mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-04-07 21:44:51 +00:00
3259173066
* Convert string references to `::class` PHP 5.5.9 adds the new static `class` property which provides the fully qualified class name. This is preferred over using strings for class names since the `class` property references are checked by PHP. * Use Faker methods Accessing Faker properties was deprecated in Faker 1.14. * Convert route options to fluent methods Laravel 8 adopts the tuple syntax for controller actions. Since the old options array is incompatible with this syntax, Shift converted them to use modern, fluent methods. * Adopt class based routes * Remove default `app` files * Shift core files * Streamline config files * Set new `ENV` variables * Default new `bootstrap/app.php` * Re-register HTTP middleware * Consolidate service providers * Re-register service providers * Re-register routes * Re-register scheduled commands * Bump Composer dependencies * Use `<env>` tags for configuration `<env>` tags have a lower precedence than system environment variables making it easier to overwrite PHPUnit configuration values in additional environments, such a CI. Review this blog post for more details on configuration precedence when testing Laravel: https://jasonmccreary.me/articles/laravel-testing-configuration-precedence/ * Adopt anonymous migrations * Rename `password_resets` table * Convert `$casts` property to method * Adopt Laravel type hints * Mark base controller as `abstract` * Remove `CreatesApplication` testing trait * Shift cleanup * Fix shift first issues * Updating Rules for laravel 11, sanctum config and pint * Fix Carbon issue on dashboard * Temporary fix for tests while migration is issue fixed on laravel side * Carbon needs numerical values, not strings * Minimum php version * Fix domain installation step not fetching the correct company_id * Fix Role Policy wasn't properly registered ---------
141 lines
3.1 KiB
PHP
141 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Models\Invoice;
|
|
use App\Models\User;
|
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
|
use Silber\Bouncer\BouncerFacade;
|
|
|
|
class InvoicePolicy
|
|
{
|
|
use HandlesAuthorization;
|
|
|
|
/**
|
|
* Determine whether the user can view any models.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function viewAny(User $user): bool
|
|
{
|
|
if (BouncerFacade::can('view-invoice', Invoice::class)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can view the model.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function view(User $user, Invoice $invoice): bool
|
|
{
|
|
if (BouncerFacade::can('view-invoice', $invoice) && $user->hasCompany($invoice->company_id)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can create models.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function create(User $user): bool
|
|
{
|
|
if (BouncerFacade::can('create-invoice', Invoice::class)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can update the model.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function update(User $user, Invoice $invoice): bool
|
|
{
|
|
if (BouncerFacade::can('edit-invoice', $invoice) && $user->hasCompany($invoice->company_id)) {
|
|
return $invoice->allow_edit;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can delete the model.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function delete(User $user, Invoice $invoice): bool
|
|
{
|
|
if (BouncerFacade::can('delete-invoice', $invoice) && $user->hasCompany($invoice->company_id)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can restore the model.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function restore(User $user, Invoice $invoice): bool
|
|
{
|
|
if (BouncerFacade::can('delete-invoice', $invoice) && $user->hasCompany($invoice->company_id)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can permanently delete the model.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function forceDelete(User $user, Invoice $invoice): bool
|
|
{
|
|
if (BouncerFacade::can('delete-invoice', $invoice) && $user->hasCompany($invoice->company_id)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can send email of the model.
|
|
*
|
|
* @param \App\Models\Payment $payment
|
|
* @return mixed
|
|
*/
|
|
public function send(User $user, Invoice $invoice)
|
|
{
|
|
if (BouncerFacade::can('send-invoice', $invoice) && $user->hasCompany($invoice->company_id)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can delete models.
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function deleteMultiple(User $user)
|
|
{
|
|
if (BouncerFacade::can('delete-invoice', Invoice::class)) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
}
|