search

gary-dalton / bowlsmke-issues

This is for issues related to the bowlsmke
0 stars 0 forks source link

Users and Roles #52

Open gary-dalton opened 1 year ago

gary-dalton commented 1 year ago

@RekordMeister

Permissions are assigned to roles and roles are assigned to users

Available roles (more can be added if needed). This is a copy/paste

// create roles and assign existing permissions $role1 = Role::create(['name' => 'treasurer']); $role1->givePermissionTo('for admins'); $role1->givePermissionTo('view users'); $role1->givePermissionTo('update users'); $role1->givePermissionTo('view groups'); $role1->givePermissionTo('update groups'); $role1->givePermissionTo('view payments'); $role1->givePermissionTo('update payments'); $role1->givePermissionTo('delete payments'); $role1->givePermissionTo('create otp');

    $role2 = Role::create(['name' => 'membership-director']);
    $role2->givePermissionTo('for admins');
    $role2->givePermissionTo('create users');
    $role2->givePermissionTo('view users');
    $role2->givePermissionTo('update users');
    $role2->givePermissionTo('delete users');
    $role2->givePermissionTo('create otp');

    $role3 = Role::create(['name' => 'marketing-manager']);
    $role3->givePermissionTo('for admins');
    $role3->givePermissionTo('view users');
    $role3->givePermissionTo('view groups');

    $role4 = Role::create(['name' => 'group-event-manager']);
    $role4->givePermissionTo('for admins');
    $role4->givePermissionTo('create groups');
    $role4->givePermissionTo('view groups');
    $role4->givePermissionTo('update groups');
    $role4->givePermissionTo('delete groups');
    $role4->givePermissionTo('create otp');

    $role5 = Role::create(['name' => 'member']);
    $role5->givePermissionTo('for members');

    $role6 = Role::create(['name' => 'paid-member']);
    $role6->givePermissionTo('for members');
    $role6->givePermissionTo('for paid members');

    $role8 = Role::create(['name' => 'root']);
    $role8->givePermissionTo('for admins');
    $role8->givePermissionTo('for members');
    $role8->givePermissionTo('for paid members');
    // gets all permissions via Gate::before rule; see AuthServiceProvider

    $role9 = Role::create(['name' => 'admin']);
    $role9->givePermissionTo('for admins');
    $role6->givePermissionTo('for members');
    $role9->givePermissionTo('for paid members');
    $role9->givePermissionTo('create otp');
gary-dalton commented 1 year ago

The 'member' and 'paid-member' roles are assigned automatically. All other, I do via shell commands for now.

Barb => treasurer Gary => root Steve H. => ??? Scott => root Steve M. => marketing-manager Mark M. => membership-director Dale => group-event-manager

I think I need to create some roles for volunteers, leagues, and tournaments but haven't thought those through yet. the basic idea is limit access to (in order) permissions, payments, delete actions, update actions, details, system settings

RekordMeister commented 1 year ago

Gary,

Understood.

All Board are assigned as Admin, correct?

Technically, per the bylaws, Steve M is Secretary (minutes, communication, hogline) and is helping Mark with Membership and updating the Outlook Calendar on the front face. Steve M. can also be assigned Membership Director. He is more technically inclined than Mark is.

Technically, Marketing is an umbrella which includes Group Event Manager. Dale and I are supposed to head Marketing, but I’m yielding to Dale right now. Dale, Mark and Pat Cronin would be assigned Group Event Managers for now.

Steve H and Bob are Grounds and Greens respectively. Those are areas that will benefit from the Volunteer Interest Form. There are things we can do there eventually. Bob is glued to his phone, but getting an email response from him is like expecting Tulips in autumn. I’m hoping via his son Nick, we can get him excited about the app and its potential for Greens and Tournaments.

Another role for Barb is House. House and Marketing could eventually be tied into Sponsorships.

Volunteer Roles: Heads of Committees: That’s basically outlined above and below via the Board Assignments. Volunteer Interested Members would become respective committee members.

Leagues: League Directors: -Mon Night: Mark Mathwig, -Tue Night: TBA, -Wed Night: Dale Parsons, Scott Lehmann, -Thur Afternoon: None (Open Bowl) -Thur Night: Dawn Majewski

Touneys: Each Tourney would have a Tourney Director or Co-Directors. I’m in the process of taking Tourney Director Requests now to fill all of our Club Tourneys before May 6.

