1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-09 20:52:56 +01:00
invoiceninja/app/Policies/GenericEntityPolicy.php

140 lines
3.2 KiB
PHP
Raw Normal View History

2016-04-26 03:53:39 +02:00
<?php
namespace App\Policies;
2016-12-08 19:00:13 +01:00
use App\Models\User;
2016-04-26 03:53:39 +02:00
use Illuminate\Auth\Access\HandlesAuthorization;
2017-01-30 20:40:43 +01:00
use Illuminate\Support\Str;
use Utils;
2016-04-26 03:53:39 +02:00
/**
2017-01-30 20:40:43 +01:00
* Class GenericEntityPolicy.
*/
2016-04-26 03:53:39 +02:00
class GenericEntityPolicy
{
use HandlesAuthorization;
/**
* @param User $user
2016-12-08 19:00:13 +01:00
* @param $entityType
* @param $ownerUserId
2017-01-30 20:40:43 +01:00
*
* @return bool|mixed
*/
2017-01-30 17:05:31 +01:00
public static function editByOwner(User $user, $entityType, $ownerUserId)
{
2016-12-08 19:00:13 +01:00
$className = static::className($entityType);
if (method_exists($className, 'editByOwner')) {
return call_user_func([$className, 'editByOwner'], $user, $ownerUserId);
2016-04-26 03:53:39 +02:00
}
2016-10-27 10:57:51 +02:00
2016-04-26 03:53:39 +02:00
return false;
}
/**
* @param User $user
2016-12-08 19:00:13 +01:00
* @param $entityTypee
* @param $ownerUserId
2017-01-30 20:49:42 +01:00
* @param mixed $entityType
2017-01-30 20:40:43 +01:00
*
* @return bool|mixed
*/
2017-01-30 17:05:31 +01:00
public static function viewByOwner(User $user, $entityType, $ownerUserId)
{
2016-12-08 19:00:13 +01:00
$className = static::className($entityType);
if (method_exists($className, 'viewByOwner')) {
return call_user_func([$className, 'viewByOwner'], $user, $ownerUserId);
2016-04-26 03:53:39 +02:00
}
2016-10-27 10:57:51 +02:00
2016-04-26 03:53:39 +02:00
return false;
}
/**
* @param User $user
2016-12-08 19:00:13 +01:00
* @param $entityType
2017-01-30 20:40:43 +01:00
*
* @return bool|mixed
*/
2017-01-30 17:05:31 +01:00
public static function create(User $user, $entityType)
{
/*
2016-12-08 19:00:13 +01:00
$className = static::className($entityType);
if (method_exists($className, 'create')) {
return call_user_func([$className, 'create'], $user, $entityType);
2016-04-26 03:53:39 +02:00
}
2016-10-27 10:57:51 +02:00
2016-04-26 03:53:39 +02:00
return false;
*/
if($user->hasPermission('create_'.$entityType))
return true;
else
return false;
2016-04-26 03:53:39 +02:00
}
2016-10-27 10:57:51 +02:00
/**
* @param User $user
2016-12-08 19:00:13 +01:00
* @param $entityType
2017-01-30 20:40:43 +01:00
*
2016-10-27 10:57:51 +02:00
* @return bool|mixed
*/
2017-01-30 17:05:31 +01:00
public static function view(User $user, $entityType)
{
/*
2016-12-08 19:00:13 +01:00
$className = static::className($entityType);
if (method_exists($className, 'view')) {
return call_user_func([$className, 'view'], $user, $entityType);
2016-10-27 10:57:51 +02:00
}
return false;*/
if($user->hasPermission('view_'.$entityType))
return true;
else
return false;
2016-10-27 10:57:51 +02:00
}
/**
* @param User $user
* @param $item - entity name or object
*
* @return bool
*/
public static function edit(User $user, $item)
{
if (! static::checkModuleEnabled($user, $item))
return false;
$entityType = is_string($item) ? $item : $item->getEntityType();
return $user->hasPermission('edit_' . $entityType) || $user->owns($item);
}
/**
* @param User $user
* @param $item - entity name or object
* @return bool
*/
private static function checkModuleEnabled(User $user, $item)
{
$entityType = is_string($item) ? $item : $item->getEntityType();
return $user->account->isModuleEnabled($entityType);
}
2016-12-08 19:00:13 +01:00
private static function className($entityType)
{
2017-01-30 17:05:31 +01:00
if (! Utils::isNinjaProd()) {
2016-12-08 19:00:13 +01:00
if ($module = \Module::find($entityType)) {
return "Modules\\{$module->getName()}\\Policies\\{$module->getName()}Policy";
}
}
$studly = Str::studly($entityType);
2017-01-30 20:40:43 +01:00
2016-12-08 19:00:13 +01:00
return "App\\Policies\\{$studly}Policy";
}
2016-10-27 10:57:51 +02:00
}