Change ScopeServiceUserAuthorised to ScopeAccountUserAuthorised. Scope payments to AccountUserAuthorised, and added PaymentPolicy
This commit is contained in:
@@ -274,7 +274,7 @@ class ServiceController extends Controller
|
||||
public function domain_list(): View
|
||||
{
|
||||
$o = Service\Domain::ServiceActive()
|
||||
->serviceUserAuthorised(Auth::user())
|
||||
->AccountUserAuthorised('services')
|
||||
->select('service_domain.*')
|
||||
->join('services',['services.id'=>'service_domain.service_id'])
|
||||
->with(['service.account','registrar'])
|
||||
@@ -287,7 +287,7 @@ class ServiceController extends Controller
|
||||
public function email_list(): View
|
||||
{
|
||||
$o = Service\Email::ServiceActive()
|
||||
->serviceUserAuthorised(Auth::user())
|
||||
->AccountUserAuthorised('services')
|
||||
->select('service_email.*')
|
||||
->join('services',['services.id'=>'service_email.service_id'])
|
||||
->with(['service.account','service.product.type.supplied.supplier_detail.supplier','tld'])
|
||||
@@ -313,7 +313,7 @@ class ServiceController extends Controller
|
||||
public function hosting_list(): View
|
||||
{
|
||||
$o = Service\Host::ServiceActive()
|
||||
->serviceUserAuthorised(Auth::user())
|
||||
->AccountUserAuthorised('services')
|
||||
->select('service_host.*')
|
||||
->join('services',['services.id'=>'service_host.service_id'])
|
||||
->with(['service.account','service.product.type.supplied.supplier_detail.supplier','tld'])
|
||||
|
||||
@@ -15,7 +15,9 @@ class ServiceChangeRequest extends FormRequest
|
||||
*/
|
||||
public function authorize()
|
||||
{
|
||||
return $this->route('o')->serviceUserAuthorised(Auth::user());
|
||||
return $this
|
||||
->route('o')
|
||||
->AccountUserAuthorised();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -7,7 +7,7 @@ use Illuminate\Support\Facades\DB;
|
||||
use Leenooks\Traits\ScopeActive;
|
||||
|
||||
use App\Interfaces\IDs;
|
||||
use App\Traits\{ProviderRef,PushNew,SiteID};
|
||||
use App\Traits\{ProviderRef,PushNew,ScopeAccountUserAuthorised,SiteID};
|
||||
|
||||
/**
|
||||
* Class Payment
|
||||
@@ -24,7 +24,7 @@ use App\Traits\{ProviderRef,PushNew,SiteID};
|
||||
*/
|
||||
class Payment extends Model implements IDs
|
||||
{
|
||||
use PushNew,ScopeActive,ProviderRef,SiteID;
|
||||
use ProviderRef,PushNew,ScopeActive,ScopeAccountUserAuthorised,SiteID;
|
||||
|
||||
protected $casts = [
|
||||
'paid_at'=>'datetime:Y-m-d',
|
||||
|
||||
83
app/Models/Policies/PaymentPolicy.php
Normal file
83
app/Models/Policies/PaymentPolicy.php
Normal file
@@ -0,0 +1,83 @@
|
||||
<?php
|
||||
|
||||
namespace App\Models\Policies;
|
||||
|
||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||
|
||||
use App\Models\{Payment,User};
|
||||
|
||||
class PaymentPolicy
|
||||
{
|
||||
use HandlesAuthorization;
|
||||
|
||||
/**
|
||||
* Determine whether the user can view the payment.
|
||||
*
|
||||
* @param User $uo
|
||||
* @param Payment $o
|
||||
* @return bool
|
||||
*/
|
||||
public function view(User $uo,Payment $o): bool
|
||||
{
|
||||
return $uo->accounts_all->pluck('id')->contains($o->account_id) || $uo->isWholesaler();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can create services.
|
||||
*
|
||||
* @param User $uo
|
||||
* @return bool
|
||||
*/
|
||||
public function create(User $uo): bool
|
||||
{
|
||||
return $uo->isWholesaler();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the service.
|
||||
*
|
||||
* @param User $uo
|
||||
* @param Payment $o
|
||||
* @return bool
|
||||
*/
|
||||
public function update(User $uo,Payment $o): bool
|
||||
{
|
||||
return $uo->isWholesaler();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can delete the service.
|
||||
*
|
||||
* @param User $uo
|
||||
* @param Payment $o
|
||||
* @return bool
|
||||
*/
|
||||
public function delete(User $uo,Payment $o): bool
|
||||
{
|
||||
return $uo->isWholesaler();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can restore the service.
|
||||
*
|
||||
* @param User $uo
|
||||
* @param Payment $o
|
||||
* @return bool
|
||||
*/
|
||||
public function restore(User $uo,Payment $o): bool
|
||||
{
|
||||
return $uo->isWholesaler();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can permanently delete the service.
