Account next invoice, and authorisations

app/Models/Policies/ServicePolicy.php

@@ -0,0 +1,91 @@
+<?php
+
+namespace App\Models\Policies;
+
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+use App\Models\Service;
+use App\User;
+
+class ServicePolicy
+{
+	use HandlesAuthorization;
+
+	/**
+	 * Determine whether the user can view the service.
+	 *
+	 * @param  \App\User $user
+	 * @param Service	$o
+	 * @return mixed
+	 */
+	public function view(User $user, Service $o)
+	{
+		// If this is a service for an account managed by a user.
+		return ($user->services->pluck('id')->search($o->id))
+
+		// The user is the wholesaler
+			OR $user->isWholesaler()
+
+		// The user is the reseller
+			OR $user->all_accounts()->pluck('id')->search($o->account_id);
+	}
+
+	/**
+	 * Determine whether the user can create services.
+	 *
+	 * @param  \App\User  $user
+	 * @return mixed
+	 */
+	public function create(User $user)
+	{
+		return TRUE;
+	}
+
+	/**
+	 * Determine whether the user can update the service.
+	 *
+	 * @param  \App\User  $user
+	 * @param  Service	$o
+	 * @return mixed
+	 */
+	public function update(User $user, Service $o)
+	{
+		return $user->isWholesaler();
+	}
+
+	/**
+	 * Determine whether the user can delete the service.
+	 *
+	 * @param  \App\User  $user
+	 * @param  Service	$o
+	 * @return mixed
+	 */
+	public function delete(User $user, Service $o)
+	{
+		return $user->isWholesaler();
+	}
+
+	/**
+	 * Determine whether the user can restore the service.
+	 *
+	 * @param  \App\User  $user
+	 * @param  Service	$o
+	 * @return mixed
+	 */
+	public function restore(User $user, Service $o)
+	{
+		return $user->isWholesaler();
+	}
+
+	/**
+	 * Determine whether the user can permanently delete the service.
+	 *
+	 * @param  \App\User  $user
+	 * @param  Service	$o
+	 * @return mixed
+	 */
+	public function forceDelete(User $user, Service $o)
+	{
+		return $user->isWholesaler();
+	}
+}