From bc6feac14cb6c7a9252ab135409cb404ccf68452 Mon Sep 17 00:00:00 2001
From: Brian Adams <adamsb@msu.edu>
Date: Mon, 8 Jul 2024 15:30:20 -0400
Subject: [PATCH] fix: move permission creation to a migration. (#2120)

* fix: move permission creation to a migration.

* Apply suggestions from code review

Co-authored-by: Grant Eben <gmeben@users.noreply.github.com>

* remove role seeder from test cases.

---------

Co-authored-by: Grant Eben <gmeben@users.noreply.github.com>
---
 .../2024_07_08_183816_create_permissions.php  | 70 +++++++++++++++++++
 backend/database/seeders/DatabaseSeeder.php   |  1 -
 backend/database/seeders/RoleSeeder.php       | 11 +--
 backend/tests/ApiTestCase.php                 |  3 -
 backend/tests/TestCase.php                    |  3 -
 5 files changed, 76 insertions(+), 12 deletions(-)
 create mode 100644 backend/database/migrations/2024_07_08_183816_create_permissions.php

diff --git a/backend/database/migrations/2024_07_08_183816_create_permissions.php b/backend/database/migrations/2024_07_08_183816_create_permissions.php
new file mode 100644
index 000000000..effba90d6
--- /dev/null
+++ b/backend/database/migrations/2024_07_08_183816_create_permissions.php
@@ -0,0 +1,70 @@
+<?php
+
+use App\Models\Permission;
+use App\Models\Role;
+use Illuminate\Database\Migrations\Migration;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        $roles = Role::getArrayOfAllRoleNames();
+        foreach ($roles as $key => $role) {
+            Role::factory()->create([
+                'id' => $key + 1,
+                'name' => $role,
+            ]);
+        }
+
+        Permission::create(['name' => Permission::UPDATE_USERS])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR);
+        Permission::create(['name' => Permission::UPDATE_USERS_IN_OWN_PUBLICATION])
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR);
+        Permission::create(['name' => Permission::CREATE_PUBLICATION])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR);
+        Permission::create(['name' => Permission::VIEW_ALL_PUBLICATIONS])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR);
+
+        Permission::create(['name' => Permission::ASSIGN_REVIEWER])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR)
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR)
+            ->assignRole(Role::EDITOR);
+
+        Permission::create(['name' => Permission::UNASSIGN_REVIEWER])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR)
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR)
+            ->assignRole(Role::EDITOR);
+
+        Permission::create(['name' => Permission::ASSIGN_REVIEW_COORDINATOR])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR)
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR)
+            ->assignRole(Role::EDITOR);
+
+        Permission::create(['name' => Permission::UNASSIGN_REVIEW_COORDINATOR])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR)
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR)
+            ->assignRole(Role::EDITOR);
+
+        Permission::create(['name' => Permission::ASSIGN_EDITOR])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR)
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR);
+
+        Permission::create(['name' => Permission::UNASSIGN_EDITOR])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR)
+            ->assignRole(Role::PUBLICATION_ADMINISTRATOR);
+
+        Permission::create(['name' => Permission::UPDATE_SITE_SETTINGS])
+            ->assignRole(Role::APPLICATION_ADMINISTRATOR);
+    }
+
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+    }
+};
diff --git a/backend/database/seeders/DatabaseSeeder.php b/backend/database/seeders/DatabaseSeeder.php
index f73a9b818..1e81753d2 100644
--- a/backend/database/seeders/DatabaseSeeder.php
+++ b/backend/database/seeders/DatabaseSeeder.php
@@ -15,7 +15,6 @@ class DatabaseSeeder extends Seeder
     public function run()
     {
         $this->call([
-            RoleSeeder::class,
             UserSeeder::class,
             PublicationSeeder::class,
             StyleCriteriasSeeder::class,
diff --git a/backend/database/seeders/RoleSeeder.php b/backend/database/seeders/RoleSeeder.php
index e6653e103..95dc0f4af 100644
--- a/backend/database/seeders/RoleSeeder.php
+++ b/backend/database/seeders/RoleSeeder.php
@@ -10,18 +10,19 @@
 class RoleSeeder extends Seeder
 {
     /**
-     * Run the database seeds.
+     * Run the role seeder.
      *
+     * @deprecated Permission seeding is done via migration. This seeder is only useful for development (maybe).
      * @return void
      */
     public function run()
     {
         $roles = Role::getArrayOfAllRoleNames();
         foreach ($roles as $key => $role) {
-                Role::factory()->create([
-                    'id' => $key + 1,
-                    'name' => $role,
-                ]);
+            Role::factory()->create([
+                'id' => $key + 1,
+                'name' => $role,
+            ]);
         }
 
         Permission::create(['name' => Permission::UPDATE_USERS])
diff --git a/backend/tests/ApiTestCase.php b/backend/tests/ApiTestCase.php
index 7d80a2b4a..9970a697b 100644
--- a/backend/tests/ApiTestCase.php
+++ b/backend/tests/ApiTestCase.php
@@ -8,7 +8,4 @@
 abstract class ApiTestCase extends TestCase
 {
     use MakesGraphQLRequests;
-
-    public $seed = true;
-    public $seeder = 'RoleSeeder';
 }
diff --git a/backend/tests/TestCase.php b/backend/tests/TestCase.php
index d0604834b..29a7fe493 100644
--- a/backend/tests/TestCase.php
+++ b/backend/tests/TestCase.php
@@ -13,9 +13,6 @@ abstract class TestCase extends BaseTestCase
 {
     use CreatesApplication;
 
-    public $seed = true;
-    public $seeder = 'RoleSeeder';
-
     /**
      * Act as a new user with application administrator role
      *