1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-06 03:02:34 +01:00
invoiceninja/app/Policies/UserPolicy.php

53 lines
1.0 KiB
PHP
Raw Normal View History

2019-04-27 11:20:03 +02:00
<?php
2019-05-11 05:32:07 +02:00
/**
* Invoice Ninja (https://invoiceninja.com)
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2019. Invoice Ninja LLC (https://invoiceninja.com)
*
* @license https://opensource.org/licenses/AAL
*/
2019-04-27 11:20:03 +02:00
namespace App\Policies;
use App\Models\Client;
2019-06-12 01:38:16 +02:00
use App\Models\CompanyUser;
2019-04-27 11:20:03 +02:00
use App\Models\User;
/**
* Class UserPolicy
* @package App\Policies
*/
class UserPolicy extends EntityPolicy
{
/**
* Checks if the user has create permissions
*
* @param User $user
* @return bool
*/
public function create(User $user) : bool
{
2019-06-12 01:24:42 +02:00
2019-04-27 11:20:03 +02:00
return $user->isAdmin() || $user->hasPermission('create_user');
2019-06-12 01:38:16 +02:00
2019-04-27 11:20:03 +02:00
}
2019-06-12 01:38:16 +02:00
/*
*
* We need to override as User does not have the company_id property!!!!!
*
* We use the CompanyUser table as a proxy
*/
2019-06-12 01:24:42 +02:00
public function edit(User $user, $user_entity) : bool
{
2019-06-12 01:38:16 +02:00
$company_user = CompanyUser::whereUserId($user_entity->id)->whereCompanyId($user->companyId())->first();
2019-06-12 01:38:16 +02:00
return ($user->isAdmin() && $company_user);
}
2019-04-27 11:20:03 +02:00
}