osb/app/Models/Policies/UserPolicy.php

49 lines
936 B
PHP
Raw Normal View History

<?php
namespace App\Models\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
2021-06-29 03:18:52 +00:00
use App\Models\User;
class UserPolicy
{
use HandlesAuthorization;
/**
* Wholesalers can do anything.
*
* @param User $uo
* @param string $ability
2024-07-05 12:56:02 +00:00
* @return null|bool
*/
2024-07-05 12:56:02 +00:00
public function before(User $uo,string $ability): bool|NULL
{
2024-07-05 12:56:02 +00:00
return $uo->isWholesaler() ?: NULL;
}
/**
* Can this user assume the role of the other user
*
* @param User $uo
* @param User $o
* @return bool
*/
public function assume(User $uo, User $o): bool
{
return $uo->isAdmin($o);
}
/**
* Determine whether the user can view the user details.
*
* @param User $uo
* @param User $o
* @return bool
*/
public function view(User $uo,User $o): bool
{
// If this is a service for an account managed by a user.
2024-07-05 12:56:02 +00:00
return ($uo->id == $o->id) || $uo->accounts_all->pluck('user_id')->contains($o->id) || $uo->isWholesaler();
}
}