Added Role and Permission implementation along with policies, middleware, requests, controllers, models, migrations, and tests.

Author: lebronbrian23

app/Http/Controllers/PermissionController.php

@@ -0,0 +1,66 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\StorePermissionRequest;
+use App\Http\Requests\UpdatePermissionRequest;
+use App\Models\Permission;
+
+class PermissionController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     */
+    public function index()
+    {
+        //
+    }
+
+    /**
+     * Show the form for creating a new resource.
+     */
+    public function create()
+    {
+        //
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     */
+    public function store(StorePermissionRequest $request)
+    {
+        //
+    }
+
+    /**
+     * Display the specified resource.
+     */
+    public function show(Permission $permission)
+    {
+        //
+    }
+
+    /**
+     * Show the form for editing the specified resource.
+     */
+    public function edit(Permission $permission)
+    {
+        //
+    }
+
+    /**
+     * Update the specified resource in storage.
+     */
+    public function update(UpdatePermissionRequest $request, Permission $permission)
+    {
+        //
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     */
+    public function destroy(Permission $permission)
+    {
+        //
+    }
+}

app/Http/Controllers/RoleController.php

@@ -0,0 +1,101 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\StoreRoleRequest;
+use App\Http\Requests\UpdateRoleRequest;
+use App\Models\Role;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+use Inertia\Inertia;
+
+class RoleController extends Controller
+{
+    use AuthorizesRequests;
+    /**
+     * Display a listing of the resource.
+     */
+    public function index()
+    {
+        //
+    }
+
+    /**
+     *
+     */
+    public function getRoles()
+    {
+        $this->authorize('view-any', Role::class);
+        return Role::all();
+    }
+    /**
+     * Show the form for creating a new resource.
+     */
+    public function create()
+    {
+        return inertia::render('');
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     * @param StoreRoleRequest $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function store(StoreRoleRequest $request)
+    {
+
+        $this->authorize('create', Role::class);
+
+        $request->validated();
+
+        Role::create([
+            'name' => $request->name,
+            'description' => $request->description
+        ]);
+
+        return response()->json(['message' => 'Role Added'], 200);
+
+    }
+
+    /**
+     * @ AI
+     * @param $id
+     * @return mixed
+     */
+    public function getRole($id)
+    {
+        $role = Role::findorfail($id);
+        $this->authorize('view-any', $role);
+        return $role;
+    }
+    /**
+     * Display the specified resource.
+     */
+    public function show(Role $role)
+    {
+        //
+    }
+
+    /**
+     * Show the form for editing the specified resource.
+     */
+    public function edit(Role $role)
+    {
+        //
+    }
+
+    /**
+     * Update the specified resource in storage.
+     */
+    public function update(UpdateRoleRequest $request, Role $role)
+    {
+        //
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     */
+    public function destroy(Role $role)
+    {
+        //
+    }
+}

app/Http/Middleware/PermissionMiddleware.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class PermissionMiddleware
+{
+    /**
+     * Handles an incoming request by checking user permissions.
+     *
+     * @param Request $request The incoming request instance.
+     * @param Closure $next The next middleware to be executed.
+     * @param string $permission The required permission to access the resource.
+     *
+     * @return Response
+     *
+     * @throws \Symfony\Component\HttpKernel\Exception\HttpException Throws an HTTP 403 exception if the user lacks the required permission.
+     */
+    public function handle(Request $request, Closure $next, string $permission): Response
+    {
+        // Abort if unauthenticated or the user does NOT have the required permission
+        if (! $request->user() || ! $request->user()->hasPermission($permission)) {
+            abort(403, 'Access denied — Missing permission: ' . $permission);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/RoleMiddleware.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class RoleMiddleware
+{
+    /**
+     * Handle an incoming request and validate user role access.
+     *
+     * Checks if the authenticated user has the required role. If the user is
+     * either not authenticated or does not have the specified role, an HTTP
+     * 403 error is triggered with an appropriate unauthorized message.
+     *
+     * @param Request $request The current HTTP request instance.
+     * @param Closure $next A callback to pass the request to the next middleware.
+     * @param string $role The required role for the requested action.
+     * @return Response The HTTP response after processing the request.
+     * @throws \Symfony\Component\HttpKernel\Exception\HttpException If the user is unauthorized.
+     */
+    public function handle(Request $request, Closure $next, string $role): Response
+    {
+        // Abort if unauthenticated or the user does NOT have the required role
+        if (! $request->user() || ! $request->user()->hasRole($role)) {
+            abort(403, 'Unauthorized — Role required: ' . $role);
+        }
+        return $next($request);
+    }
+}

app/Http/Requests/StorePermissionRequest.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class StorePermissionRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return false;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            //
+        ];
+    }
+}

app/Http/Requests/StoreRoleRequest.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class StoreRoleRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => 'required',
+            'description' => 'required|min:5'
+        ];
+    }
+}

app/Http/Requests/UpdatePermissionRequest.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UpdatePermissionRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return false;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            //
+        ];
+    }
+}

app/Http/Requests/UpdateRoleRequest.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UpdateRoleRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return false;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            //
+        ];
+    }
+}

app/Models/Permission.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Database\Eloquent\SoftDeletes;
+
+class Permission extends Model
+{
+    use SoftDeletes;
+    //
+
+    protected $fillable = ['name', 'description'];
+
+    public function roles(): BelongsToMany
+    {
+        return $this->belongsToMany(Role::class);
+    }
+}