Changes to Authorisation for users to edit systems, minor cosmetic fixes and more logging

app/Policies/SystemPolicy.php

@@ -13,12 +13,25 @@ class SystemPolicy
 	/**
 	 * Determine whether the user can update the model.
 	 *
+	 * A user can update a system if they are the user of it and it has no addresses.
+	 * If it has addresses, at least one of the addresses must have been validated.
+	 * (The assumption is, if a system has multiple addresses, they would be valid, or an admin can remove them.)
+	 *
 	 * @param  \App\Models\User  $user
 	 * @param  \App\Models\System  $system
 	 * @return \Illuminate\Auth\Access\Response|bool
 	 */
-	public function update(User $user, System $system)
+	public function update(User $user, System $system): bool
 	{
-		return (! $system->exists) || $system->users->contains($user) || $user->isAdmin();
+		// Site Admins can always edit
+		if ($user->isAdmin())
+			return TRUE;
+
+		// If it doesnt exist, then its a false.
+		if (! $system->exists)
+			return FALSE;
+
+		return $system->users->contains($user)
+			&& (($system->addresses->count() == 0) || ($system->addresses->where('validated',TRUE)->count()));
 	}
 }