osb/app/Models/Policies/UserPolicy.php

49 lines
936 B
PHP

<?php
namespace App\Models\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
use App\Models\User;
class UserPolicy
{
use HandlesAuthorization;
/**
* Wholesalers can do anything.
*
* @param User $uo
* @param string $ability
* @return null|bool
*/
public function before(User $uo,string $ability): bool|NULL
{
return $uo->isWholesaler() ?: NULL;
}
/**
* Can this user assume the role of the other user
*
* @param User $uo
* @param User $o
* @return bool
*/
public function assume(User $uo, User $o): bool
{
return $uo->isAdmin($o);
}
/**
* Determine whether the user can view the user details.
*
* @param User $uo
* @param User $o
* @return bool
*/
public function view(User $uo,User $o): bool
{
// If this is a service for an account managed by a user.
return ($uo->id == $o->id) || $uo->accounts_all->pluck('user_id')->contains($o->id) || $uo->isWholesaler();
}
}