invoiceninja/app/Policies/EntityPolicy.php

<?php

namespace App\Policies;

use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

/**
 * Class EntityPolicy.
 */
class EntityPolicy
{
    use HandlesAuthorization;

    /**
     * @param User  $user
     * @param mixed $item
     *
     * @return bool
     */
    public static function create(User $user, $item)
    {
        if (! static::checkModuleEnabled($user, $item)) {
            return false;
        }

        return $user->hasPermission('create_all');
    }

    /**
     * @param User $user
     * @param $item
     *
     * @return bool
     */
    public static function edit(User $user, $item)
    {
        if (! static::checkModuleEnabled($user, $item)) {
            return false;
        }

        return $user->hasPermission('edit_all') || $user->owns($item);
    }

    /**
     * @param User $user
     * @param $item
     *
     * @return bool
     */
    public static function view(User $user, $item)
    {
        if (! static::checkModuleEnabled($user, $item)) {
            return false;
        }

        return $user->hasPermission('view_all') || $user->owns($item);
    }

    /**
     * @param User $user
     * @param $ownerUserId
     *
     * @return bool
     */
    public static function viewByOwner(User $user, $ownerUserId)
    {
        return $user->hasPermission('view_all') || $user->id == $ownerUserId;
    }

    /**
     * @param User $user
     * @param $ownerUserId
     *
     * @return bool
     */
    public static function editByOwner(User $user, $ownerUserId)
    {
        return $user->hasPermission('edit_all') || $user->id == $ownerUserId;
    }

    private static function checkModuleEnabled(User $user, $item)
    {
        $entityType = is_string($item) ? $item : $item->getEntityType();
        
        return $user->account->isModuleEnabled($entityType);
    }
}
Begin adding authorization policies 2016-04-23 17:52:36 +02:00			`<?php`

			`namespace App\Policies;`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`use App\Models\User;`
Begin adding authorization policies 2016-04-23 17:52:36 +02:00			`use Illuminate\Auth\Access\HandlesAuthorization;`

Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`/**`
php-cs-fixer cleanup 2017-01-30 20:40:43 +01:00			`* Class EntityPolicy.`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`*/`
Finish migrating to Laravel ACL 2016-04-26 03:53:39 +02:00			`class EntityPolicy`
Begin adding authorization policies 2016-04-23 17:52:36 +02:00			`{`
			`use HandlesAuthorization;`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
php-cs-fixer 2017-01-30 20:49:42 +01:00			`* @param User $user`
			`* @param mixed $item`
php-cs-fixer cleanup 2017-01-30 20:40:43 +01:00			`*`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`* @return bool`
			`*/`
php-cs-fixer clean up 2017-01-30 17:05:31 +01:00			`public static function create(User $user, $item)`
			`{`
			`if (! static::checkModuleEnabled($user, $item)) {`
Add ability to enable\disable modules 2016-10-27 10:57:51 +02:00			`return false;`
			`}`

Finish migrating to Laravel ACL 2016-04-26 03:53:39 +02:00			`return $user->hasPermission('create_all');`
Begin adding authorization policies 2016-04-23 17:52:36 +02:00			`}`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
			`* @param User $user`
			`* @param $item`
			`*`
			`* @return bool`
			`*/`
php-cs-fixer clean up 2017-01-30 17:05:31 +01:00			`public static function edit(User $user, $item)`
			`{`
			`if (! static::checkModuleEnabled($user, $item)) {`
Add ability to enable\disable modules 2016-10-27 10:57:51 +02:00			`return false;`
			`}`

Finish migrating to Laravel ACL 2016-04-26 03:53:39 +02:00			`return $user->hasPermission('edit_all') \|\| $user->owns($item);`
Begin adding authorization policies 2016-04-23 17:52:36 +02:00			`}`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
			`* @param User $user`
			`* @param $item`
			`*`
			`* @return bool`
			`*/`
php-cs-fixer clean up 2017-01-30 17:05:31 +01:00			`public static function view(User $user, $item)`
			`{`
			`if (! static::checkModuleEnabled($user, $item)) {`
Add ability to enable\disable modules 2016-10-27 10:57:51 +02:00			`return false;`
			`}`

Finish migrating to Laravel ACL 2016-04-26 03:53:39 +02:00			`return $user->hasPermission('view_all') \|\| $user->owns($item);`
			`}`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
			`* @param User $user`
			`* @param $ownerUserId`
php-cs-fixer cleanup 2017-01-30 20:40:43 +01:00			`*`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`* @return bool`
			`*/`
php-cs-fixer clean up 2017-01-30 17:05:31 +01:00			`public static function viewByOwner(User $user, $ownerUserId)`
			`{`
Finish migrating to Laravel ACL 2016-04-26 03:53:39 +02:00			`return $user->hasPermission('view_all') \|\| $user->id == $ownerUserId;`
			`}`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00
			`/**`
			`* @param User $user`
			`* @param $ownerUserId`
php-cs-fixer cleanup 2017-01-30 20:40:43 +01:00			`*`
Code Refactoring - Removed unused uses - Type hinting for method parameters - Removed commented code - Introduced comments for classes and methods - Short array syntax 2016-07-03 18:11:58 +02:00			`* @return bool`
			`*/`
php-cs-fixer clean up 2017-01-30 17:05:31 +01:00			`public static function editByOwner(User $user, $ownerUserId)`
			`{`
Finish migrating to Laravel ACL 2016-04-26 03:53:39 +02:00			`return $user->hasPermission('edit_all') \|\| $user->id == $ownerUserId;`
Begin adding authorization policies 2016-04-23 17:52:36 +02:00			`}`
Add ability to enable\disable modules 2016-10-27 10:57:51 +02:00
			`private static function checkModuleEnabled(User $user, $item)`
			`{`
			`$entityType = is_string($item) ? $item : $item->getEntityType();`
Working on module CRUD 2016-12-08 19:00:13 +01:00
Add ability to enable\disable modules 2016-10-27 10:57:51 +02:00			`return $user->account->isModuleEnabled($entityType);`
			`}`
Working on expense category permissions 2016-07-07 10:44:15 +02:00			`}`