Kuantan Web Developer

User Roles And Permissions Without Package Laravel 10

July 25, 2023 by ghazalitajuddin Leave a Comment

Role Model

<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Str;

class Role extends Model
{
    use HasFactory;

     /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'slug',
    ];

    /**
     * The users that belong to the Role
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function users(): BelongsToMany
    {
        return $this->belongsToMany(User::class);
    }

    /**
     * The roles that belong to the Role
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function permissions(): BelongsToMany
    {
        return $this->belongsToMany(Permission::class,'role_permission');
    }


    public function setNameAttribute($value)
    {
        $this->attributes['name'] = $value;
        $this->attributes['slug'] = Str::slug($value);
    }


}

Role Migration

        Schema::create('roles', function (Blueprint $table) {
            $table->id();
            $table->string('name');
            $table->string('slug');
            $table->timestamps();
        });

Permission Model

<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Str;

class Permission extends Model
{
    use HasFactory;

    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'slug',
    ];

    /**
     * The roles that belong to the Permission
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function users(): BelongsToMany
    {
        return $this->belongsToMany(User::class);
    }

    /**
     * The roles that belong to the Permission
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function roles(): BelongsToMany
    {
        return $this->belongsToMany(Role::class,'role_permission');
    }

    public function setNameAttribute($value)
    {
        $this->attributes['name'] = $value;
        $this->attributes['slug'] = Str::slug($value);
    }
}

Permission Migration


        Schema::create('permissions', function (Blueprint $table) {
            $table->id();
            $table->string('name');
            $table->string('slug');
            $table->timestamps();

        });

App\Services\HasPermissionsTraits.php

<?php

namespace App\Services;

use App\Permission;
use App\Role;

trait HasPermissionsTrait {

   public function givePermissionsTo(... $permissions) {

    $permissions = $this->getAllPermissions($permissions);
    if($permissions === null) {
      return $this;
    }

    $this->permissions()->saveMany($permissions);
    return $this;

  }

  public function withdrawPermissionsTo( ... $permissions ) {

    $permissions = $this->getAllPermissions($permissions);
    $this->permissions()->detach($permissions);
    return $this;

  }

  public function refreshPermissions( ... $permissions ) {

    $this->permissions()->detach();
    return $this->givePermissionsTo($permissions);

  }

  public function hasPermissionTo($permission) {

    return $this->hasPermissionThroughRole($permission) || $this->hasPermission($permission);

  }

  public function hasPermissionThroughRole($permission) {

    foreach ($permission->roles as $role){
      if($this->roles->contains($role)) {
        return true;
      }
    }
    return false;

  }

  public function hasRole( ... $roles ) {

    foreach ($roles as $role) {
      if ($this->roles->contains('slug', $role)) {
        return true;
      }
    }
    return false;

  }

  public function roles() {

    return $this->belongsToMany(Role::class,'users_roles');

  }
  public function permissions() {

    return $this->belongsToMany(Permission::class,'users_permissions');

  }
  protected function hasPermission($permission) {

    return (bool) $this->permissions->where('slug', $permission->slug)->count();
  }

  protected function getAllPermissions(array $permissions) {

    return Permission::whereIn('slug',$permissions)->get();

  }
}

Create custom provider

php artisan make:provider PermissionsServiceProvider

App\Providers\PermissionsServiceProvider.php

<?php

namespace App\Providers;

use App\Services;
use App\Models\Permission;
use Illuminate\Support\Facades\Blade;
use Illuminate\Support\Facades\Gate;
use Illuminate\Support\ServiceProvider;


class PermissionsServiceProvider extends ServiceProvider
{
    /**
     * Register services.
     */
    public function register(): void
    {
        //
    }

    /**
     * Bootstrap services.
     */
    public function boot()
    {
        try {
            Permission::get()->map(function ($permission) {
                Gate::define($permission->slug, function ($user) use ($permission) {
                    return $user->hasPermissionTo($permission);
                });
            });
        } catch (\Exception $e) {
            report($e);
            return false;
        }

        //Blade directives
        Blade::directive('role', function ($role) {
             return "if(auth()->check() && auth()->user()->hasRole({$role})) :"; //return this if statement inside php tag
        });

        Blade::directive('endrole', function ($role) {
             return "endif;"; //return this endif statement inside php tag
        });
    }
}

Register our provider at Config\App.php


    'providers' => ServiceProvider::defaultProviders()->merge([
        /*
         * Package Service Providers...
         */

