2020-02-07 07:11:02 +09:00
|
|
|
<?php
|
|
|
|
|
2021-09-29 16:20:22 +10:00
|
|
|
namespace App\Models\Policies;
|
2020-02-07 07:11:02 +09:00
|
|
|
|
|
|
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
|
|
|
|
2021-06-29 13:18:52 +10:00
|
|
|
use App\Models\User;
|
2020-02-07 07:11:02 +09:00
|
|
|
|
|
|
|
class UserPolicy
|
|
|
|
{
|
|
|
|
use HandlesAuthorization;
|
|
|
|
|
|
|
|
/**
|
2022-06-28 21:57:55 +10:00
|
|
|
* Wholesalers can do anything.
|
2020-02-07 07:11:02 +09:00
|
|
|
*
|
2021-09-29 16:20:22 +10:00
|
|
|
* @param User $uo
|
2022-06-28 21:57:55 +10:00
|
|
|
* @param string $ability
|
|
|
|
* @return bool|null
|
2020-02-07 07:11:02 +09:00
|
|
|
*/
|
2024-07-04 15:03:11 +10:00
|
|
|
public function before(User $uo,string $ability): bool
|
2020-02-07 07:11:02 +09:00
|
|
|
{
|
2024-07-04 15:03:11 +10:00
|
|
|
return $uo->isWholesaler() ?: FALSE;
|
2020-02-07 07:11:02 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-06-28 21:57:55 +10:00
|
|
|
* Can this user assume the role of the other user
|
2020-02-07 07:11:02 +09:00
|
|
|
*
|
2021-09-29 16:20:22 +10:00
|
|
|
* @param User $uo
|
2020-02-07 07:11:02 +09:00
|
|
|
* @param User $o
|
2021-09-29 16:20:22 +10:00
|
|
|
* @return bool
|
2020-02-07 07:11:02 +09:00
|
|
|
*/
|
2022-06-28 21:57:55 +10:00
|
|
|
public function assume(User $uo, User $o): bool
|
2020-02-07 07:11:02 +09:00
|
|
|
{
|
2022-06-28 21:57:55 +10:00
|
|
|
return $uo->isAdmin($o);
|
2020-02-07 07:11:02 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-06-28 21:57:55 +10:00
|
|
|
* Determine whether the user can view the user details.
|
2020-02-07 07:11:02 +09:00
|
|
|
*
|
2021-09-29 16:20:22 +10:00
|
|
|
* @param User $uo
|
2020-02-07 07:11:02 +09:00
|
|
|
* @param User $o
|
2021-09-29 16:20:22 +10:00
|
|
|
* @return bool
|
2020-02-07 07:11:02 +09:00
|
|
|
*/
|
2022-06-28 21:57:55 +10:00
|
|
|
public function view(User $uo,User $o): bool
|
2020-02-07 07:11:02 +09:00
|
|
|
{
|
2022-06-28 21:57:55 +10:00
|
|
|
// If this is a service for an account managed by a user.
|
|
|
|
return ($uo->id == $o->id)
|
2020-02-07 07:11:02 +09:00
|
|
|
|
2022-06-28 21:57:55 +10:00
|
|
|
// The user has this as one of their accounts
|
|
|
|
OR $uo->accounts->pluck('user')->pluck('id')->unique()->contains($o->id);
|
2020-02-07 07:11:02 +09:00
|
|
|
}
|
|
|
|
}
|