1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 

<?php

/**
 * @link                : http://www.loginradius.com
 * @category            : CustomerRegistration
 * @package             : RoleAPI
 * @author              : LoginRadius Team
 * @license             : https://opensource.org/licenses/MIT
 */

namespace LoginRadiusSDK\CustomerRegistration\Account;

use LoginRadiusSDK\Utility\Functions;

/**
 * Role API
 *
 * This is the main class to communicate with LoginRadius Customer Registration Role API.
 */
class RoleAPI {

    /**
     *
     * @param type $apikey
     * @param type $apisecret
     * @param type $options
     */
    public function __construct($apikey = '', $apisecret = '', $options = array()) {
        new Functions($apikey, $apisecret, $options);
    }

    
    /**
     * Create Roles.
     *
     * @param $roles json data
     *
     * {
     * "Roles":[
     *   {
     *    "Name":"Administrator",
     *    "Permissions":{
     *     "Edit":true,
     *     "Manage":true
     *    }
     *  }
     * ]
     * }

     * @return type
     */
    public function create($roles, $fields = '*') {
        return $this->apiClientHandler("role", array('fields' => $fields), array('method' => 'POST', 'post_data' => $roles, 'content_type' => 'json'));
    }
    
    
    /**
     * Get Context with Roles and Permissions.
     *
     * @param $uid = xxxxxxxxxxxxxxxxxxxxx;
     *
     * @return type
     */
    public function getContext($uid, $fields = '*') {
        return $this->apiClientHandler("account/" . $uid . "/rolecontext", array('fields' => $fields));
    }
    
    /**
     * Get Role of customer.
     *
     * @return type
     */
    public function get($fields = '*') {
        return $this->apiClientHandler("role", array('fields' => $fields));
    }    
    
    /**
     * Get Account Role by uid.
     *
     * @param $uid
     * @return type
     */
    public function getAccountRolesByUid($uid, $fields = '*') {
        return $this->apiClientHandler('account/' . $uid . '/role', array('fields' => $fields));
    }   
    
    /**
     * This API is used to add permission to role..
     *
     * $role = 'xxxxxx'; // role name
     * $permissions = {
     *  "permissions": [
     *     "permission_name1",
     *     "permission_name2"
     *   ]
     * }
     *
     * return object
     */
    public function addPermission($role, $permissions, $fields = '*') {
        return $this->apiClientHandler("role/" . $role . "/permission", array('fields' => $fields), array('method' => 'PUT', 'post_data' => $permissions, 'content_type' => 'json'));
    }
    
    /**
     * Insert role to account.
     *
     * @param $uid
     * @param $data = {"roles": ["role_name"]}
     * @return type
     */
    public function assignRolesByUid($uid, $data, $fields = '*') {
        return $this->apiClientHandler('account/' . $uid . '/role', array('fields' => $fields), array('method' => 'PUT', 'post_data' => $data, 'content_type' => 'json'));
    }

    /**
     * Add/Update Roles Context.
     *
     * @param $uid = xxxxxxxxxxxxxxxxxxxxx;
     * @param $rolesContext Json data
     *
     * {
     * "RoleContext": [
     * {
     * "Context": "Home",
     * "Roles": ["admin","user"],
     * "AdditionalPermissions": ["X","Y","Z"]
     * },
     * {
     * "Context": "Work",
     * "Roles": ["admin"],
     * "AdditionalPermissions": ["X","Y","Z"]
     *  }
     *  ]
     *  }
     * @return type
     */
    public function upsertContext($uid, $rolesContext, $fields = '*') {
        return $this->apiClientHandler("account/" . $uid . "/rolecontext", array('fields' => $fields), array('method' => 'PUT', 'post_data' => $rolesContext, 'content_type' => 'json'));
    }
    
    
    /**
     * Delete role.
     *
     * $role = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; //Name of Role
     *
     * return {IsDeleted : true}
     */
    public function delete($role, $fields = '*') {
        return $this->apiClientHandler('role/' . $role, array('fields' => $fields), array('method' => 'DELETE', 'post_data' => true));
    }
    
    /**
     * Unassign Roles by UID.
     *
     * @param $uid
     * @param $data = {"roles": ["role_name"]}
     * @return type
     */
    public function deleteAccountRoles($uid, $data, $fields = '*') {
        return $this->apiClientHandler('account/' . $uid . '/role', array('fields' => $fields), array('method' => 'DELETE', 'post_data' => $data, 'content_type' => 'json'));
    }
    
    /**
     * This API is used to remove permission to role.
     *
     * $role = 'xxxxxx'; // role name
     * $permissions = {
     *    "permissions": [
     *    "permission_name1"
     *   ]
     *   }
     *
     * return { "Name" : "Editor", "Permissions" :[{"Permission" : true},{"Permission" : true}]}
     */
    public function removePermission($role, $permissions, $fields = '*') {
        return $this->apiClientHandler('role/' . $role . '/permission', array('fields' => $fields), array('method' => 'DELETE', 'post_data' => $permissions, 'content_type' => 'json'));
    }

    /**
     * Delete Roles Context by Role Context Name
     *
     * @param $uid = xxxxxxxxxxxxxxxxxxxxx;
     * @param $roleContextName String data
     * @return type
     */
    public function deleteContextbyContextName($uid, $roleContextName, $fields = '*') {
        return $this->apiClientHandler("account/" . $uid . "/rolecontext/" . $roleContextName, array('fields' => $fields), array('method' => 'DELETE', 'post_data' => true));
    }    
    /**
     * Delete Roles From Context
     * @param type $uid
     * @param type $roles
     * {
     * "Role" : ["admin"]
     * }
     * @return type
     */
    public function deleteRoleFromContext($uid, $roleContextName, $roles, $fields = '*') {
        return $this->apiClientHandler("account/" . $uid . "/rolecontext/" . $roleContextName. "/role", array('fields' => $fields), array('method' => 'DELETE', 'post_data' => $roles, 'content_type' => 'json'));
    }
    /**
     * Delete Additional Permission by Role Context Name
     * 
     * @param type $uid
     * @param type $roleContextName
     * @param type $additionalPermission Json data
     * * {
     * "AdditionalPermissions": ["X"]
     * }
     * @return type
     */
    public function deleteAdditionalPermissionFromContext($uid, $roleContextName, $additionalPermission, $fields = '*') {
        return $this->apiClientHandler("account/" . $uid . "/rolecontext/" . $roleContextName. "/additionalpermission", array('fields' => $fields), array('method' => 'DELETE', 'post_data' => $additionalPermission, 'content_type' => 'json'));
    }

    /**
     * handle Roles APIs
     *
     * @param type $path
     * @param type $query_array
     * @param type $options
     * @return type
     */
    private function apiClientHandler($path, $query_array = array(), $options = array()) {
        return Functions::apiClient("/identity/v2/manage/" . $path, $query_array, array_merge(array('authentication' => 'secret'), $options));
    }

}