snipe-it/app/Policies/ComponentPolicy.php
Daniel Meltzer cd8c585377 Discussion: Moving to policies for controller based authorization (#3080)
* Make delete routes work.  We put a little form in the modal that spoofs the delete field.

* Fix route on creating a user.

* Fix redundant id parameter.

* Port acceptance tests to new urls.

* Initial work on migrating to model based policies instead of global gates.  Will allow for much more detailed permissions bits in the future.

* This needs to stay for the dashboard checks.

* Add user states for permissions to build tests.

* Build up unit tests for gates/permissions.  Move accessories/consumables/assets to policies instead of in authserviceprovider

* Migrate various locations to new syntax.  Update test to be more specific

* Fix functional tests.

Add an artisan command for installing a settings setup on travis-ci

* Try a different id... Need to come up with a better way of passing the id for tests that need an existing one.

* Try to fix travis

* Update urls to use routes and not hardcode old paths.  Also fix some migration errors found along the way.:

* Add a environment for travis functional tests.

* Adjust config file to make travis use it.

* Use redirect()->route instead of redirect()-to

* Dump all failures in the output directory if travis fails.

* Cleanups and minor fixes.

* Adjust the supplier modelfactory to comply with new validation restrictions.

* Some test fixes.

* Locales can be longer than 5 characters according to faker... fex gez_ET.  Increase lenght in mysql and add a validation

* Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00

115 lines
2.8 KiB
PHP

<?php
namespace App\Policies;
use App\Models\Company;
use App\Models\Component;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class ComponentPolicy
{
use HandlesAuthorization;
public function before(User $user, $ability, $component)
{
// Lets move all company related checks here.
if ($component instanceof \App\Models\Component && !Company::isCurrentUserHasAccess($component)) {
return false;
}
// If an admin, they can do all asset related tasks.
if ($user->hasAccess('admin')) {
return true;
}
}
/**
* Determine whether the user can view the component.
*
* @param \App\User $user
* @param \App\Component $component
* @return mixed
*/
public function view(User $user, Component $component = null)
{
//
return $user->hasAccess('components.view');
}
/**
* Determine whether the user can create components.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
//
return $user->hasAccess('components.create');
}
/**
* Determine whether the user can update the component.
*
* @param \App\User $user
* @param \App\Component $component
* @return mixed
*/
public function update(User $user, Component $component = null)
{
//
return $user->hasAccess('components.edit');
}
/**
* Determine whether the user can delete the component.
*
* @param \App\User $user
* @param \App\Component $component
* @return mixed
*/
public function delete(User $user, Component $component = null)
{
//
return $user->hasAccess('components.delete');
}
/**
* Determine whether the user can checkout the component.
*
* @param \App\User $user
* @param \App\Accessory $component
* @return mixed
*/
public function checkout(User $user, Component $component = null)
{
return $user->hasAccess('components.checkout');
}
/**
* Determine whether the user can checkin the component.
*
* @param \App\User $user
* @param \App\Component $component
* @return mixed
*/
public function checkin(User $user, Component $component = null)
{
return $user->hasAccess('components.checkin');
}
/**
* Determine whether the user can manage the component.
*
* @param \App\User $user
* @param \App\Component $component
* @return mixed
*/
public function manage(User $user, Component $component = null)
{
return $user->hasAccess('components.checkin')
|| $user->hasAccess('components.edit')
|| $user->hasAccess('components.checkout');
}
}