File: /home/posscale/public_html/printmanager/app/Http/Controllers/Tenant/RoleController.php
<?php
namespace App\Http\Controllers\Tenant;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\View\View;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class RoleController extends Controller
{
/**
* Display a listing of roles and their permissions in the tenant.
*/
public function index(): View
{
// Only users with manage_users permission may view/manage roles
abort_unless(auth()->user()?->can('manage_users'), 403);
$roles = Role::with('permissions')->get();
return view('tenant.roles.list', [
'roles' => $roles,
]);
}
/**
* Show the form for editing a specific role's permissions.
*/
public function edit(Role $role): View
{
abort_unless(auth()->user()?->can('manage_users'), 403);
$permissions = Permission::orderBy('name')->get();
$assigned = $role->permissions->pluck('name')->toArray();
return view('tenant.roles.edit', [
'role' => $role,
'permissions' => $permissions,
'assigned' => $assigned,
]);
}
/**
* Update a role's assigned permissions.
*/
public function update(Request $request, Role $role)
{
abort_unless(auth()->user()?->can('manage_users'), 403);
$permissionNames = $request->input('permissions', []);
// Sync selected permissions by name for this role
$role->syncPermissions($permissionNames);
return redirect()->route('roles.index')->with('message', 'Role permissions updated successfully.');
}
}