More updates for laravel 11
This commit is contained in:
81
app/Models/Policies/SystemPolicy.php
Normal file
81
app/Models/Policies/SystemPolicy.php
Normal file
@@ -0,0 +1,81 @@
|
||||
<?php
|
||||
|
||||
namespace App\Models\Policies;
|
||||
|
||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||
|
||||
use App\Models\{System,User};
|
||||
|
||||
/**
|
||||
* This handles updating system records
|
||||
*
|
||||
* Authorisation is defined by function_role_only, where
|
||||
* - function = create,delete,update
|
||||
* - role = admin,zc,rc,nc,hc,nn,pt
|
||||
* - only = only that role can do (no hierarchy permission)
|
||||
* ie:
|
||||
* - admin - only site admin can do (user = admin)
|
||||
* - zc - only ZC can perform (user has an address that is a ZC)
|
||||
* - rc - only RC (or ZC) ...
|
||||
* - hc - only HC (or ZC/RC) ...
|
||||
* - nn - only NN (or ZC/RC/HC) ...
|
||||
* - pt - only PT (or ZC/RC/HC/NN) ...
|
||||
*/
|
||||
class SystemPolicy
|
||||
{
|
||||
use HandlesAuthorization;
|
||||
|
||||
/**
|
||||
* Determine whether the user can create the model.
|
||||
*
|
||||
* A user can create a system if it doesnt exist.
|
||||
*
|
||||
* @param User $user
|
||||
* @param System $system
|
||||
* @return bool
|
||||
*/
|
||||
public function create(User $user, System $system): bool
|
||||
{
|
||||
// Site Admins can always create
|
||||
// If it doesnt exist, then a user can create it.
|
||||
return ($user->isAdmin() || (! $system->exists));
|
||||
}
|
||||
|
||||
/**
|
||||
* Can the user register this system
|
||||
*
|
||||
* @param User $user
|
||||
* @param System $system
|
||||
* @return bool
|
||||
*/
|
||||
public function register(User $user,System $system): bool
|
||||
{
|
||||
return ! $system->users->count() || $system->users->has($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*
|
||||
* A user can update a system if they are the user of it and it has no addresses.
|
||||
* If it has addresses, at least one of the addresses must have been validated.
|
||||
* (The assumption is, if a system has multiple addresses, they would be valid, or an admin can remove them.)
|
||||
*
|
||||
* @param User $user
|
||||
* @param System $system
|
||||
* @return bool
|
||||
*/
|
||||
public function update_nn(User $user,System $system): bool
|
||||
{
|
||||
// Site Admins can always edit
|
||||
if ($user->isAdmin())
|
||||
return TRUE;
|
||||
|
||||
// If it doesnt exist, then its a false.
|
||||
if (! $system->exists)
|
||||
return FALSE;
|
||||
|
||||
// @todo Permit ZC, RC, NC, HUB user
|
||||
|
||||
return $system->users->contains($user) && $system->akas->count();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user