153 lines
3.7 KiB
PHP
153 lines
3.7 KiB
PHP
<?php
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Album;
|
|
use App\Facade\UserConfig;
|
|
use App\Group;
|
|
use App\Helpers\PermissionsHelper;
|
|
use App\Permission;
|
|
use App\User;
|
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
|
|
|
class AlbumPolicy
|
|
{
|
|
use HandlesAuthorization;
|
|
|
|
/**
|
|
* Create a new policy instance.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function __construct()
|
|
{
|
|
//
|
|
}
|
|
|
|
public function before($user, $ability)
|
|
{
|
|
if ($user->is_admin)
|
|
{
|
|
// Admins can do anything
|
|
return true;
|
|
}
|
|
}
|
|
|
|
public function changePermissions(User $user, Album $album)
|
|
{
|
|
// Only the album's owner (or an admin, matched by the before() rule) can change permissions
|
|
return $user->id == $album->user_id;
|
|
}
|
|
|
|
public function changePhotoMetadata(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'change-photo-metadata');
|
|
}
|
|
|
|
public function delete(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'delete');
|
|
}
|
|
|
|
public function deletePhotos(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'delete-photos');
|
|
}
|
|
|
|
public function edit(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'edit');
|
|
}
|
|
|
|
public function manipulatePhotos(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'manipulate-photos');
|
|
}
|
|
|
|
public function moderateComments(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'moderate-comments');
|
|
}
|
|
|
|
public function postComment(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
// Don't allow comments to be posted if anonymous user, and anonymous comments disabled
|
|
if ($user->isAnonymous() && !UserConfig::get('allow_photo_comments_anonymous'))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'post-comment');
|
|
}
|
|
|
|
public function uploadPhotos(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'upload-photos');
|
|
}
|
|
|
|
public function view(User $user, Album $album)
|
|
{
|
|
if ($user->id == $album->user_id)
|
|
{
|
|
// The album's owner and can do everything
|
|
return true;
|
|
}
|
|
|
|
return $this->userHasPermission($user, $album, 'view');
|
|
}
|
|
|
|
private function userHasPermission(User $user, Album $album, $permission)
|
|
{
|
|
$helper = new PermissionsHelper();
|
|
return $helper->userCan_Album($album, $user, $permission);
|
|
}
|
|
}
|