From f42fe979028dc931b87326519e4b9acfbebc2a9a Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 25 Apr 2024 16:08:09 +1000 Subject: [PATCH] Add user policy to manage user security --- app/Policies/UserPolicy.php | 87 +++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 app/Policies/UserPolicy.php diff --git a/app/Policies/UserPolicy.php b/app/Policies/UserPolicy.php new file mode 100644 index 0000000..f466baa --- /dev/null +++ b/app/Policies/UserPolicy.php @@ -0,0 +1,87 @@ +isAdmin(); + } + + /** + * Does this user own the model? + * + * @param User $user + * @param User $model + * @return bool + */ + public function ownes(User $user,User $model): bool + { + return $user->id === $model->id; + } + + /** + * Determine whether the user can view any models. + */ + public function viewAny(User $user): bool + { + return FALSE; + } + + /** + * Determine whether the user can view the model. + */ + public function view(User $user, User $model): bool + { + return FALSE; + } + + /** + * Determine whether the user can create models. + */ + public function create(User $user): bool + { + return FALSE; + } + + /** + * Determine whether the user can update the model, or if the user is an admin, and thus they can update all users. + */ + public function update(User $user, User $model): bool + { + return $user->isAdmin() || ($model->id === $user->id); + } + + /** + * Determine whether the user can delete the model. + */ + public function delete(User $user, User $model): bool + { + return FALSE; + } + + /** + * Determine whether the user can restore the model. + */ + public function restore(User $user, User $model): bool + { + return FALSE; + } + + /** + * Determine whether the user can permanently delete the model. + */ + public function forceDelete(User $user, User $model): bool + { + return FALSE; + } +} \ No newline at end of file