-
Notifications
You must be signed in to change notification settings - Fork 331
/
Clipboard.php
101 lines (88 loc) · 3.1 KB
/
Clipboard.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
namespace Silber\Bouncer;
use Illuminate\Database\Eloquent\Model;
use Silber\Bouncer\Database\Queries\Abilities;
class Clipboard extends BaseClipboard
{
/**
* Determine if the given authority has the given ability, and return the ability ID.
*
* @param string $ability
* @param \Illuminate\Database\Eloquent\Model|string|null $model
* @return int|bool|null
*/
public function checkGetId(Model $authority, $ability, $model = null)
{
if ($this->isForbidden($authority, $ability, $model)) {
return false;
}
$ability = $this->getAllowingAbility($authority, $ability, $model);
return $ability ? $ability->getKey() : null;
}
/**
* Determine whether the given ability request is explicitely forbidden.
*
* @param string $ability
* @param \Illuminate\Database\Eloquent\Model|string|null $model
* @return bool
*/
protected function isForbidden(Model $authority, $ability, $model = null)
{
return $this->getHasAbilityQuery(
$authority, $ability, $model, $allowed = false
)->exists();
}
/**
* Get the ability model that allows the given ability request.
*
* Returns null if the ability is not allowed.
*
* @param string $ability
* @param \Illuminate\Database\Eloquent\Model|string|null $model
* @return \Illuminate\Database\Eloquent\Model|null
*/
protected function getAllowingAbility(Model $authority, $ability, $model = null)
{
return $this->getHasAbilityQuery(
$authority, $ability, $model, $allowed = true
)->first();
}
/**
* Get the query for where the given authority has the given ability.
*
* @param \Illuminate\Database\Eloquent\Model $authority
* @param string $ability
* @param \Illuminate\Database\Eloquent\Model|string|null $model
* @param bool $allowed
* @return \Illuminate\Database\Eloquent\Builder
*/
protected function getHasAbilityQuery($authority, $ability, $model, $allowed)
{
$query = Abilities::forAuthority($authority, $allowed);
if (! $this->isOwnedBy($authority, $model)) {
$query->where('only_owned', false);
}
if (is_null($model)) {
return $this->constrainToSimpleAbility($query, $ability);
}
return $query->byName($ability)->forModel($model);
}
/**
* Constrain the query to the given non-model ability.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string $ability
* @return \Illuminate\Database\Eloquent\Builder
*/
protected function constrainToSimpleAbility($query, $ability)
{
return $query->where(function ($query) use ($ability) {
$query->where('name', $ability)->whereNull('entity_type');
$query->orWhere(function ($query) {
$query->where('name', '*')->where(function ($query) {
$query->whereNull('entity_type')->orWhere('entity_type', '*');
});
});
});
}
}