Nodarx/server
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

implemented operation based permissions

Browse Source
This commit is contained in:
root
2025-12-24 19:22:20 -05:00
parent a9afa7ce13
commit 3d6aa856b4
18 changed files with 578 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
core/lib/Module/Module.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
namespace KTXC\Module;
use KTXF\Module\ModuleInstanceAbstract;
/**
* Core Module
*
* Provides core system functionality and permissions
*/
class Module extends ModuleInstanceAbstract
{
public function __construct() {}
public function handle(): string
{
return 'core';
}
public function label(): string
{
return 'Core System';
}
public function author(): string
{
return 'Ktrix';
}
public function description(): string
{
return 'Core system functionality and user features';
}
public function version(): string
{
return '1.0.0';
}
public function permissions(): array
{
return [
// Core User Permissions
'user.profile.read' => [
'label' => 'Read Own Profile',
'description' => 'View own user profile information',
'group' => 'User Profile'
],
'user.profile.update' => [
'label' => 'Update Own Profile',
'description' => 'Edit own user profile information',
'group' => 'User Profile'
],
'user.settings.read' => [
'label' => 'Read Own Settings',
'description' => 'View own user settings',
'group' => 'User Settings'
],
'user.settings.update' => [
'label' => 'Update Own Settings',
'description' => 'Edit own user settings',
'group' => 'User Settings'
],
// Module Management
'module_manager.modules.view' => [
'label' => 'View Modules',
'description' => 'View list of installed and available modules',
'group' => 'Module Management'
],
'module_manager.modules.manage' => [
'label' => 'Manage Modules',
'description' => 'Install, uninstall, enable, and disable modules',
'group' => 'Module Management'
],
'module_manager.modules.*' => [
'label' => 'Full Module Management',
'description' => 'All module management operations',
'group' => 'Module Management'
],
// System Administration
'system.admin' => [
'label' => 'System Administrator',
'description' => 'Full system access (superuser)',
'group' => 'System Administration'
],
'*' => [
'label' => 'All Permissions',
'description' => 'Grants access to all features and operations',
'group' => 'System Administration'
],
];
}
public function bootUi(): ?array
{
return null;
}
}

97
core/lib/Module/ModuleManager.php
View File

@@ -35,7 +35,14 @@ class ModuleManager
*/
public function list(bool $installedOnly = true, $enabledOnly = true): ModuleCollection
{
$modules = New ModuleCollection();
$modules = New ModuleCollection();
// Always include core module
$coreModule = $this->coreModule();
if ($coreModule) {
$modules['core'] = new ModuleObject($coreModule, null);
}
// load all modules from store
$entries = $this->repository->list();
foreach ($entries as $entry) {
@@ -497,4 +504,92 @@ class ModuleManager
return null;
}
/**
* Get all available permissions from all modules
*
* @return array Grouped permissions with metadata
*/
public function availablePermissions(): array
{
$permissions = [];
foreach ($this->list() as $module) {
$modulePermissions = $module->permissions();
foreach ($modulePermissions as $permission => $meta) {
$permissions[$permission] = array_merge($meta, [
'module' => $module->handle()
]);
}
}
// Group by category
$grouped = [];
foreach ($permissions as $permission => $meta) {
$group = $meta['group'] ?? 'Other';
if (!isset($grouped[$group])) {
$grouped[$group] = [];
}
$grouped[$group][$permission] = $meta;
}
// Sort groups alphabetically
ksort($grouped);
return $grouped;
}
/**
* Validate if a permission exists
*/
public function permissionExists(string $permission): bool
{
foreach ($this->list() as $module) {
$modulePermissions = $module->permissions();
// Exact match
if (isset($modulePermissions[$permission])) {
return true;
}
// Wildcard match (e.g., user_manager.users.create matches user_manager.users.*)
foreach (array_keys($modulePermissions) as $registered) {
if (str_ends_with($registered, '.*')) {
$prefix = substr($registered, 0, -2);
if (str_starts_with($permission, $prefix . '.')) {
return true;
}
}
}
}
return false;
}
/**
* Get the core module instance
*/
private function coreModule(): ?\KTXF\Module\ModuleInstanceInterface
{
if (isset($this->moduleInstances['core'])) {
return $this->moduleInstances['core'];
}
try {
$coreModuleClass = \KTXC\Module\Module::class;
if (!class_exists($coreModuleClass)) {
return null;
}
$instance = $this->container->get($coreModuleClass);
$this->moduleInstances['core'] = $instance;
return $instance;
} catch (\Throwable $e) {
$this->logger->error('Failed to load core module', [
'error' => $e->getMessage()
]);
return null;
}
}
}

5
core/lib/Module/ModuleObject.php
View File

@@ -158,4 +158,9 @@ class ModuleObject implements JsonSerializable
return $this->instance?->bootUi() ?? null;
}
public function permissions(): array
{
return $this->instance?->permissions() ?? [];
}
}