clrghouz/app/Policies/SystemPolicy.php

53 lines
1.3 KiB
PHP

<?php
namespace App\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
use App\Models\{System,User};
class SystemPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can create the model.
*
* A user can create a system if it doesnt exist.
*
* @param User $user
* @param System $system
* @return bool
*/
public function create(User $user, System $system): bool
{
// Site Admins can always create
// If it doesnt exist, then a user can create it.
return ($user->isAdmin() || (! $system->exists));
}
/**
* Determine whether the user can update the model.
*
* A user can update a system if they are the user of it and it has no addresses.
* If it has addresses, at least one of the addresses must have been validated.
* (The assumption is, if a system has multiple addresses, they would be valid, or an admin can remove them.)
*
* @param User $user
* @param System $system
* @return bool
*/
public function update(User $user, System $system): bool
{
// Site Admins can always edit
if ($user->isAdmin())
return TRUE;
// If it doesnt exist, then its a false.
if (! $system->exists)
return FALSE;
return $system->users->contains($user)
&& (($system->addresses->count() == 0) || ($system->addresses->where('validated',TRUE)->count()));
}
}