refactor: align codebase with EventCrew domain and trim legacy band stack
- Update API: events, users, policies, routes, resources, migrations - Remove deprecated models/resources (customers, setlists, invitations, etc.) - Refresh admin app and docs; remove apps/band Made-with: Cursor
This commit is contained in:
@@ -5,79 +5,44 @@ declare(strict_types=1);
|
||||
namespace App\Policies;
|
||||
|
||||
use App\Models\Event;
|
||||
use App\Models\Organisation;
|
||||
use App\Models\User;
|
||||
|
||||
final class EventPolicy
|
||||
{
|
||||
/**
|
||||
* Determine whether the user can view any events.
|
||||
*/
|
||||
public function viewAny(User $user): bool
|
||||
public function viewAny(User $user, Organisation $organisation): bool
|
||||
{
|
||||
return true;
|
||||
return $user->hasRole('super_admin')
|
||||
|| $organisation->users()->where('user_id', $user->id)->exists();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can view the event.
|
||||
*/
|
||||
public function view(User $user, Event $event): bool
|
||||
{
|
||||
// Admins and booking agents can view all events
|
||||
if ($this->isAdminOrBookingAgent($user)) {
|
||||
return $user->hasRole('super_admin')
|
||||
|| $event->organisation->users()->where('user_id', $user->id)->exists();
|
||||
}
|
||||
|
||||
public function create(User $user, Organisation $organisation): bool
|
||||
{
|
||||
if ($user->hasRole('super_admin')) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Members can view events they're invited to
|
||||
return $event->invitations()->where('user_id', $user->id)->exists();
|
||||
return $organisation->users()
|
||||
->where('user_id', $user->id)
|
||||
->wherePivotIn('role', ['org_admin', 'org_member'])
|
||||
->exists();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can create events.
|
||||
*/
|
||||
public function create(User $user): bool
|
||||
{
|
||||
return $this->isAdminOrBookingAgent($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the event.
|
||||
*/
|
||||
public function update(User $user, Event $event): bool
|
||||
{
|
||||
return $this->isAdminOrBookingAgent($user);
|
||||
}
|
||||
if ($user->hasRole('super_admin')) {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can delete the event.
|
||||
*/
|
||||
public function delete(User $user, Event $event): bool
|
||||
{
|
||||
return $user->role === 'admin';
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can invite members to the event.
|
||||
*/
|
||||
public function invite(User $user, Event $event): bool
|
||||
{
|
||||
return $this->isAdminOrBookingAgent($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can RSVP to the event.
|
||||
*/
|
||||
public function rsvp(User $user, Event $event): bool
|
||||
{
|
||||
// User must be invited to RSVP
|
||||
return $event->invitations()->where('user_id', $user->id)->exists();
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the user is an admin or booking agent.
|
||||
*/
|
||||
private function isAdminOrBookingAgent(User $user): bool
|
||||
{
|
||||
return in_array($user->role, ['admin', 'booking_agent'], true);
|
||||
return $event->organisation->users()
|
||||
->where('user_id', $user->id)
|
||||
->wherePivotIn('role', ['org_admin', 'org_member'])
|
||||
->exists();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user