We can talk more about limiting access to (in order) permissions, payments, delete actions, update actions, details, system settings at our next upcoming Web Team Meeting.

I know, I need to return to Asana, 😉

Scott

From: Gary Dalton @.> Sent: Tuesday, March 28, 2023 1:37 PM To: gary-dalton/bowlsmke-issues @.> Cc: scott lehmann @.>; Mention @.> Subject: Re: [gary-dalton/bowlsmke-issues] Users and Roles (Issue #52)

The 'member' and 'paid-member' roles are assigned automatically. All other, I do via shell commands for now.

Barb => treasurer Gary => root Steve H. => ??? Scott => root Steve M. => marketing-manager Mark M. => membership-director Dale => group-event-manager

I think I need to create some roles for volunteers, leagues, and tournaments but haven't thought those through yet. the basic idea is limit access to (in order) permissions, payments, delete actions, update actions, details, system settings

— Reply to this email directly, view it on GitHubhttps://github.com/gary-dalton/bowlsmke-issues/issues/52#issuecomment-1487423138, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A57U7BIZVCDC4JMQMRVFR7DW6MVVJANCNFSM6AAAAAAWK5YDV4. You are receiving this because you were mentioned.Message ID: @.**@.>>

RekordMeister commented 1 year ago

On the right path here. See previous email. Remind me: “create OTP” ?

From: Gary Dalton @.**@.>> Sent: Tuesday, March 28, 2023 1:23 PM To: gary-dalton/bowlsmke-issues @.**@.>> Cc: scott lehmann @.**@.>>; Mention @.**@.>> Subject: [gary-dalton/bowlsmke-issues] Users and Roles (Issue #52)

@RekordMeisterhttps://github.com/RekordMeister

Permissions are assigned to roles and roles are assigned to users

Available roles (more can be added if needed). This is a copy/paste

// create roles and assign existing permissions $role1 = Role::create(['name' => 'treasurer']); $role1->givePermissionTo('for admins'); $role1->givePermissionTo('view users'); $role1->givePermissionTo('update users'); $role1->givePermissionTo('view groups'); $role1->givePermissionTo('update groups'); $role1->givePermissionTo('view payments'); $role1->givePermissionTo('update payments'); $role1->givePermissionTo('delete payments'); $role1->givePermissionTo('create otp');

$role2 = Role::create(['name' => 'membership-director']);

$role2->givePermissionTo('for admins');

$role2->givePermissionTo('create users');

$role2->givePermissionTo('view users');

$role2->givePermissionTo('update users');

$role2->givePermissionTo('delete users');

$role2->givePermissionTo('create otp');

$role3 = Role::create(['name' => 'marketing-manager']);

$role3->givePermissionTo('for admins');

$role3->givePermissionTo('view users');

$role3->givePermissionTo('view groups');

$role4 = Role::create(['name' => 'group-event-manager']);

$role4->givePermissionTo('for admins');

$role4->givePermissionTo('create groups');

$role4->givePermissionTo('view groups');

$role4->givePermissionTo('update groups');

$role4->givePermissionTo('delete groups');

$role4->givePermissionTo('create otp');

$role5 = Role::create(['name' => 'member']);

$role5->givePermissionTo('for members');

$role6 = Role::create(['name' => 'paid-member']);

$role6->givePermissionTo('for members');

$role6->givePermissionTo('for paid members');

$role8 = Role::create(['name' => 'root']);

$role8->givePermissionTo('for admins');

$role8->givePermissionTo('for members');

$role8->givePermissionTo('for paid members');

// gets all permissions via Gate::before rule; see AuthServiceProvider

$role9 = Role::create(['name' => 'admin']);

$role9->givePermissionTo('for admins');

$role6->givePermissionTo('for members');

$role9->givePermissionTo('for paid members');

$role9->givePermissionTo('create otp');

— Reply to this email directly, view it on GitHubhttps://github.com/gary-dalton/bowlsmke-issues/issues/52, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A57U7BNM2JOVLKDQQIJV6EDW6MUANANCNFSM6AAAAAAWK5YDV4. You are receiving this because you were mentioned.Message ID: @.**@.>>

gary-dalton commented 1 year ago

OTP is One Time Passcode. Right now only used for Group Events, but there could be other uses down the road.

gary-dalton commented 1 year ago

Update on League Director Roles and Permissions. @RekordMeister, if you reply via email remove the previous messages. Thank you.

