maher/mtdb_movie
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
703f50a09d8d5b16dd31f669929c7e99b5fa4c11
mtdb_movie/common/Core/Policies/UserPolicy.php
maher 703f50a09d
Some checks failed
Build / run (push) Has been cancelled
Details
first commit
2025-10-29 11:42:25 +01:00

57 lines
1.4 KiB
PHP
Executable File
Raw Blame History

<?php namespace Common\Core\Policies;
use App\Models\User;
class UserPolicy extends BasePolicy
{
public function index(?User $user)
{
return $this->hasPermission($user, 'users.view');
}
public function show(?User $current, User $requested)
{
return $this->hasPermission($current, 'users.view') ||
$current->id === $requested->id;
}
public function store(User $user)
{
return $this->hasPermission($user, 'users.create');
}
public function update(User $current, User $toUpdate = null)
{
// user has proper permissions
if ($this->hasPermission($current, 'users.update')) {
return true;
}
// no permissions and not trying to update his own model
if (!$toUpdate || $current->id !== $toUpdate->id) {
return false;
}
// user should not be able to change his own permissions or roles
if (
$this->request->get('permissions') ||
$this->request->get('roles')
) {
return false;
}
return true;
}
public function destroy(User $user, array $userIds)
{
$deletingOwnAccount = collect($userIds)->every(function (
int $userId
) use ($user) {
return $userId === $user->id;
});
return $deletingOwnAccount || $this->hasPermission($user, 'users.delete');
}
}
Reference in New Issue View Git Blame Copy Permalink