64 lines
1.7 KiB
PHP
64 lines
1.7 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Models\Company;
|
|
use App\Models\Organisation;
|
|
use App\Models\User;
|
|
|
|
final class CompanyPolicy
|
|
{
|
|
public function viewAny(User $user, Organisation $organisation): bool
|
|
{
|
|
return $user->hasRole('super_admin')
|
|
|| $organisation->users()->where('user_id', $user->id)->exists();
|
|
}
|
|
|
|
public function view(User $user, Company $company, Organisation $organisation): bool
|
|
{
|
|
if ($company->organisation_id !== $organisation->id) {
|
|
return false;
|
|
}
|
|
|
|
return $user->hasRole('super_admin')
|
|
|| $organisation->users()->where('user_id', $user->id)->exists();
|
|
}
|
|
|
|
public function create(User $user, Organisation $organisation): bool
|
|
{
|
|
return $this->canManageOrganisation($user, $organisation);
|
|
}
|
|
|
|
public function update(User $user, