diff --git a/src/Commands/stubs/policy.stub b/src/Commands/stubs/policy.stub index aa7caa6c6..820efadda 100644 --- a/src/Commands/stubs/policy.stub +++ b/src/Commands/stubs/policy.stub @@ -16,6 +16,17 @@ class DummyClass * @param \App\User $user * @return mixed */ + public function showEvery(User $user = null) + { + // + } + + /** + * Determine whether the user is authorized to access the repository uriKey + * + * @param \App\User $user + * @return mixed + */ public function showAny(User $user = null) { // diff --git a/src/Http/Requests/InteractWithRepositories.php b/src/Http/Requests/InteractWithRepositories.php index 18a4df474..10684ccb1 100644 --- a/src/Http/Requests/InteractWithRepositories.php +++ b/src/Http/Requests/InteractWithRepositories.php @@ -44,7 +44,7 @@ public function repository($key = null) } if (! $repository::authorizedToShowAny($this)) { - throw new UnauthorizedException(__('Unauthorized to view repository :name.', [ + throw new UnauthorizedException(__('Unauthorized to view repository :name. See "showAny" policy.', [ 'name' => $repository, ]), 403); } diff --git a/src/Repositories/Crudable.php b/src/Repositories/Crudable.php index 620243ace..c45d79a64 100644 --- a/src/Repositories/Crudable.php +++ b/src/Repositories/Crudable.php @@ -47,7 +47,7 @@ public function index(RestifyRequest $request) }); try { - $this->allowToViewAny($request, $items); + $this->allowToShowEvery($request, $items); } catch (UnauthorizedException | AuthorizationException $e) { return $this->response()->forbidden()->addError($e->getMessage()); } @@ -203,9 +203,9 @@ public function allowToShow($request) * @param Collection $items * @throws \Illuminate\Auth\Access\AuthorizationException */ - public function allowToViewAny($request, Collection $items) + public function allowToShowEvery($request, Collection $items) { - $this->authorizeToShowAny($request); + $this->authorizeToShowEvery($request); } /** diff --git a/src/Traits/AuthorizableModels.php b/src/Traits/AuthorizableModels.php index cbc98909f..b72454d0c 100644 --- a/src/Traits/AuthorizableModels.php +++ b/src/Traits/AuthorizableModels.php @@ -69,6 +69,41 @@ public static function authorizedToShowAny(Request $request) : true; } + /** + * Determine if the resource should be available for the given request (. + * + * @param \Illuminate\Http\Request $request + * @return void + * @throws AuthorizationException + */ + public function authorizeToShowEvery(Request $request) + { + if (! static::authorizable()) { + return; + } + + if (method_exists(Gate::getPolicyFor(static::newModel()), 'showEvery')) { + $this->authorizeTo($request, 'showEvery'); + } + } + + /** + * Determine if the resource should be available for the given request. + * + * @param \Illuminate\Http\Request $request + * @return bool + */ + public static function authorizedToShowEvery(Request $request) + { + if (! static::authorizable()) { + return true; + } + + return method_exists(Gate::getPolicyFor(static::newModel()), 'showEvery') + ? Gate::check('showEvery', get_class(static::newModel())) + : true; + } + /** * Determine if the current user can view the given resource or throw. *