84 lines
1.9 KiB
PHP
84 lines
1.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Models\Event;
|
|
use App\Models\User;
|
|
|
|
final class EventPolicy
|
|
{
|
|
/**
|
|
* Determine whether the user can view any events.
|
|
*/
|
|
public function viewAny(User $user): bool
|
|
{
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can view the event.
|
|
*/
|
|
public function view(User $user, Event $event): bool
|
|
{
|
|
// Admins and booking agents can view all events
|
|
if ($this->isAdminOrBookingAgent($user)) {
|
|
return true;
|
|
}
|
|
|
|
// Members can view events they're invited to
|
|
return $event->invitations()->where('user_id', $user->id)->exists();
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can create events.
|
|
*/
|
|
public function create(User $user): bool
|
|
{
|
|
return $this->isAdminOrBookingAgent($user);
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can update the event.
|
|
*/
|
|
public function update(User $user, Event $event): bool
|
|
{
|
|
return $this->isAdminOrBookingAgent($user);
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can delete the event.
|
|
*/
|
|
public function delete(User $user, Event $event): bool
|
|
{
|
|
return $user->role === 'admin';
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can invite members to the event.
|
|
*/
|
|
public function invite(User $user, Event $event): bool
|
|
{
|
|
return $this->isAdminOrBookingAgent($user);
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can RSVP to the event.
|
|
*/
|
|
public function rsvp(User $user, Event $event): bool
|
|
{
|
|
// User must be invited to RSVP
|
|
return $event->invitations()->where('user_id', $user->id)->exists();
|
|
}
|
|
|
|
/**
|
|
* Check if the user is an admin or booking agent.
|
|
*/
|
|
private function isAdminOrBookingAgent(User $user): bool
|
|
{
|
|
return in_array($user->role, ['admin', 'booking_agent'], true);
|
|
}
|
|
}
|
|
|