        /*
         * Application Service Providers...
         */
        App\Providers\AppServiceProvider::class,
        App\Providers\AuthServiceProvider::class,
        // App\Providers\BroadcastServiceProvider::class,
        App\Providers\EventServiceProvider::class,
        App\Providers\RouteServiceProvider::class,
        App\Providers\PermissionsServiceProvider::class,
    ])->toArray(),

Tinker

$u = App\Models\User::where('name','Ghazali Tajuddin')->first()
= App\Models\User {#7268
    id: 1,
    name: "Ghazali Tajuddin",
    email: "ghazali.tajuddin@gmail.com",
    email_verified_at: "2023-07-27 06:24:48",
    #password: "",
    #remember_token: null,
    created_at: "2023-07-27 06:24:48",
    updated_at: null,
  }

$p = App\Models\Permission::where('slug','create-neighbourhood')
->first()
= App\Models\Permission {#7274
    id: 19,
    name: "Create Neighbourhood",
    slug: "create-neighbourhood",
    created_at: "2023-07-27 06:24:49",
    updated_at: "2023-07-27 06:24:49",
  }

$r = App\Models\Role::where('slug','super-admin')->first()
= App\Models\Role {#7283
    id: 1,
    name: "Super Admin",
    slug: "super-admin",
    created_at: "2023-07-27 06:24:49",
    updated_at: "2023-07-27 06:24:49",
  }

//Attach Roles To User
$u->roles()->attach($r)

//Attach Permissions To User
$u->permissions()->attach($p)

//Test if user has permission to "create-neighbourhood" slug
$u->can('create-neighbourhood')
= true

//Test if user has role "super-admin" slug
$u->hasRole('super-admin')
= true

//Test $u
$u
= App\Models\User {#7268
    id: 1,
    name: "Ghazali Tajuddin",
    email: "ghazali.tajuddin@gmail.com",
    email_verified_at: "2023-07-27 06:24:48",
    #password: "",
    #remember_token: null,
    created_at: "2023-07-27 06:24:48",
    updated_at: null,
    permissions: Illuminate\Database\Eloquent\Collection {#7288
      all: [
        App\Models\Permission {#7291
          id: 19,
          name: "Create Neighbourhood",
          slug: "create-neighbourhood",
          created_at: "2023-07-27 06:24:49",
          updated_at: "2023-07-27 06:24:49",
          pivot: Illuminate\Database\Eloquent\Relations\Pivot {#7289
            user_id: 1,
            permission_id: 19,
          },
        },
      ],
    },
    roles: Illuminate\Database\Eloquent\Collection {#7298
      all: [
        App\Models\Role {#7293
          id: 1,
          name: "Super Admin",
          slug: "super-admin",
          created_at: "2023-07-27 06:24:49",
          updated_at: "2023-07-27 06:24:49",
          pivot: Illuminate\Database\Eloquent\Relations\Pivot {#7276
            user_id: 1,
            role_id: 1,
          },
        },
      ],
    },
  }

//Get Super Admin Role
$r = App\Models\Role::where('slug','super-admin')->first()
= App\Models\Role {#7268
    id: 1,
    name: "Super Admin",
    slug: "super-admin",
    created_at: "2023-07-27 07:17:27",
    updated_at: "2023-07-27 07:17:27",
  }

//Get role permissions only 'name' attribute 
$r->permissions()->pluck('name')
= Illuminate\Support\Collection {#7292
    all: [
      "Create User",
      "Read User",
      "Update User",
      "Delete User",
      "List User",
    ],
  }

//Get Property Residential Id 1 Neighbourhood Record
$pr = App\Models\PropertyResidential::find(1)
->property->street->neighbourhood
= App\Models\Neighbourhood {#7328
    id: 1,
    name: "Taman Koperasi Guru",
    acronym: "tkg",
    subdomain: "tkg",
    slug: "taman-koperasi-guru",
    postcode: "25150",
    city: "Kuantan",
    state: "Pahang",
    resgistrar_id: null,
    created_at: null,
    updated_at: null,
  }

//Get Property Id 1 Neighbourhood Record 
$pr = App\Models\Property::find(1)->street->neighbourhood
= App\Models\Neighbourhood {#7328
    id: 1,
    name: "Taman Koperasi Guru",
    acronym: "tkg",
    subdomain: "tkg",
    slug: "taman-koperasi-guru",
    postcode: "25150",
    city: "Kuantan",
    state: "Pahang",
    resgistrar_id: null,
    created_at: null,
    updated_at: null,
  }