|
||||
*
|
||||
* @param User $uo
|
||||
* @param Payment $o
|
||||
* @return bool
|
||||
*/
|
||||
public function forceDelete(User $uo,Payment $o): bool
|
||||
{
|
||||
return $uo->isWholesaler();
|
||||
}
|
||||
}
|
||||
@@ -16,7 +16,7 @@ use Leenooks\Casts\LeenooksCarbon;
|
||||
|
||||
use App\Models\Product\Type;
|
||||
use App\Interfaces\IDs;
|
||||
use App\Traits\{ScopeServiceActive,ScopeServiceUserAuthorised};
|
||||
use App\Traits\{ScopeAccountUserAuthorised,ScopeServiceActive};
|
||||
|
||||
/**
|
||||
* Class Service
|
||||
@@ -52,7 +52,7 @@ use App\Traits\{ScopeServiceActive,ScopeServiceUserAuthorised};
|
||||
*/
|
||||
class Service extends Model implements IDs
|
||||
{
|
||||
use HasFactory,ScopeServiceActive,ScopeServiceUserAuthorised;
|
||||
use HasFactory,ScopeAccountUserAuthorised,ScopeServiceActive;
|
||||
|
||||
protected $casts = [
|
||||
'order_info' => AsCollection::class,
|
||||
@@ -280,7 +280,7 @@ class Service extends Model implements IDs
|
||||
{
|
||||
return (new self)
|
||||
->ServiceActive()
|
||||
->ServiceUserAuthorised($uo)
|
||||
->AccountUserAuthorised(NULL,$uo)
|
||||
->where('order_status','!=','ACTIVE')
|
||||
->with(['account','product'])
|
||||
->get();
|
||||
|
||||
@@ -9,11 +9,11 @@ use Leenooks\Carbon as LeenooksCarbon;
|
||||
use App\Interfaces\ServiceItem;
|
||||
use App\Models\{Account,Service};
|
||||
use App\Models\Supplier\Type as SupplierType;
|
||||
use App\Traits\{ScopeServiceActive,ScopeServiceUserAuthorised};
|
||||
use App\Traits\{ScopeAccountUserAuthorised,ScopeServiceActive};
|
||||
|
||||
abstract class Type extends Model implements ServiceItem
|
||||
{
|
||||
use ScopeServiceActive,ScopeServiceUserAuthorised;
|
||||
use ScopeAccountUserAuthorised,ScopeServiceActive;
|
||||
|
||||
protected $casts = [
|
||||
'connect_at' => 'datetime:Y-m-d',
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
namespace App\Providers;
|
||||
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Intuit\Traits\IntuitSocialite;
|
||||
|
||||
@@ -31,5 +32,8 @@ class AppServiceProvider extends ServiceProvider
|
||||
});
|
||||
|
||||
$this->bootIntuitSocialite();
|
||||
|
||||
Route::model('co',\App\Models\Checkout::class);
|
||||
Route::model('po',\App\Models\Payment::class);
|
||||
}
|
||||
}
|
||||
29
app/Traits/ScopeAccountUserAuthorised.php
Normal file
29
app/Traits/ScopeAccountUserAuthorised.php
Normal file
@@ -0,0 +1,29 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Add a ScopeAuthorised to an Eloquent Model
|
||||
* This will help limit the scope of accounts that a user can see.
|
||||
*/
|
||||
namespace App\Traits;
|
||||
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
use App\Models\User;
|
||||
|
||||
trait ScopeAccountUserAuthorised
|
||||
{
|
||||
/**
|
||||
* Only query records that the user is authorised to see
|
||||
*/
|
||||
public function scopeAccountUserAuthorised($query,string $table=NULL,User $uo=NULL)
|
||||
{
|
||||
if (! $uo)
|
||||
$uo = Auth::user();
|
||||
|
||||
if (! $table)
|
||||
$table = $this->getTable();
|
||||
|
||||
return $query
|
||||
->whereIN($table.'.account_id',$uo->accounts_all->pluck('id'));
|
||||
}
|
||||
}
|
||||
@@ -1,21 +0,0 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Add a ScopeAuthorised to an Eloquent Model
|
||||
* This will help limit the scope of accounts that a user can see.
|
||||
*/
|
||||
namespace App\Traits;
|
||||
|
||||
use App\Models\User;
|
||||
|
||||
trait ScopeServiceUserAuthorised
|
||||
{
|
||||
/**
|
||||
* Only query records that the user is authorised to see
|
||||
*/
|
||||
public function scopeServiceUserAuthorised($query,User $uo)
|
||||
{
|
||||
return $query
|
||||
->whereIN('services.account_id',$uo->accounts_all->pluck('id'));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user