-
app/Base/Policies/UserPolicy.php
Open in GitHubuse App\Base\Models\User; use App\Authorization\Authorization; use Illuminate\Auth\Access\HandlesAuthorization; class UserPolicy { use HandlesAuthorization; public function add(User $user) { return (new Authorization($user))->userHasPermissionTo('add', 'member'); } public function remove(User $user) { return (new Authorization($user))->userHasPermissionTo('remove', 'member'); } } -
app/Base/Http/Controllers/MemberController.php
Open in GitHubuse App\Base\Models\User; class MemberController extends Controller { public function store() { $this->authorize('add', User::class); // } public function destroy() { $this->authorize('remove', User::class); // } // } -
app/Base/Providers/AuthServiceProvider.php
Open in GitHubuse Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider { protected $policies = [ // \App\Base\Models\User::class => \App\Base\Policies\UserPolicy::class, // ]; // } -
app/Authorization/Authorization.php
Open in GitHubuse App\Base\Models\User; class Authorization { public $user; public function __construct(User $user) { $this->user = $user; } public function userHasPermissionTo($action, $resource, $resourceId = null, $groupRelated = false, $groupType = null, $groupId = null) { if ($groupRelated) { return ( ( $resourceId ? $this->user->isOwner($resource, $resourceId) : false ) || ( $this->user->isMember($groupType, $groupId) && $this->user->isAllowedTo($action, $resource, true, $groupType, $groupId) ) ) && ( $this->user->isNotForbiddenTo($action, $resource, $groupType, $groupId) ); } if ($groupType) { return ( $this->user->isOwner($resource, $resourceId) || ( $this->user->isMember($groupType, $groupId) && $this->user->isAllowedTo($action, $resource, false, $groupType, $groupId) ) ) && ( $this->user->isNotForbiddenTo($action, $resource, $groupType, $groupId) ); } return $this->user->isAllowedTo($action, $resource) && $this->user->isNotForbiddenTo($action, $resource); } // }