Update permissions post FC 2025."

db/migrations/2024_12_15_000000_setup_fc_group_permissions.php

@@ -175,45 +175,75 @@ private function upDeveloper(): void
 
     private function renameGroup($groupNameOld, $groupNameNew): void
     {
-        $angel_group = $this->db->table('groups')->where('name', $groupNameOld)->update(['name' => $groupNameNew]);
+        FcMigrationUtils::renameGroup($this->db, $groupNameOld, $groupNameNew);
     }
 
-    private function removeGroupPrivilege($group_name, $privilege_name): void {
-        $group = $this->db->table('groups')->where('name', $group_name)->first();
+    private function removeGroupPrivilege($group_name, $privilege_name): void
+    {
+        FcMigrationUtils::removeGroupPrivilege($this->db, $group_name, $privilege_name);
+    }
+
+    private function addGroupPrivilege($group_name, $privilege_name): void
+    {
+        FcMigrationUtils::addGroupPrivilege($this->db, $group_name, $privilege_name);
+    }
+
+    /**
+     * Reverse the migration
+     */
+    public function down(): void
+    {
+        throw new Exception('FC cannot be downgraded, sorry!');
+    }
+}
+
+
+class FcMigrationUtils
+{
+    public static function renameGroup($db, $groupNameOld, $groupNameNew): void
+    {
+        $db->table('groups')->where('name', $groupNameOld)->update(['name' => $groupNameNew]);
+    }
+
+    public static function removeGroupPrivilege($db, $group_name, $privilege_name): void
+    {
+        $group = $db->table('groups')->where('name', $group_name)->first();
         if (!$group) {
+            // No group found with that name.
             return;
         }
 
-        $privilege = $this->db->table('privileges')->where('name', $privilege_name)->first();
+        $privilege = $db->table('privileges')->where('name', $privilege_name)->first();
         if(!$privilege) {
+            // No privilege found with that name.
             return;
         }
 
-        $this->db->table('group_privileges')->where('group_id', $group->id)->where('privilege_id', $privilege->id)->delete();
+        $db->table('group_privileges')->where('group_id', $group->id)->where('privilege_id', $privilege->id)->delete();
     }
 
-    private function addGroupPrivilege($group_name, $privilege_name): void
+    public static function addGroupPrivilege($db, $group_name, $privilege_name): void
     {
-        $group = $this->db->table('groups')->where('name', $group_name)->first();
+        $group = $db->table('groups')->where('name', $group_name)->first();
         if (!$group) {
+            // No group found with that name.
             return;
         }
 
-        $privilege = $this->db->table('privileges')->where('name', $privilege_name)->first();
+        $privilege = $db->table('privileges')->where('name', $privilege_name)->first();
         if(!$privilege) {
+            // No privilege found with that name.
+            return;
+        }
+
+        $group_privileges = $db->table('group_privileges')->where('group_id', $group->id)->where('privilege_id', $privilege->id);
+        if($group_privileges->count() !== 0) {
+            // GroupPrivilege already exists.
             return;
         }
 
-        $this->db->table('group_privileges')->insert([
+        $db->table('group_privileges')->insert([
             ['group_id' => $group->id, 'privilege_id' => $privilege->id],
         ]);
     }
-
-    /**
-     * Reverse the migration
-     */
-    public function down(): void
-    {
-        throw new Exception('FC cannot be downgraded, sorry!');
-    }
 }

db/migrations/2025_01_26_000000_update_fc_group_permissions.php

@@ -0,0 +1,74 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Engelsystem\Migrations;
+
+use Engelsystem\Database\Migration\Migration;
+use Illuminate\Database\Connection;
+use Illuminate\Database\Schema\Builder as SchemaBuilder;
+
+// The file setup_fc_group_permissions got us 90% of the way there for permissions
+// But during FC 2025, we realized we would need to tweak things little bit further
+// So this file further adjusts permissions to how we like them during a con.
+
+class UpdateFcGroupPermissions extends Migration
+{
+    protected Connection $db;
+    protected int $goodieManager = 50;
+
+    public function __construct(SchemaBuilder $schema)
+    {
+        parent::__construct($schema);
+        $this->db = $this->schema->getConnection();
+    }
+
+    /**
+     * Run the migration
+     */
+    public function up(): void
+    {
+        $this->upGofur();
+        $this->upShiftCoordinator();
+    }
+
+    private function upGofur(): void
+    {
+        $group = 'Gofur';
+
+        $this->addGroupPrivilege($group, 'admin_shifts');
+
+        // The final set of privileges should be
+        // admin_shifts, admin_user_worklog, angeltypes, atom, ical, locations.view, logout, news,
+        // shifts_json_export, user_angeltypes, user_myshifts, user_settings, user_shifts
+    }
+
+    private function upShiftCoordinator(): void
+    {
+        $group = 'Shift Coordinator';
+
+        $this->removeGroupPrivilege($group, 'admin_shifts');
+
+        // The final set of privileges should be
+        // admin_active, admin_arrive, admin_free, shifttypes.edit,
+        // shifttypes.view, user.info.show, user_shifts_admin, users.arrive.list
+    }
+
+    private function removeGroupPrivilege($group_name, $privilege_name): void
+    {
+        FcMigrationUtils::removeGroupPrivilege($this->db, $group_name, $privilege_name);
+    }
+
+    private function addGroupPrivilege($group_name, $privilege_name): void
+    {
+        FcMigrationUtils::addGroupPrivilege($this->db, $group_name, $privilege_name);
+    }
+
+    /**
+     * Reverse the migration
+     */
+    public function down(): void
+    {
+        throw new Exception('FC cannot be downgraded, sorry!');
+    }
+}