2016-04-23 17:52:36 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Policies;
|
|
|
|
|
2016-07-03 18:11:58 +02:00
|
|
|
use App\Models\User;
|
2016-04-23 17:52:36 +02:00
|
|
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
|
|
|
|
2016-07-03 18:11:58 +02:00
|
|
|
/**
|
|
|
|
* Class EntityPolicy
|
|
|
|
*/
|
2016-04-26 03:53:39 +02:00
|
|
|
class EntityPolicy
|
2016-04-23 17:52:36 +02:00
|
|
|
{
|
|
|
|
use HandlesAuthorization;
|
2016-07-03 18:11:58 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param User $user
|
|
|
|
* @return bool
|
|
|
|
*/
|
2016-10-27 10:57:51 +02:00
|
|
|
public static function create(User $user, $item) {
|
|
|
|
if ( ! static::checkModuleEnabled($user, $item)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2016-04-26 03:53:39 +02:00
|
|
|
return $user->hasPermission('create_all');
|
2016-04-23 17:52:36 +02:00
|
|
|
}
|
2016-07-03 18:11:58 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param User $user
|
|
|
|
* @param $item
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public static function edit(User $user, $item) {
|
2016-10-27 10:57:51 +02:00
|
|
|
if ( ! static::checkModuleEnabled($user, $item)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2016-04-26 03:53:39 +02:00
|
|
|
return $user->hasPermission('edit_all') || $user->owns($item);
|
2016-04-23 17:52:36 +02:00
|
|
|
}
|
2016-07-03 18:11:58 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param User $user
|
|
|
|
* @param $item
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public static function view(User $user, $item) {
|
2016-10-27 10:57:51 +02:00
|
|
|
if ( ! static::checkModuleEnabled($user, $item)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2016-04-26 03:53:39 +02:00
|
|
|
return $user->hasPermission('view_all') || $user->owns($item);
|
|
|
|
}
|
2016-07-03 18:11:58 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param User $user
|
|
|
|
* @param $ownerUserId
|
|
|
|
* @return bool
|
|
|
|
*/
|
2016-08-02 16:38:51 +02:00
|
|
|
public static function viewByOwner(User $user, $ownerUserId) {
|
2016-04-26 03:53:39 +02:00
|
|
|
return $user->hasPermission('view_all') || $user->id == $ownerUserId;
|
|
|
|
}
|
2016-07-03 18:11:58 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param User $user
|
|
|
|
* @param $ownerUserId
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public static function editByOwner(User $user, $ownerUserId) {
|
2016-04-26 03:53:39 +02:00
|
|
|
return $user->hasPermission('edit_all') || $user->id == $ownerUserId;
|
2016-04-23 17:52:36 +02:00
|
|
|
}
|
2016-10-27 10:57:51 +02:00
|
|
|
|
|
|
|
private static function checkModuleEnabled(User $user, $item)
|
|
|
|
{
|
|
|
|
$entityType = is_string($item) ? $item : $item->getEntityType();
|
2016-12-08 19:00:13 +01:00
|
|
|
|
2016-10-27 10:57:51 +02:00
|
|
|
return $user->account->isModuleEnabled($entityType);
|
|
|
|
}
|
2016-07-07 10:44:15 +02:00
|
|
|
}
|