65 lines
1.3 KiB
PHP
65 lines
1.3 KiB
PHP
|
<?php
|
||
|
|
||
|
namespace App\Policies;
|
||
|
|
||
|
use App\Photo;
|
||
|
use App\User;
|
||
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
||
|
|
||
|
class PhotoPolicy
|
||
|
{
|
||
|
use HandlesAuthorization;
|
||
|
|
||
|
/**
|
||
|
* Create a new policy instance.
|
||
|
*
|
||
|
* @return void
|
||
|
*/
|
||
|
public function __construct()
|
||
|
{
|
||
|
//
|
||
|
}
|
||
|
|
||
|
public function before($user, $ability)
|
||
|
{
|
||
|
if ($user->is_admin)
|
||
|
{
|
||
|
// Admins can do anything
|
||
|
return true;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
public function changeMetadata(User $user, Photo $photo)
|
||
|
{
|
||
|
if ($user->id == $photo->user_id)
|
||
|
{
|
||
|
// The photo's owner can do everything
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
return $user->can('change-photo-metadata', $photo->album);
|
||
|
}
|
||
|
|
||
|
public function delete(User $user, Photo $photo)
|
||
|
{
|
||
|
if ($user->id == $photo->user_id)
|
||
|
{
|
||
|
// The photo's owner can do everything
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
return $user->can('delete-photos', $photo->album);
|
||
|
}
|
||
|
|
||
|
public function manipulate(User $user, Photo $photo)
|
||
|
{
|
||
|
if ($user->id == $photo->user_id)
|
||
|
{
|
||
|
// The photo's owner can do everything
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
return $user->can('manipulate-photos', $photo->album);
|
||
|
}
|
||
|
}
|