feat(permission): fresh-port Spatie permission package#402
Open
binaryfire wants to merge 23 commits into
Open
Conversation
Add a package:install command that scaffolds a Hypervel Workbench application for package development. The command creates Workbench directories, writes testbench.yaml, generates auth-ready Workbench stubs, wires composer autoload-dev namespaces, optionally exports the runtime .env example, creates the runtime SQLite database, and refreshes Composer autoloads. Move standalone Testbench CLI providers into the early extra.providers path so commands contributed by TestbenchServiceProvider are discoverable before the console kernel loads command definitions. Document the new install flow, force/basic options, and intentional Workbench surface differences from Orchestra. Add regression coverage for default and basic scaffolds, composer autoload idempotency, namespace conflicts, existing namespace reuse, sqlite creation, env export prompt paths, and command registration.
Add the implementation plans used for the fresh hypervel/permission port from spatie/laravel-permission. Capture the porting decisions, Hypervel-specific architecture notes, test strategy, and review context so the package rewrite has durable background for future maintenance.
Move the previous Hypervel 0.3-era permission package, docs, and tests into the archive for reference. Remove the old manager, singular traits, broad exception wrappers, legacy command location, and old tests so the new package can be rebuilt around the current Spatie surface and Hypervel 0.4 architecture.
Add the new permission package metadata, root autoload wiring, configuration file, and migration stubs for the Spatie-based port. The schema uses Spatie model_* naming, supports teams, includes forbidden permission pivots, and keeps the upgrade migration for enabling teams after initial installation.
Port the Spatie permission contracts and typed exception classes to Hypervel namespaces and strict PHP types. Replace the old broad RoleException and PermissionException surfaces with precise exceptions for missing roles, missing permissions, guard mismatches, teams, wildcard validation, and authorization failures.
Add the new PermissionRegistrar, config access layer, guard resolver, coroutine-safe team resolver, and helper functions. The registrar uses configured cache repositories plus memoized reads, keeps team state in CoroutineContext, stores worker-lifetime config-derived state explicitly, and exposes cache invalidation paths for long-lived Hypervel workers.
Port the Spatie Role and Permission models to Hypervel with strict typing, model_* schema naming, configured table and key support, teams-aware lookups, and forbidden permission pivot support. Keep Spatie public APIs such as findByName, findById, findOrCreate, users, roles, and permissions while adapting lookup and cache behavior for Hypervel's singleton registrar.
Port Spatie's permission, role, assigned-model, cache-refresh, and wildcard trait behavior into the fresh Hypervel package. Integrate forbidden permissions, unit-enum inputs, team-aware relation handling, model assignment cache invalidation, and wildcard checks without keeping old 0.3 singular trait aliases.
Port Spatie's role, permission, and role-or-permission middleware to Hypervel. Support pipe, array, enum, guard, Passport client credential fallback, and canonical Spatie method names while preserving Hypervel strict typing and exception behavior.
Port Spatie's role and permission assignment event classes to Hypervel. These events back attach and detach hooks while the package dispatch path remains guarded by configuration and Hypervel listener checks so dormant events stay cheap.
Port the permission console commands to Hypervel command conventions. Add role and permission creation, role assignment, cache reset, permission table display, and setup-teams migration generation with strict types and Hypervel path/config behavior.
Wire the fresh permission package into Hypervel through its service provider. Register config, publishes, commands, contract bindings, middleware aliases, route macros, Blade directives, Gate permission checks, and About command output while documenting the intentional Octane omission at the future-porting point.
Add getDefaultDriver() to the auth factory contract so permission guard resolution can depend on the contract instead of the concrete auth manager. This is the getter counterpart to the existing shouldUse() setter and represents behavior all conforming auth factories need to provide.
Add Model::flushGuardableColumns() as a narrow reset for cached guardable-column metadata. This lets tests and schema-mutating flows clear stale table-column metadata without calling the broader Model::flushState(), and keeps flushState behavior unchanged by delegating through the new helper. Add focused coverage proving other model static state is preserved.
