-
Notifications
You must be signed in to change notification settings - Fork 554
/
AuthServiceProvider.php
69 lines (53 loc) · 2.23 KB
/
AuthServiceProvider.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
namespace A17\Twill;
use A17\Twill\Models\Enums\UserRole;
use A17\Twill\Models\User;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
class AuthServiceProvider extends ServiceProvider
{
const SUPERADMIN = 'SUPERADMIN';
public function boot()
{
Gate::before(function ($user, $ability) {
if ($user->role === self::SUPERADMIN) {
return true;
}
if (!$user->published) {
return false;
}
});
Gate::define('list', function ($user) {
return in_array($user->role_value, [UserRole::VIEWONLY, UserRole::PUBLISHER, UserRole::ADMIN]);
});
Gate::define('edit', function ($user) {
return in_array($user->role_value, [UserRole::PUBLISHER, UserRole::ADMIN]);
});
Gate::define('reorder', function ($user) {
return in_array($user->role_value, [UserRole::PUBLISHER, UserRole::ADMIN]);
});
Gate::define('publish', function ($user) {
return in_array($user->role_value, [UserRole::PUBLISHER, UserRole::ADMIN]);
});
Gate::define('feature', function ($user) {
return in_array($user->role_value, [UserRole::PUBLISHER, UserRole::ADMIN]);
});
Gate::define('delete', function ($user) {
return in_array($user->role_value, [UserRole::PUBLISHER, UserRole::ADMIN]);
});
Gate::define('edit-user', function ($user, $editedUser) {
$editedUserObject = User::find($editedUser);
return ($user->can('edit') || $user->id == $editedUser) && $editedUserObject->role !== self::SUPERADMIN;
});
Gate::define('edit-user-role', function ($user) {
return in_array($user->role_value, [UserRole::ADMIN]);
});
Gate::define('publish-user', function ($user) {
$editedUserObject = User::find(request('id'));
return $user->can('publish') && $user->id !== $editedUserObject->id && $editedUserObject->role !== self::SUPERADMIN;
});
Gate::define('impersonate', function ($user) {
return $user->role === self::SUPERADMIN;
});
}
}