// LEAGUE DIRECTORS Leagues: League Directors: -Mon Night: Mark Mathwig, -Tue Night: TBA, -Wed Night: Dale Parsons, Scott Lehmann, -Thur Afternoon: None (Open Bowl) -Thur Night: Dawn Majewski

// create roles and assign existing permissions

Permission::create(['name' => 'join users to leagues']); Permission::create(['name' => 'league_1 notify']); Permission::create(['name' => 'league_2 notify']); Permission::create(['name' => 'league_3 notify']); Permission::create(['name' => 'league_4 notify']); Permission::create(['name' => 'league_5 notify']);

$role = Role::create(['name' => 'league_director_1']); $role->givePermissionTo('for admins'); $role->givePermissionTo('view users'); $role->givePermissionTo('join users to leagues'); $role->givePermissionTo('league_1 notify');

$user = User::firstWhere('email', 'Mark.mathwig@outlook.com'); $user->assignRole('league_director_1');

$role = Role::create(['name' => 'league_director_2']); $role->givePermissionTo('for admins'); $role->givePermissionTo('view users'); $role->givePermissionTo('join users leagues'); $role->givePermissionTo('league_2 notify');

$role = Role::create(['name' => 'league_director_3']); $role->givePermissionTo('for admins'); $role->givePermissionTo('view users'); $role->givePermissionTo('join users leagues'); $role->givePermissionTo('league_3 notify');

$user = User::firstWhere('email', 'dwparsons78@gmail.com'); $user->assignRole('league_director_3'); $user = User::firstWhere('email', 'scott.lehmann@mail.sit.edu'); $user->assignRole('league_director_3');

$role = Role::create(['name' => 'league_director_5']); $role->givePermissionTo('for admins'); $role->givePermissionTo('view users'); $role->givePermissionTo('join users leagues'); $role->givePermissionTo('league_5 notify');

$user = User::firstWhere('email', 'dnmajewski@gmail.com'); $user->assignRole('league_director_5');

gary-dalton commented 1 year ago

$user = User::firstWhere('email', 'jblaney52@gmail.com'); $user->assignRole('league_director_2');

$user->assignRole('admin'); $user = User::firstWhere('email', 'kenjaglinski@gmail.com'); $user->assignRole('league_director_2'); $user->assignRole('admin');

gary-dalton commented 1 year ago

use Spatie\Permission\Models\Role; use Spatie\Permission\Models\Permission; use App\Models\User $user = User::firstWhere('email', 'jbblaney@sbcglobal.net'); $role = Role::firstWhere('name', 'treasurer'); $user->getPermissionsViaRoles(); $role->givePermissionTo('create users');

gary-dalton commented 1 year ago

@RekordMeister What roles should have the ability to Add/Edit tournaments? This is a bit of advanced functionality due to interaction with inventory.

RekordMeister commented 1 year ago

President & Games Director & Website Responsible. Secretary if capable.

From: Gary Dalton @.> Sent: Tuesday, June 13, 2023 9:42 PM To: gary-dalton/bowlsmke-issues @.> Cc: scott lehmann @.>; Mention @.> Subject: Re: [gary-dalton/bowlsmke-issues] Users and Roles (Issue #52)

@RekordMeisterhttps://github.com/RekordMeister What roles should have the ability to Add/Edit tournaments? This is a bit of advanced functionality due to interaction with inventory.

— Reply to this email directly, view it on GitHubhttps://github.com/gary-dalton/bowlsmke-issues/issues/52#issuecomment-1589915593, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A57U7BMEW7CIYWU53YOSJWDXLC7BXANCNFSM6AAAAAAWK5YDV4. You are receiving this because you were mentioned.Message ID: @.**@.>>

gary-dalton commented 11 months ago

Add 'view payments' permission to group events coord

use Spatie\Permission\Models\Role; use Spatie\Permission\Models\Permission; use App\Models\User $user = User::firstWhere('email', 'dwparsons78@gmail.com'); $role = Role::firstWhere('name', 'group-event-manager'); $role->givePermissionTo('view payments'); $user->getPermissionsViaRoles();