update policies

[ht3aa]

No description provided.

[gemini-code-assist]

Code Review

This pull request modifies the CompanyJobPolicy by removing email verification requirements for viewing and creating jobs. The review feedback highlights that these changes introduce security risks and logical inconsistencies. Specifically, the viewAny method may now exclude legitimate HR or Admin users from the dashboard, and the create method is now overly permissive, allowing any authenticated user to post jobs. It is recommended to implement explicit role-based checks to maintain proper access control.

[gemini-code-assist]

Removing the access check for regular users in viewAny while still allowing them to own and update jobs (as seen in the update and view methods) creates a logical inconsistency. Users who own jobs (such as HR or Admin users) will no longer be able to access the list view in the dashboard (Filament resource). If the intention is to remove the dependency on email verification, it is recommended to replace it with explicit role checks for HR and Admin users to ensure they maintain access to their job listings.

        return $user->isSuperAdmin()
            || $user->isAdmin()
            || $user->isHR()
            || $user->can('ViewAny:Jobs');

[gemini-code-assist]

Changing the create policy to return true is overly permissive as it allows any authenticated user, including those with the DEVELOPER role, to post jobs. This could lead to spam and data integrity issues. It is recommended to restrict job creation to specific roles like HR or Admin, or to users with a specific permission, consistent with the other methods in this policy.

        return $user->isSuperAdmin()
            || $user->isAdmin()
            || $user->isHR()
            || $user->can('Create:Jobs');