feat: added api access modification and creation shortcut

Author: abdedarghal111

Core/Model/ApiAccess.php

@@ -131,6 +131,26 @@ public static function primaryColumn(): string
         return 'id';
     }
 
+    /**
+     * Update HTTP method permissions for this API resource and save the changes.
+     *
+     * @param bool $get    Whether GET is allowed.
+     * @param bool $post   Whether POST is allowed.
+     * @param bool $put    Whether PUT is allowed.
+     * @param bool $delete Whether DELETE is allowed.
+     *
+     * @return bool True if saved successfully, false otherwise.
+     */
+    public function setAllowed(bool $get, bool $post, bool $put, bool $delete): bool
+    {
+        $this->allowget = $get;
+        $this->allowpost = $post;
+        $this->allowput = $put;
+        $this->allowdelete = $delete;
+
+        return $this->save();
+    }
+
     public static function tableName(): string
     {
         return 'api_access';

Core/Model/ApiKey.php

@@ -19,7 +19,9 @@
 
 namespace FacturaScripts\Core\Model;
 
+use FacturaScripts\Core\Base\DataBase\DataBaseWhere;
 use FacturaScripts\Core\Tools;
+use FacturaScripts\Dinamic\Model\ApiAccess;
 
 /**
  * ApiKey model to manage the connection tokens through the api
@@ -53,6 +55,38 @@ class ApiKey extends Base\ModelClass
     /** @var string */
     public $nick;
 
+    /**
+     * Adds a new API access entry for the given resource with the specified permissions.
+     *
+     * If the resource already exists for this API key, no changes are made.
+     *
+     * @param string $resource Resource name to grant access to.
+     * @param bool $state      Initial permission state (applied to all methods).
+     *
+     * @return bool True if created or already exists, false on failure.
+     */
+    public function addResourceAccess(string $resource, bool $state = false): bool
+    {
+        if (false !== $this->getResourceAccess($resource)) {
+            return true; // already exists
+        }
+
+        $apiAccess = new ApiAccess();
+
+        $apiAccess->idapikey = $this->id;
+        $apiAccess->resource = $resource;
+        $apiAccess->allowdelete = $state;
+        $apiAccess->allowget = $state;
+        $apiAccess->allowpost = $state;
+        $apiAccess->allowput = $state;
+
+        if (false === $apiAccess->save()) {
+            return false;
+        }
+
+        return true;
+    }
+
     public function clear()
     {
         parent::clear();
@@ -62,6 +96,31 @@ public function clear()
         $this->fullaccess = false;
     }
 
+    /**
+     * Retrieves the API access entry for the specified resource.
+     *
+     * Use addResourceAccess() first if the resource does not exist.
+     *
+     * @param string $resource Resource name to look up.
+     *
+     * @return ApiAccess|bool The ApiAccess object if found, false otherwise.
+     */
+    public function getResourceAccess(string $resource): ApiAccess|bool
+    {
+        $apiAccess = new ApiAccess();
+
+        $where = [
+            new DataBaseWhere('idapikey', $this->id),
+            new DataBaseWhere('resource', $resource)
+        ];
+
+        if ($apiAccess->loadFromCode('', $where)) {
+            return $apiAccess;
+        } else {
+            return false;
+        }
+    }
+
     public static function primaryColumn(): string
     {
         return 'id';