osb/app/Models/Policies/UserPolicy.php

52 lines
978 B
PHP
Raw Normal View History

<?php
namespace App\Models\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
2021-06-29 03:18:52 +00:00
use App\Models\User;
class UserPolicy
{
use HandlesAuthorization;
/**
* Wholesalers can do anything.
*
* @param User $uo
* @param string $ability
* @return bool|null
*/
public function before(User $uo,string $ability): bool
{
return $uo->isWholesaler() ?: FALSE;
}
/**
* Can this user assume the role of the other user
*
* @param User $uo
* @param User $o
* @return bool
*/
public function assume(User $uo, User $o): bool
{
return $uo->isAdmin($o);
}
/**
* Determine whether the user can view the user details.
*
* @param User $uo
* @param User $o
* @return bool
*/
public function view(User $uo,User $o): bool
{
// If this is a service for an account managed by a user.
return ($uo->id == $o->id)
// The user has this as one of their accounts
OR $uo->accounts->pluck('user')->pluck('id')->unique()->contains($o->id);
}
}