Add trash to Twill users and fix permissions

Publisher can only edit themselves now
Admin can now create users again

src/AuthServiceProvider.php

@@ -49,7 +49,8 @@ public function boot()
 
         Gate::define('edit-user', function ($user, $editedUser) {
             $editedUserObject = User::find($editedUser);
-            return ($user->can('edit') || $user->id == $editedUser) && $editedUserObject->role !== self::SUPERADMIN;
+            return ($user->can('edit') && in_array($user->role_value, [UserRole::ADMIN]) || $user->id == $editedUser)
+                && ($editedUserObject ? $editedUserObject->role !== self::SUPERADMIN : true);
         });
 
         Gate::define('edit-user-role', function ($user) {

src/Http/Controllers/Admin/UserController.php

@@ -121,6 +121,30 @@ public function getIndexTableMainFilters($items, $scopes = [])
             'number' => $this->repository->getCountByStatusSlug('draft'),
         ]);
 
+        if ($this->getIndexOption('restore')) {
+            array_push($statusFilters, [
+                'name' => 'Trash',
+                'slug' => 'trash',
+                'number' => $this->repository->getCountByStatusSlug('trash'),
+            ]);
+        }
+
         return $statusFilters;
     }
+
+    protected function getIndexOption($option)
+    {
+        if (in_array($option, ['publish', 'bulkEdit'])) {
+            return auth('twill_users')->user()->can('edit-user-role');
+        }
+
+        return parent::getIndexOption($option);
+    }
+
+    protected function indexItemData($item)
+    {
+        $canEdit = auth('twill_users')->user()->can('edit-user-role') || auth('twill_users')->user()->id === $item->id;
+
+        return ['edit' => $canEdit ? $this->getModuleRoute($item->id, 'edit') : null];
+    }
 }

src/Models/User.php

@@ -2,20 +2,21 @@
 
 namespace A17\Twill\Models;
 
-use Session;
-use A17\Twill\Models\Enums\UserRole;
-use Illuminate\Auth\Authenticatable;
-use Illuminate\Notifications\Notifiable;
 use A17\Twill\Models\Behaviors\HasMedias;
 use A17\Twill\Models\Behaviors\HasPresenter;
-use Illuminate\Foundation\Auth\Access\Authorizable;
+use A17\Twill\Models\Enums\UserRole;
 use A17\Twill\Notifications\Reset as ResetNotification;
 use A17\Twill\Notifications\Welcome as WelcomeNotification;
+use Illuminate\Auth\Authenticatable;
+use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Foundation\Auth\Access\Authorizable;
 use Illuminate\Foundation\Auth\User as AuthenticatableContract;
+use Illuminate\Notifications\Notifiable;
+use Session;
 
 class User extends AuthenticatableContract
 {
-    use Authenticatable, Authorizable, HasMedias, Notifiable, HasPresenter;
+    use Authenticatable, Authorizable, HasMedias, Notifiable, HasPresenter, SoftDeletes;
 
     public $timestamps = true;
 
@@ -82,6 +83,11 @@ public function scopeDraft($query)
         return $query->wherePublished(false);
     }
 
+    public function scopeOnlyTrashed($query)
+    {
+        return $query->whereNotNull('deleted_at');
+    }
+
     public function setImpersonating($id)
     {
         Session::put('impersonate', $id);

src/Repositories/UserRepository.php

@@ -42,6 +42,11 @@ public function getCountForDraft()
         return $this->model->where('role', '<>', 'SUPERADMIN')->draft()->count();
     }
 
+    public function getCountForTrash()
+    {
+        return $this->model->where('role', '<>', 'SUPERADMIN')->onlyTrashed()->count();
+    }
+
     public function afterSave($user, $fields)
     {
         $this->sendWelcomeEmail($user);