jcergolj/laravellte

use Illuminate\Database\Eloquent\Model;

class Role extends Model
{
    //
    public function permissions()
    {
        return $this->belongsToMany(Permission::class)
            ->withPivot('owner_restricted')
            ->using(PermissionRole::class);
    }
    //
}

use Illuminate\Database\Eloquent\Relations\Pivot;

class PermissionRole extends Pivot
{
    protected $casts = [
        'id' => 'integer',
        'owner_restricted' => 'boolean',
        'role_id' => 'integer',
        'permission_id' => 'integer',
    ];
}

use Illuminate\Database\Eloquent\Scope;

class VisibleToScope implements Scope
{
    //
    public function returnEarlyPermission($user, $model)
    {
        $permission = $user->getPermission($model->getTable().'.index');

        if (! $permission->pivot->owner_restricted === true) {
            return true;
        }

        if (! Schema::hasColumn($model->getTable(), AppServiceProvider::OWNER_FIELD)) {
            return true;
        }

        return false;
    }
    //
}

use Illuminate\Foundation\Auth\User as Authenticatable

class User extends Authenticatable
{
    //
    public function isModelOwner($permissionName, $model)
    {
        $ownerField = AppServiceProvider::OWNER_FIELD;

        $permission = $this->getPermission($permissionName);

        if ($permission === null) {
            return false;
        }

        if ($permission->pivot->owner_restricted === false) {
            return true;
        }

        return $model->$ownerField === $this->id;
    }
}