<?php namespace App\Policies; use Illuminate\Auth\Access\HandlesAuthorization; use App\Models\{System,User}; class SystemPolicy { use HandlesAuthorization; /** * Determine whether the user can create the model. * * A user can create a system if it doesnt exist. * * @param User $user * @param System $system * @return bool */ public function create(User $user, System $system): bool { // Site Admins can always create // If it doesnt exist, then a user can create it. return ($user->isAdmin() || (! $system->exists)); } /** * Determine whether the user can update the model. * * A user can update a system if they are the user of it and it has no addresses. * If it has addresses, at least one of the addresses must have been validated. * (The assumption is, if a system has multiple addresses, they would be valid, or an admin can remove them.) * * @param User $user * @param System $system * @return bool */ public function update(User $user, System $system): bool { // Site Admins can always edit if ($user->isAdmin()) return TRUE; // If it doesnt exist, then its a false. if (! $system->exists) return FALSE; return $system->users->contains($user) && (($system->addresses->count() == 0) || ($system->addresses->where('validated',TRUE)->count())); } }