($tableNames['roles'])
+                ->onDelete('cascade');
+            if ($teams) {
+                $table->unsignedBigInteger($columnNames['team_foreign_key']);
+                $table->index($columnNames['team_foreign_key'], 'model_has_roles_team_foreign_key_index');
+
+                $table->primary([$columnNames['team_foreign_key'], $pivotRole, $columnNames['model_morph_key'], 'model_type'],
+                    'model_has_roles_role_model_type_primary');
+            } else {
+                $table->primary([$pivotRole, $columnNames['model_morph_key'], 'model_type'],
+                    'model_has_roles_role_model_type_primary');
+            }
+        });
+
+        Schema::create($tableNames['role_has_permissions'], static function (Blueprint $table) use ($tableNames, $pivotRole, $pivotPermission) {
+            $table->unsignedBigInteger($pivotPermission);
+            $table->unsignedBigInteger($pivotRole);
+
+            $table->foreign($pivotPermission)
+                ->references('id') // permission id
+                ->on($tableNames['permissions'])
+                ->onDelete('cascade');
+
+            $table->foreign($pivotRole)
+                ->references('id') // role id
+                ->on($tableNames['roles'])
+                ->onDelete('cascade');
+
+            $table->primary([$pivotPermission, $pivotRole], 'role_has_permissions_permission_id_role_id_primary');
+        });
+
+        app('cache')
+            ->store(config('permission.cache.store') != 'default' ? config('permission.cache.store') : null)
+            ->forget(config('permission.cache.key'));
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        $tableNames = config('permission.table_names');
+
+        if (empty($tableNames)) {
+            throw new \Exception('Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.');
+        }
+
+        Schema::drop($tableNames['role_has_permissions']);
+        Schema::drop($tableNames['model_has_roles']);
+        Schema::drop($tableNames['model_has_permissions']);
+        Schema::drop($tableNames['roles']);
+        Schema::drop($tableNames['permissions']);
+    }
+};
--- a/database/seeders/DatabaseSeeder.php
+++ b/database/seeders/DatabaseSeeder.php
@ -2,9 +2,11 @@

 namespace Database\Seeders;

-use App\Models\User;
+use App\Enums\RolesEnum;
 // use Illuminate\Database\Console\Seeds\WithoutModelEvents;
 use Illuminate\Database\Seeder;
+use Spatie\Permission\Models\Permission;
+use Spatie\Permission\Models\Role;

 class DatabaseSeeder extends Seeder
 {
@ -13,11 +15,84 @@ class DatabaseSeeder extends Seeder
     */
    public function run(): void
    {
-        // User::factory(10)->create();
+		// -- Create permissions

-        User::factory()->create([
-            'name' => 'Test User',
-            'email' => 'test@example.com',
-        ]);
+		// 		-- auth
+		$auth_login = Permission::create(['name' => 'auth.login']);						// allow logging in to the site
+
+		// 		-- user
+		$user_read = Permission::create(['name' => 'user.read']);						// allow viewing user profiles
+		$user_write = Permission::create(['name' => 'user.write']);						// allow updating user profiles
+		$user_delete = Permission::create(['name' => 'user.delete']);					// allow deleting user profiles
+
+		//		-- post
+		$post_read = Permission::create(['name' => 'post.read']);						// allow viewing posts
+		$post_write = Permission::create(['name' => 'post.write']);						// allow creating/updating posts
+		$post_delete = Permission::create(['name' => 'post.delete']);					// allow deleting posts
+
+		//		-- comment
+		$comment_read = Permission::create(['name' => 'comment.read']);					// allow viewing comments
+		$comment_write = Permission::create(['name' => 'comment.write']);				// allow creating/updating comments
+		$comment_delete = Permission::create(['name' => 'comment.delete']);				// allow deleting comments
+
+		//		-- tag
+		$tag_read = Permission::create(['name' => 'tag.read']);							// allow viewing tags
+		$tag_write = Permission::create(['name' => 'tag.write']);						// allow creating/updating tags
+		$tag_delete = Permission::create(['name' => 'tag.delete']);						// allow deleting tags
+
+		//		-- tag group
+		$tag_group_read = Permission::create(['name' => 'tag_group.read']);				// allow viewing tag groups
+		$tag_group_write = Permission::create(['name' => 'tag_group.write']);			// allow creating/updating tag groups
+		$tag_group_delete = Permission::create(['name' => 'tag_group.delete']);			// allow deleting tag groups
+
+
+		// -- Create roles
+
+		//		-- restricted
+		$restricted_role = app(Role::class)->findOrCreate(RolesEnum::RESTRICTED->value, 'web');
+		$restricted_role->syncPermissions([
+			$auth_login,
+			$user_read,
+			$post_read,
+			$comment_read,
+			$tag_read,
+			$tag_group_read,
+		]);
+
+		//		-- member
+		$member_role = app(Role::class)->findOrCreate(RolesEnum::MEMBER->value, 'web');
+		$member_role->syncPermissions([
+			$auth_login,
+			$user_read,
+			$post_read,
+			$post_write,
+			$comment_read,
+			$comment_write,
+			$tag_read,
+			$tag_write,
+			$tag_group_read,
+		]);
+
+		//		-- moderator
+		$mod_role = app(Role::class)->findOrCreate(RolesEnum::MODERATOR->value, 'web');
+		$mod_role->syncPermissions([
+			$auth_login,
+			$user_read,
+			$post_read,
+			$post_write,
+			$post_delete,
+			$comment_read,
+			$comment_write,
+			$comment_delete,
+			$tag_read,
+			$tag_write,
+			$tag_delete,
+			$tag_group_read,
+			$tag_group_write,
+			$tag_group_delete,
+		]);
+
+		// 		-- admin
+		app(Role::class)->findOrCreate(RolesEnum::ADMIN->value, 'web');
    }
 }