//Get property with number(1) neighbourhood record
$pr = App\Models\Property::where('number','1')
->first()->street->neighbourhood
= App\Models\Neighbourhood {#7336
    id: 1,
    name: "Taman Koperasi Guru",
    acronym: "tkg",
    subdomain: "tkg",
    slug: "taman-koperasi-guru",
    postcode: "25150",
    city: "Kuantan",
    state: "Pahang",
    resgistrar_id: null,
    created_at: null,
    updated_at: null,
  }

//Get Property Id(1) Neighbourhood Name
$pr = App\Models\Property::find(1)->street->neighbourhood->name
= "Taman Koperasi Guru"

//Get Property Id(1) Street Name
$pr = App\Models\Property::find(1)->street->name
= "Lorong Karyawan 1"

//Get property record with number (2) on street (1) only with full_name and created_at attribute
$pr = App\Models\Property::where('number','2')
->where('street_id','1')
->first()
->residents
->map->only('full_name','created_at')
= Illuminate\Support\Collection {#7371
    all: [
      [
        "full_name" => "Ghazali Tajuddin",
        "created_at" => Illuminate\Support\Carbon @1690467115 {#7268
          date: 2023-07-27 14:11:55.0 UTC (+00:00),
        },
      ],
      [
        "full_name" => "Ida",
        "created_at" => Illuminate\Support\Carbon @1690467115 {#7344
          date: 2023-07-27 14:11:55.0 UTC (+00:00),
        },
      ],
    ],
  }

//Get property residential with male disabilities and take 2 records
$pr = App\Models\PropertyResidential::
whereNotNull('male_disabilities')
->where('male_disabilities','>',0)->take(2)->get()
= Illuminate\Database\Eloquent\Collection {#7269
    all: [
      App\Models\PropertyResidential {#7268
        id: 1,
        property_id: 1,
        registrar_id: null,
        male_babies: 2,
        female_babies: 2,
        male_childs: 2,
        female_childs: 2,
        male_adults: 2,
        female_adults: 2,
        male_seniors: 2,
        female_seniors: 2,
        male_disabilities: 2,
        female_disabilities: 2,
        has_health_problem: 2,
        health_description: "2",
        total_resident: 2,
        occupancy_status: 2,
        created_at: "2023-07-28 02:26:24",
        updated_at: null,
      },
      App\Models\PropertyResidential {#7271
        id: 2,
        property_id: 2,
        registrar_id: null,
        male_babies: 2,
        female_babies: 2,
        male_childs: 2,
        female_childs: 2,
        male_adults: 2,
        female_adults: 2,
        male_seniors: 2,
        female_seniors: 2,
        male_disabilities: 2,
        female_disabilities: 2,
        has_health_problem: 2,
        health_description: "2",
        total_resident: 2,
        occupancy_status: 2,
        created_at: "2023-07-28 02:26:24",
        updated_at: null,
      },
    ],
  }

//Get first record property record
$pr->get(0)->property
= App\Models\Property {#7259
    id: 1,
    type: 1,
    number: "1",
    street_id: 1,
    owner_name: null,
    owner_contact: null,
    neighbourhood_id: 1,
    registrar_id: 1,
    created_at: null,
    updated_at: null,
  }

Reference link.

Laravel Many To Many Relationship

July 22, 2023 by ghazalitajuddin Leave a Comment

Property Class

class Property extends Model
{
    protected $table = 'properties';
    use HasFactory;

    /**
     * Get the Street that owns the Property
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
     */
    public function street(): BelongsTo
    {
        return $this->belongsTo(Street::class);
    }

    /**
     * Get the Neighbourhood that owns the Property
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
     */
    public function neighbourhood(): BelongsTo
    {
        return $this->belongsTo(Neighbourhood::class);
    }
}

Resident Class

class Resident extends Model
{
    use HasFactory;
    protected $guarded = [];
    
    /**
     * The Property that belong to the Resident
     *
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function properties(): BelongsToMany
    {
        return $this->belongsToMany(Property::class);
    }
}

Pivot class, PropertyResident class.

class PropertyResident extends Model
{

    use HasFactory;
    protected $fillable = ['property_id', 'resident_id'];

}

Use tinker to test

php artisan tinker 

//To find resident id
$r=App\Models\Resident::find(1)

//To get all resident properties
$r->properties

//To count all resident properties
$r->properties->count()

//To find resident id(1) neighbourhood trough properties (many to many relationship)
$r->properties->find(5)->neighbourhood->name

//To get all resident id(1) property "property_id"
$r->properties()->pluck('property_id')

//To get distinct(*) neighbourhood
$r->properties()->distinct()->pluck('neighbourhood_id')

