90 lines
1.7 KiB
PHP
90 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace App\Models\Policies;
|
|
|
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
|
|
|
use App\Models\{Invoice,User};
|
|
|
|
class InvoicePolicy
|
|
{
|
|
use HandlesAuthorization;
|
|
|
|
/**
|
|
* Determine whether the user can view the invoice.
|
|
*
|
|
* @param User $uo
|
|
* @param Invoice $io
|
|
* @return bool
|
|
*/
|
|
public function view(User $uo,Invoice $io): bool
|
|
{
|
|
// If this is a service for an account managed by a user.
|
|
return ($uo->invoices->pluck('id')->search($io->id) !== FALSE)
|
|
|
|
// The user is the wholesaler
|
|
OR $uo->isWholesaler()
|
|
|
|
// The user has this as one of their accounts
|
|
OR $uo->accounts->pluck('id')->contains($io->account_id);
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can create services.
|
|
*
|
|
* @param User $uo
|
|
* @return bool
|
|
*/
|
|
public function create(User $uo): bool
|
|
{
|
|
return $uo->isWholesaler();
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can update the service.
|
|
*
|
|
* @param User $uo
|
|
* @param Invoice $io
|
|
* @return bool
|
|
*/
|
|
public function update(User $uo,Invoice $io): bool
|
|
{
|
|
return $uo->isWholesaler();
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can delete the service.
|
|
*
|
|
* @param User $uo
|
|
* @param Invoice $io
|
|
* @return bool
|
|
*/
|
|
public function delete(User $uo,Invoice $io): bool
|
|
{
|
|
return $uo->isWholesaler();
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can restore the service.
|
|
*
|
|
* @param User $uo
|
|
* @param Invoice $io
|
|
* @return bool
|
|
*/
|
|
public function restore(User $uo,Invoice $io): bool
|
|
{
|
|
return $uo->isWholesaler();
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can permanently delete the service.
|
|
*
|
|
* @param User $uo
|
|
* @param Invoice $io
|
|
* @return bool
|
|
*/
|
|
public function forceDelete(User $uo,Invoice $io): bool
|
|
{
|
|
return $uo->isWholesaler();
|
|
}
|
|
} |