forked from ProcessMaker/processmaker
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathUserPolicy.php
More file actions
67 lines (60 loc) · 1.57 KB
/
UserPolicy.php
File metadata and controls
67 lines (60 loc) · 1.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
namespace ProcessMaker\Policies;
use ProcessMaker\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class UserPolicy
{
use HandlesAuthorization;
/**
* Run before all methods to determine if the
* user is an admin and can do everything.
*
* @param \ProcessMaker\Models\User $user
* @return mixed
*/
public function before(User $user)
{
if ($user->is_administrator) {
return true;
}
}
/**
* Determine whether the user can view the user.
*
* @param \ProcessMaker\Models\User $user
* @param \ProcessMaker\Models\User $targetUser
* @return mixed
*/
public function view(User $user, User $targetUser)
{
if ($targetUser->id == $user->id) {
return true;
}
return $user->hasPermission('view-users');
}
/**
* Determine whether the user can update the user.
*
* @param \ProcessMaker\Models\User $user
* @param \ProcessMaker\Models\User $targetUser
* @return mixed
*/
public function edit(User $user, User $targetUser)
{
if ($targetUser->id == $user->id) {
return true;
}
return $user->hasPermission('edit-users');
}
/**
* Determine whether the user can update the user.
*
* @param \ProcessMaker\Models\User $user
* @param \ProcessMaker\Models\User $targetUser
* @return mixed
*/
public function destroy(User $user, User $targetUser)
{
return $user->can('delete', $targetUser);
}
}