//To get all neighbourhood id group by neighbourhood id
$r->properties()->groupBy('neighbourhood_id')->pluck('neighbourhood_id')

Dari HTTP ke HTTPS dengan ZeroSSL.com

December 24, 2018 by ghazalitajuddin Leave a Comment

Bila Google mula treat HTTP as not secure, maka merabanlah kita mencari jalan nak membantu customer yang dah beli domain dan hosting yang takde HTTPS. Bukan setakat sakit mata, sakit hati juga sebab setiap kali reload page, korang terpaksa klik pada “Proceed to…” dan banyak task lain tak boleh buat sebab keluar warning page sebegitu. Jadi nak tak nak kena cari jalan macam mana nak setel. Kalau customer jenis banyak duit, boleh lah mintak bajet untuk beli SSL. Sebaliknya kalau customer takde bajet, macam mana nak buat? Aiyo confirm tak boleh siap website ni oit. Bising la jawabnya.

Mujurlah ada sesetengah hosting dah prepare siap-siap bantu sediakan free SSL. Atas nasib. Sebab tak semua, contohnya ada satu customer ni beli domain dari GoDaddy, yang memang takde khidmat free ssl ni. Memang kena masuk check list setiap kali nak buat website customer yang dah ada exist website. So takdela kita pulak nak kena tanggung.

Sungguh menyakitkan mata bila melihat url bertanda merah, dengan tulisan Not Secure macam tu. Paparan browser Google Chrome.

Mujurlah selepas google, sebenarnya masih ada cara untuk dapatkan free ssl secara manual dengan menggunakan perkhidmatan https://zerossl.com/. So boleh try pada sesiapa yang guna servis GoDaddy.com.

Remove Items In Admin Bar Menu That Added By Plugins / Themes

September 24, 2018 by ghazalitajuddin Leave a Comment

Usually to remove any default items on Admin Menu Bar we can do as below

function remove_items_wp_admin_bar(){
	global $wp_admin_bar;
	
	//$wp_admin_bar->remove_menu('tribe-events');
	$wp_admin_bar->remove_node('tribe-events');
	$wp_admin_bar->remove_node('comments');
	$wp_admin_bar->remove_node('new-content');
	$wp_admin_bar->remove_node('site-name');
	$wp_admin_bar->remove_node('wp-logo');
			
}

add_action('admin_bar_menu', 'remove_items_wp_admin_bar', 1000);

But this technique sometimes does not remove any items / links that added by plugins and themes. So you should call using wp_before_admin_bar_render action as below.

add_action('wp_before_admin_bar_render', 'remove_items_wp_admin_bar', 1000);

How To Remove Dashboard Widget For Non Admin

September 24, 2018 by ghazalitajuddin

Berguna bila kita nak bagi public accout access wp-admin. Mungkin ada beberapa info yang tak perlu depa tau kita remove.

Example #1 using remove_meta_box :

add_action('wp_dashboard_setup','remove_dashboard_widgets");

function remove_jetpack(){
	if ( ! current_user_can('manage_options') ){
	remove_meta_box( 'dashboard_quick_press','dashboard', 'side' );      //Quick Press widget
	remove_meta_box( 'dashboard_recent_drafts', 'dashboard', 'side' );      //Recent Drafts
	remove_meta_box( 'dashboard_primary', 'dashboard', 'side' );      //WordPress.com Blog
	remove_meta_box( 'dashboard_secondary', 'dashboard', 'side' );      //Other WordPress News
	remove_meta_box( 'dashboard_incoming_links','dashboard', 'normal' );    //Incoming Links
	remove_meta_box( 'dashboard_plugins', 'dashboard', 'normal' );    //Plugins
	remove_meta_box('dashboard_right_now', 'dashboard', 'normal');
	remove_meta_box('dashboard_activity', 'dashboard', 'normal');
	remove_meta_box('tribe_dashboard_widget', 'dashboard', 'normal');
	}
}

Example #2 using unset() :

add_action('wp_dashboard_setup','remove_dashboard_widgets");

function remove_jetpack(){
global $wp_meta_boxes;

        if ( ! current_user_can('manage_options') ){	
 
        unset($wp_meta_boxes['dashboard']['side']['core']['dashboard_quick_press']);
        unset($wp_meta_boxes['dashboard']['normal']['core']['dashboard_incoming_links']);
        unset($wp_meta_boxes['dashboard']['normal']['core']['dashboard_right_now']);
        unset($wp_meta_boxes['dashboard']['normal']['core']['dashboard_plugins']);
        unset($wp_meta_boxes['dashboard']['normal']['core']['dashboard_recent_drafts']);
        unset($wp_meta_boxes['dashboard']['normal']['core']['dashboard_recent_comments']);
        unset($wp_meta_boxes['dashboard']['side']['core']['dashboard_primary']);
        unset($wp_meta_boxes['dashboard']['side']['core']['dashboard_secondary']);
	}
}