Register the permission team resolver and registrar with the global after-test cleanup subscriber. This prevents worker-lifetime registrar state and coroutine-backed team state from leaking across the permission test suite while matching the existing Hypervel static-state cleanup pattern.
Add the Hypervel testbench base case and package fixtures for the fresh permission port. The harness configures guards, providers, schema, cache isolation, Passport-style fake clients, team setup helpers, custom model fixtures, Blade fixture views, and package-specific route helpers used by the ported test suite.
Port and adapt command tests for the fresh permission package. Cover role and permission creation, duplicate handling, command output, teams setup migration generation and execution, role assignment, team-aware assignment, and team display behavior under Hypervel testbench.
Port and expand middleware tests for permission, role, role-or-permission, wildcard, and Passport client credential behavior. The Passport tests use a local fake guard and client until Hypervel Passport exists, while preserving the upstream client-credential behavior matrix and recording the later real-Passport replacement in the todo list.
Port and adapt model and trait tests for roles, permissions, teams, custom models, assigned models, wildcard permissions, nesting, and soft-delete behavior. Include Hypervel-specific coverage for forbidden permissions, team-scoped query optimization, cross-team deletion, custom schema behavior, and UUID custom model replacements.
Port integration-style tests for Blade directives, route macros, gate integration, custom gates, cache behavior, multiple guards, policies, wildcard routes, and registrar behavior. These tests exercise the package through Hypervel's container, auth, routing, view, cache, and gate layers rather than only direct model calls.
Add Hypervel-specific and port-completeness tests for the permission package. Cover coroutine isolation, forbidden permissions, event dispatch behavior, schema customization, teams schema, public API expectations, unit enum inputs, and wildcard permission parsing/matching.
Rewrite the permission package README and Boost docs for the fresh Spatie-based Hypervel port. Document installation, traits, roles, permissions, teams, guards, middleware, routes, Blade directives, commands, wildcards, events, forbidden permissions, cache behavior, and differences from Spatie/Laravel. Add a durable todo to replace fake Passport client tests with real Passport coverage after Passport is ported.
|
Too many files changed for review. ( |
|
Important Review skippedToo many files! This PR contains 175 files, which is 25 over the limit of 150. To get a review, narrow the scope: Upgrade to a paid plan to raise the limit. ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (175)
You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fresh-ports
hypervel/permissionfrom the currentspatie/laravel-permissionpackage and adapts it for Hypervel 0.4's long-lived Swoole/coroutine runtime.This replaces the older Hypervel 0.3-era implementation with a current Spatie-compatible API surface, while preserving Hypervel-specific improvements such as forbidden permissions, coroutine-safe team state, and worker-aware caching.
What Changed
_archive/for reference.HasRolesHasPermissionsRolePermissionPermissionRegistrarmodel_has_rolesmodel_has_permissionsmodel_morph_keypermission:setup-teams.enum_value()supports it.AfterEachTestSubscriber.Auth\Factory::getDefaultDriver()so guard resolution can depend on the auth contract.Model::flushGuardableColumns()as a narrow Eloquent helper for schema-mutating tests that need to clear cached guardable-column metadata without flushing all model state.Performance
The port keeps the public API close to Spatie, but adapts hot paths for Hypervel's worker model.
syncRoles()avoids a redundant relation reload while preserving behavior.Coroutine Safety
The port avoids storing request/team state on worker-lifetime singletons.
CoroutineContext.Intentional Hypervel Differences
This is not a blind copy of Spatie/Laravel internals. The API is kept close to Spatie, but internals are adapted where Hypervel's runtime requires it.
events_enabledandhasListeners()to keep dormant framework events cheap.Testing
The fresh port includes broad coverage from upstream Spatie plus Hypervel-specific regression tests.
Added and ported coverage for:
Validation run before opening this PR:
Result:
Claude reviewed and signed off on the final implementation after the full validation run.