2016-12-19 11:04:28 -08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Policies;
|
|
|
|
|
|
|
|
use App\Models\License;
|
|
|
|
use App\Models\User;
|
2017-10-27 18:01:11 -07:00
|
|
|
use App\Policies\CheckoutablePermissionsPolicy;
|
2016-12-19 11:04:28 -08:00
|
|
|
|
2017-10-27 18:01:11 -07:00
|
|
|
class LicensePolicy extends CheckoutablePermissionsPolicy
|
2016-12-19 11:04:28 -08:00
|
|
|
{
|
2017-10-27 18:01:11 -07:00
|
|
|
protected function columnName()
|
2016-12-19 11:04:28 -08:00
|
|
|
{
|
2017-10-27 18:01:11 -07:00
|
|
|
return 'licenses';
|
2016-12-19 11:04:28 -08:00
|
|
|
}
|
|
|
|
|
2019-05-08 05:14:49 -07:00
|
|
|
/**
|
|
|
|
* Determine whether the user can view license keys.
|
|
|
|
* This gets a little tricky, UX/logic-wise. If a user has the ability
|
|
|
|
* to create a license (which requires a product key), shouldn't they
|
|
|
|
* have the ability to see the product key as well?
|
|
|
|
*
|
|
|
|
* Example: I create the license, realize I need to change
|
|
|
|
* something (maybe I got the product key wrong), and now I can never
|
|
|
|
* see/edit that product key.
|
|
|
|
*
|
|
|
|
* @see https://github.com/snipe/snipe-it/issues/6956
|
|
|
|
* @param \App\Models\User $user
|
|
|
|
* @param \App\Models\License $license
|
|
|
|
* @return mixed
|
|
|
|
*/
|
2016-12-19 11:04:28 -08:00
|
|
|
public function viewKeys(User $user, License $license = null)
|
|
|
|
{
|
2019-05-08 05:14:49 -07:00
|
|
|
if ($user->hasAccess('licenses.keys') || $user->hasAccess('licenses.create') || $user->hasAccess('licenses.edit')) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
2016-12-19 11:04:28 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|