blue-twilight/app/Helpers/DbHelper.php

<?php

namespace App\Helpers;

use App\Album;
use App\Facade\UserConfig;
use Illuminate\Database\Query\Builder;
use Illuminate\Support\Facades\Auth;

class DbHelper
{
    public static function getAlbumsForCurrentUser()
    {
        $albumsQuery = Album::query();
        $user = Auth::user();

        if (!is_null($user) && $user->is_admin)
        {
            /* Admin users always get everything, therefore no filters are necessary */
        }
        else if (is_null($user))
        {
            /* Anonymous users need to check the album_anonymous_permissions table. If not in this table, you're not allowed! */

            $albumsQuery = Album::join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id')
                ->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id')
                ->where([
                    ['permissions.section', 'album'],
                    ['permissions.description', 'list']
                ]);
        }
        else
        {
            /*
                Other users need to check either the album_group_permissions or album_user_permissions table. If not in either of these tables,
                you're not allowed!
            */

            $albumsQuery = Album::leftJoin('album_group_permissions', 'album_group_permissions.album_id', '=', 'albums.id')
                ->leftJoin('album_user_permissions', 'album_user_permissions.album_id', '=', 'albums.id')
                ->leftJoin('permissions AS group_permissions', 'group_permissions.id', '=', 'album_group_permissions.permission_id')
                ->leftJoin('permissions AS user_permissions', 'user_permissions.id', '=', 'album_user_permissions.permission_id')
                ->leftJoin('user_groups', 'user_groups.group_id', '=', 'album_group_permissions.group_id')
                ->where('albums.user_id', $user->id)
                ->orWhere([
                    ['group_permissions.section', 'album'],
                    ['group_permissions.description', 'list'],
                    ['user_groups.user_id', $user->id]
                ])
                ->orWhere([
                    ['user_permissions.section', 'album'],
                    ['user_permissions.description', 'list'],
                    ['album_user_permissions.user_id', $user->id]
                ]);
        }

        return $albumsQuery->select('albums.*')
            ->distinct()
            ->orderBy('name')
            ->withCount('photos')
            ->paginate(UserConfig::get('items_per_page'));
    }
}