blue-twilight/app/Policies/PhotoPolicy.php

98 lines
2.0 KiB
PHP
Raw Permalink Normal View History

<?php
namespace App\Policies;
use App\Photo;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class PhotoPolicy
{
use HandlesAuthorization;
/**
* Create a new policy instance.
*
* @return void
*/
public function __construct()
{
//
}
public function before($user, $ability)
{
if ($user->is_admin)
{
// Admins can do anything
return true;
}
}
public function changeMetadata(User $user, Photo $photo)
{
if ($user->id == $photo->user_id)
{
// The photo's owner can do everything
return true;
}
return $user->can('change-photo-metadata', $photo->album);
}
public function delete(User $user, Photo $photo)
{
if ($user->id == $photo->user_id)
{
// The photo's owner can do everything
return true;
}
return $user->can('delete-photos', $photo->album);
}
public function manipulate(User $user, Photo $photo)
{
if ($user->id == $photo->user_id)
{
// The photo's owner can do everything
return true;
}
return $user->can('manipulate-photos', $photo->album);
}
public function moderateComments(User $user, Photo $photo)
{
if ($user->id == $photo->user_id)
{
// The photo's owner can do everything
return true;
}
return $user->can('moderate-comments', $photo->album);
}
public function postComment(User $user, Photo $photo)
{
if ($user->id == $photo->user_id)
{
// The photo's owner can do everything
return true;
}
return $user->can('post-comment', $photo->album);
}
public function view(User $user, Photo $photo)
{
if ($user->id == $photo->user_id)
{
// The photo's owner can do everything
return true;
}
return $user->can('view', $photo->album);
}
}