clrghouz/app/Policies/SystemPolicy.php

37 lines
1002 B
PHP
Raw Normal View History

<?php
namespace App\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
use App\Models\{System,User};
class SystemPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can update the model.
*
* A user can update a system if they are the user of it and it has no addresses.
* If it has addresses, at least one of the addresses must have been validated.
* (The assumption is, if a system has multiple addresses, they would be valid, or an admin can remove them.)
*
* @param \App\Models\User $user
* @param \App\Models\System $system
* @return \Illuminate\Auth\Access\Response|bool
*/
public function update(User $user, System $system): bool
{
// Site Admins can always edit
if ($user->isAdmin())
return TRUE;
// If it doesnt exist, then its a false.
if (! $system->exists)
return FALSE;
return $system->users->contains($user)
&& (($system->addresses->count() == 0) || ($system->addresses->where('validated',TRUE)->count()));
}
}