done

Author: codingmaster009

app/Helpers/Request.php

@@ -59,20 +59,30 @@ function client_id () {
     return client()?->id ?? 0;
 
 }
-function is_admin () {
+function is_super () {
 
-    return bool(user()?->hasRole('admin'));
+    return bool(user()?->hasRole('admin')) && bool(user()?->has('super'));
 
 }
-function is_client () {
+function is_supervisor () {
 
-    return bool(user()?->hasRole('client'));
+    return bool(user()?->hasRole('admin')) && bool(user()?->has('supervisor'));
+
+}
+function is_admin () {
+
+    return bool(user()?->hasRole('admin'));
 
 }
 function is_vendor () {
 
     return bool(user()?->hasRole('vendor'));
 
+}
+function is_client () {
+
+    return bool(user()?->hasRole('client'));
+
 }
 function user_store_id () {
 
@@ -107,15 +117,6 @@ function forced_user () {
 
 }
 
-function settings ( int $storeId = null ) {
-
-    $storeId = $storeId ?? store_id();
-
-    return remember('model:setting', "public_{$storeId}", 60, fn() =>
-        Setting::withoutTenant()->active()->firstWhere('store_id', $storeId)
-    );
-
-}
 function site_info ( int $storeId = null ) {
 
     $storeId = $storeId ?? store_id();
@@ -158,6 +159,11 @@ function store () {
 
     return app()->bound('store') ? app('store') : null;
 
+}
+function store_parent () {
+
+    return store()?->parent ?? null;
+    
 }
 function store_admin () {
 
@@ -168,16 +174,16 @@ function store_owner () {
 
     return User::withoutTenant()->where('id', store()?->owner_id ?? 0)->first();
 
-}
-function store_parent () {
-
-    return store()?->parent ?? null;
-    
 }
 function store_id () {
 
     return store()?->id ?? 0;
 
+}
+function store_parent_id () {
+
+    return store()?->parent_id ?? 0;
+    
 }
 function store_admin_id () {
 
@@ -189,25 +195,32 @@ function store_owner_id () {
     return store_owner()?->id ?? 0;
 
 }
-function store_parent_id () {
+function with_store ( mixed $store, mixed $user = null, callable $callback = null ) {
+
+    $current = store();
+    set_store($store);
+
+    if ( $user ) set_forced_user($user);
+
+    try{ return $callback ? $callback() : null; }
+    finally{ set_store($current); unset_forced_user(); }
 
-    return store_parent()?->id ?? 0;
-    
 }
 
 function user_has ( ...$permissions ) {
 
-    return user()?->has(...$permissions) ?? false;
+    return (bool) user()?->has(...$permissions);
 
 }
-function settings_has ( ...$permissions ) {
-    
-    return settings()?->has(...$permissions) ?? false;
+function setting_has ( ...$permissions ) {
+
+    return (bool) Setting::hasPermission(...$permissions);
 
 }
 function store_has ( ...$permissions ) {
-    
-    return store()?->has(...$permissions) ?? false;
+
+    $parent = remember('model:store', 'store_parent_' . store_id(), 60, fn() => store_parent());
+    return (bool) (!$parent ? true : with_store($parent, callback: fn() => Store::hasPermission(...$permissions)));
 
 }
 function permissionkey ( string $permission ) {
@@ -233,7 +246,7 @@ function limiter ( int $limit = 5, string $name = null, int $minutes = 1 ) {
 }
 function rateLimiter ( int $limit = null, int $minutes = 1 ) {
 
-    $limit = $limit ?? 500;
+    $limit = $limit ?? (is_admin() ? 600 : 60);
     return "throttle:{$limit},{$minutes}";
 
 }
@@ -244,7 +257,7 @@ function tenantMiddleware ( int $limit = null ) {
 }
 function authMiddleware ( string $role = 'client', int $limit = null ) {
 
-    if ( config('app.env') === 'local' ) return ["role:{$role}", rateLimiter($limit)];
-    return ['auth:sanctum', "role:{$role}", rateLimiter($limit)];
+    if ( config('app.env') === 'local' ) return ["role:{$role}", 'has:allow_logins', rateLimiter($limit)];
+    return ['auth:sanctum', "role:{$role}", 'has:allow_logins', rateLimiter($limit)];
 
 }

app/Http/Middleware/Has.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Middleware;
+use Illuminate\Http\Request;
+use Closure;
+
+class Has {
+
+    public function handle ( Request $request, Closure $next, string $permission ) {
+
+        $perm     = permissionkey($permission);
+        $verified = (is_super() || user_has($perm)) && setting_has($perm) && store_has($perm);
+  
+        return $verified ? $next($request) : middlewareFailed();
+
+    }
+
+}

app/Http/Middleware/Role.php

@@ -8,12 +8,8 @@ class Role {
 
     public function handle ( Request $request, Closure $next, string $role ) {
 
-        return user_role() === strtolower($role) &&
-            user()?->active &&
-            user_has('allow_logins') &&
-            settings_has('allow_logins') &&
-            store_has('allow_logins')
-            ? $next($request) : middlewareFailed();
+        $verified = user()?->hasRole($role) && user()?->active;
+        return $verified ? $next($request) : middlewareFailed();
 
     }
 

app/Http/Middleware/User.php

@@ -20,10 +20,8 @@
 
         $middleware->alias([
             'store' => \App\Http\Middleware\Store::class,
-            'user'  => \App\Http\Middleware\User::class,
             'role'  => \App\Http\Middleware\Role::class,
-            'has'   => \App\Http\Middleware\UserHas::class,
-            'can'   => \App\Http\Middleware\UserCan::class,
+            'has'  => \App\Http\Middleware\Has::class,
         ]);
 
     })

app/Http/Middleware/UserCan.php

@@ -37,7 +37,7 @@
         Route::prefix('entities')->name('entities.')->controller(EntityController::class)->group(function(){
             Route::prefix('{entity}')->whereNumber('entity')->group(function(){
                 Route::prefix('permissions')->middleware('has:edit_permissions')->group(function(){
-                    Route::post('{permission?}', 'assignPermission')->name('assign');
+                    Route::post('assign/{permission?}', 'assignPermission')->name('assign');
                 });
             });
         });