To disable all dashboard widget including custom widget we can do like this

add_action('wp_dashboard_setup','remove_dashboard_widgets");

function remove_jetpack(){
global $wp_meta_boxes;

        if ( ! current_user_can('manage_options') ){	
          unset($wp_meta_boxes['dashboard']);
	}
}

Pencerobohan Privasi Menggunakan Google Forms

September 1, 2018 by ghazalitajuddin Leave a Comment

Siapa tak kenal Google? Takkan la tak kenal ye tak?

Antara big player teknologi ICT dunia, sama seperti Amazon, Apple dan Facebook yang mengeluarkan pelbagai produk dan perkhidmatan berasaskan teknologi. Tak terkira banyak produk yang dikeluarkan oleh Google ni. Antara yang paling banyak aku guna adalah Gmail, Google Drive dan Google Docs.

Cuma kali aku nak highlight sikit dengan satu applikasi iaitu Google Forms.

Korang pakai tak Google Forms? Seperti yang kebanyakan tahu Google Forms adalah sebuah applikasi online yang menyediakan perkhidmatan borang bagi mengutip sebarang info yang kita perlukan dengan mudah. Maknanya, kita boleh design borang kira, setup apa maklumat yang kita perlukan, generate link dan edarkan link kepada pengguna sasaran kita untuk diisi. Sangat mudah dan ianya adalah percuma!

Apabila pengguna sasaran kita itu telah mengisi borang dan submit kepada kita. Data tadi boleh dipersembahkan dalam bentuk laporan dan carta yang disediakan oleh Google secara percuma. Cuma kita sebagai owner form sahajalah yang boleh tengok. Memang applikasi yang amat mudah dan membantu.

Cth carta pai yang dihasilkan melalui Google Form

Kelemahan

Cuma aku nampak ada sedikit kelemahan disini. Mungkin korang pun perasan. Disebabkan ia percuma, bila ada akaun GMAIL, semua boleh setup Google Form. Bila dah menjadi kebiasaan isi form, ramai yang lupa tentang data privacy kita sebenarnya terdedah untuk dicuri dengan mudah. Bagaimana mereka buat tu? Modus operandinya adalah melalui iklan tawaran menarik dan minta anda isi form. Tapi jangan salah faham pula, ada iklan yang mmg dia mintak kita bagi info utk mereka salurkan maklumat. Kalau dah memang jelas iklan itu daripada syarikat yang kita kenal tu tak perlu risau lah. Apa yang aku maksudkan disini adalah iklan daripada mereka yang tidak kenali, yang mengaku mereka daripada organisasi sekian-sekian tetapi sebenarnya tidak. Mereka guna nama as cover up sahaja, untuk dapat kepercayaan orang ramai. All details on the ads very convinicng tapi sebenarnya sekadar untuk korang isi form sahaja. Pernah jumpa tak macam ni?

Contoh

Contoh mudah ada beberapa iklan di FB dan Instagram yang menggunakan nama Agensi Kerajaan kononnya menawarkan iklan bantuan kewangan bagi perniagaan dengan kelulusan pantas. Bila kita klik link ia bawa ke Google Form yang collect maklumat peribadi seperti, nama, no fon, ic, alamat, dan lain2. Kalau diperhatikan pelik juga macam mana agensi kerajaan guna Google Form untuk urusan rasmi begini? Kemudian, jika dilihat pada Google Form berkenaan tiada pula sebarang info berkaitan agensi kerajaan berkenaan sedangkan ia adalah tawaran daripada institusi kewangan. .

Rumusan

Aku tidakla menghalang korang guna Google Form tu hahaha. Cuma hati-hati je bila isi maklumat yang diminta. Semak form baik2.

Jika korang berkhidmat dengan mana2 organisasi dan ada menggunakan Google Form, please sertakan detail dan contact ada pada Google Form bagi memudahkan pengguna hubungi untuk pengesahan. Bagi kita as user ni berhati-hati ya. Sangat-sangat berhati-hati. Jika salah maklumat yang kita dedahkan, kita juga akan susah nanti atau privacy kita terganggu.

Selamat!