deon/osb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Model Policies from matching user_id's and account_id's, and other minor cosmetic fixes

Browse Source
This commit is contained in:
Deon George
2021-09-29 16:20:22 +10:00
parent f7439172b6
commit 4243da9c32
14 changed files with 173 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Models/AccountOauth.php
View File

@@ -39,7 +39,7 @@ class AccountOauth extends Model
/**
* Get a link token to use when validating account.
*/
public function getLinkTokenAttribute()
public function getLinkTokenAttribute(): string
{
return strtoupper(substr(md5($this->id.$this->date_last),0,8));
}

64
app/Models/Policies/AccountPolicy.php
View File

@@ -13,29 +13,29 @@ class AccountPolicy
/**
* Determine whether the user can view the service.
*
* @param User $user
* @param Account $o
* @return mixed
* @param User $uo
* @param Account $ao
* @return bool
*/
public function view(User $user, Account $o)
public function view(User $uo,Account $ao): bool
{
// If this is a service for an account managed by a user.
return ($user->accounts->pluck('id')->search($o->id) !== FALSE)
return ($uo->accounts->pluck('id')->search($ao->id) !== FALSE)
// The user is the wholesaler
OR $user->isWholesaler()
// The user is the wholesaler
OR $uo->isWholesaler()
// The user is the reseller
OR $user->all_accounts()->pluck('id')->search($o->id);
// The user is the reseller
OR ($uo->all_accounts()->pluck('id')->search($ao->id) !== FALSE);
}
/**
* Determine whether the user can create services.
*
* @param User $user
* @return mixed
* @param User $uo
* @return bool
*/
public function create(User $user)
public function create(User $uo): bool
{
return TRUE;
}
@@ -43,48 +43,48 @@ class AccountPolicy
/**
* Determine whether the user can update the service.
*
* @param User $user
* @param Account $o
* @return mixed
* @param User $uo
* @param Account $ao
* @return bool
*/
public function update(User $user, Account $o)
public function update(User $uo,Account $ao): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can delete the service.
*
* @param User $user
* @param Account $o
* @return mixed
* @param User $uo
* @param Account $ao
* @return bool
*/
public function delete(User $user, Account $o)
public function delete(User $uo,Account $ao): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can restore the service.
*
* @param User $user
* @param Account $o
* @return mixed
* @param User $uo
* @param Account $ao
* @return bool
*/
public function restore(User $user, Account $o)
public function restore(User $uo,Account $ao): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can permanently delete the service.
*
* @param User $user
* @param Account $o
* @return mixed
* @param User $uo
* @param Account $ao
* @return bool
*/
public function forceDelete(User $user, Account $o)
public function forceDelete(User $uo,Account $ao): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
}

66
app/Models/Policies/InvoicePolicy.php
View File

@@ -13,78 +13,78 @@ class InvoicePolicy
/**
* Determine whether the user can view the service.
*
* @param User $user
* @param Invoice $o
* @return mixed
* @param User $uo
* @param Invoice $io
* @return bool
*/
public function view(User $user, Invoice $o)
public function view(User $uo,Invoice $io): bool
{
// If this is a service for an account managed by a user.
return ($user->invoices->pluck('id')->search($o->id) !== FALSE)
return ($uo->invoices->pluck('id')->search($io->id) !== FALSE)
// The user is the wholesaler
OR $user->isWholesaler()
// The user is the wholesaler
OR $uo->isWholesaler()
// The user is the reseller
OR $user->all_accounts()->pluck('id')->search($o->account_id);
// The user is the reseller
OR ($uo->all_accounts()->pluck('id')->search($io->account_id) !== FALSE);
}
/**
* Determine whether the user can create services.
*
* @param User $user
* @return mixed
* @param User $uo
* @return bool
*/
public function create(User $user)
public function create(User $uo): bool
{
return TRUE;
return $uo->isWholesaler();
}
/**
* Determine whether the user can update the service.
*
* @param User $user
* @param Invoice $o
* @return mixed
* @param User $uo
* @param Invoice $io
* @return bool
*/
public function update(User $user, Invoice $o)
public function update(User $uo,Invoice $io): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can delete the service.
*
* @param User $user
* @param Invoice $o
* @return mixed
* @param User $uo
* @param Invoice $io
* @return bool
*/
public function delete(User $user, Invoice $o)
public function delete(User $uo,Invoice $io): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can restore the service.
*
* @param User $user
* @param Invoice $o
* @return mixed
* @param User $uo
* @param Invoice $io
* @return bool
*/
public function restore(User $user, Invoice $o)
public function restore(User $uo,Invoice $io): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can permanently delete the service.
*
* @param User $user
* @param Invoice $o
* @return mixed
* @param User $uo
* @param Invoice $io
* @return bool
*/
public function forceDelete(User $user, Invoice $o)
public function forceDelete(User $uo,Invoice $io): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
}

