blue-twilight/app/Policies/PhotoPolicy.php

<?php

namespace App\Policies;

use App\Photo;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class PhotoPolicy
{
    use HandlesAuthorization;

    /**
     * Create a new policy instance.
     *
     * @return void
     */
    public function __construct()
    {
        //
    }

    public function before($user, $ability)
    {
        if ($user->is_admin)
        {
            // Admins can do anything
            return true;
        }
    }

    public function changeMetadata(User $user, Photo $photo)
    {
        if ($user->id == $photo->user_id)
        {
            // The photo's owner can do everything
            return true;
        }

        return $user->can('change-photo-metadata', $photo->album);
    }

    public function delete(User $user, Photo $photo)
    {
        if ($user->id == $photo->user_id)
        {
            // The photo's owner can do everything
            return true;
        }

        return $user->can('delete-photos', $photo->album);
    }

    public function manipulate(User $user, Photo $photo)
    {
        if ($user->id == $photo->user_id)
        {
            // The photo's owner can do everything
            return true;
        }

        return $user->can('manipulate-photos', $photo->album);
    }
}
#3: Permissions can now be set on what users can do with photos in an album. This required re-thinking the available permissions slightly. Photo owners can do anything. 2017-04-16 09:00:57 +01:00			`<?php`

			`namespace App\Policies;`

			`use App\Photo;`
			`use App\User;`
			`use Illuminate\Auth\Access\HandlesAuthorization;`

			`class PhotoPolicy`
			`{`
			`use HandlesAuthorization;`

			`/**`
			`* Create a new policy instance.`
			`*`
			`* @return void`
			`*/`
			`public function __construct()`
			`{`
			`//`
			`}`

			`public function before($user, $ability)`
			`{`
			`if ($user->is_admin)`
			`{`
			`// Admins can do anything`
			`return true;`
			`}`
			`}`

			`public function changeMetadata(User $user, Photo $photo)`
			`{`
			`if ($user->id == $photo->user_id)`
			`{`
			`// The photo's owner can do everything`
			`return true;`
			`}`

			`return $user->can('change-photo-metadata', $photo->album);`
			`}`

			`public function delete(User $user, Photo $photo)`
			`{`
			`if ($user->id == $photo->user_id)`
			`{`
			`// The photo's owner can do everything`
			`return true;`
			`}`

			`return $user->can('delete-photos', $photo->album);`
			`}`

			`public function manipulate(User $user, Photo $photo)`
			`{`
			`if ($user->id == $photo->user_id)`
			`{`
			`// The photo's owner can do everything`
			`return true;`
			`}`

			`return $user->can('manipulate-photos', $photo->album);`
			`}`
			`}`