70
app/Models/Policies/ServicePolicy.php
View File

@@ -13,29 +13,29 @@ class ServicePolicy
/**
* Determine whether the user can view the service.
*
* @param User $user
* @param Service $o
* @return mixed
* @param User $uo
* @param Service $so
* @return bool
*/
public function view(User $user, Service $o)
public function view(User $uo, Service $so): bool
{
// If this is a service for an account managed by a user.
return ($user->services->pluck('id')->search($o->id) !== FALSE)
return ($uo->services->pluck('id')->search($so->id) !== FALSE)
// The user is the wholesaler
OR $user->isWholesaler()
OR $uo->isWholesaler()
// The user is the reseller
OR $user->all_accounts()->pluck('id')->search($o->account_id);
OR ($uo->all_accounts()->pluck('id')->search($so->account_id) !== FALSE);
}
/**
* Determine whether the user can create services.
*
* @param User $user
* @return mixed
* @param User $uo
* @return bool
*/
public function create(User $user)
public function create(User $uo): bool
{
return TRUE;
}
@@ -43,61 +43,61 @@ class ServicePolicy
/**
* Can the user progress an order status
*
* @param User $user
* @param Service $o
* @param string $next
* @param User $uo
* @param Service $so
* @param string $stage
* @return bool
*/
public function progress(User $user, Service $o,string $next)
public function progress(User $uo,Service $so,string $stage): bool
{
return $o->actions()->has($next);
return $so->actions()->has($stage);
}
/**
* Determine whether the user can update the service.
*
* @param User $user
* @param Service $o
* @return mixed
* @param User $uo
* @param Service $so
* @return bool
*/
public function update(User $user, Service $o)
public function update(User $uo, Service $so): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can delete the service.
*
* @param User $user
* @param Service $o
* @return mixed
* @param User $uo
* @param Service $so
* @return bool
*/
public function delete(User $user, Service $o)
public function delete(User $uo, Service $so): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can restore the service.
*
* @param User $user
* @param Service $o
* @return mixed
* @param User $uo
* @param Service $so
* @return bool
*/
public function restore(User $user, Service $o)
public function restore(User $uo, Service $so): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
/**
* Determine whether the user can permanently delete the service.
*
* @param User $user
* @param Service $o
* @return mixed
* @param User $uo
* @param Service $so
* @return bool
*/
public function forceDelete(User $user, Service $o)
public function forceDelete(User $uo, Service $so): bool
{
return $user->isWholesaler();
return $uo->isWholesaler();
}
}

54
app/Models/Policies/UserPolicy.php
View File

@@ -1,6 +1,6 @@
<?php
namespace App\Policies;
namespace App\Models\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
@@ -13,78 +13,78 @@ class UserPolicy
/**
* Determine whether the user can view the service.
*
* @param User $user
* @param User $uo
* @param User $o
* @return mixed
* @return bool
*/
public function view(User $user, User $o)
public function view(User $uo,User $o): bool
{
// If this is a service for an account managed by a user.
return ($user->id == $o->id)
return ($uo->id == $o->id)
// The user is the wholesaler
OR $user->isWholesaler()
OR $uo->isWholesaler()
// The user is the reseller
OR $user->all_clients()->pluck('id')->search($o->id);
OR ($uo->all_clients()->pluck('id')->search($o->id) !== FALSE);
}
/**
* Determine whether the user can create services.
*
* @param User $user
* @return mixed
* @param User $uo
* @return bool
*/
public function create(User $user)
public function create(User $uo): bool
{
//
return $uo->isWholesaler();
}
/**
* Determine whether the user can update the service.
*
* @param User $user
* @param User $uo
* @param User $o
* @return mixed
* @return bool
*/
public function update(User $user, User $o)
public function update(User $uo, User $o): bool
{
//
return $uo->isWholesaler();
}
/**
* Determine whether the user can delete the service.
*
* @param User $user
* @param User $uo
* @param User $o
* @return mixed
* @return bool
*/
public function delete(User $user, User $o)
public function delete(User $uo, User $o): bool
{
//
return $uo->isWholesaler();
}
/**
* Determine whether the user can restore the service.
*
* @param User $user
* @param User $uo
* @param User $o
* @return mixed
* @return bool
*/
public function restore(User $user, User $o)
public function restore(User $uo, User $o): bool
{
//
return $uo->isWholesaler();
}
/**
* Determine whether the user can permanently delete the service.
*
* @param User $user
* @param User $uo
* @param User $o
* @return mixed
* @return bool
*/
public function forceDelete(User $user, User $o)
public function forceDelete(User $uo, User $o): bool
{
//
return $uo->isWholesaler();
}
}

4
app/Models/User.php
View File

@@ -330,14 +330,14 @@ class User extends Authenticatable
/* GENERAL METHODS */
/**
* Determine if the user is an admin of the account with $id
* Determine if the user is an admin of the user with $id
*
* @param $id
* @return bool
*/
public function isAdmin($id): bool
{
return $id AND $this->isReseller() AND in_array($id,$this->all_accounts()->pluck('id')->toArray());
return $id AND $this->isReseller() AND in_array($id,$this->all_accounts()->pluck('user_id')->toArray());
}
/**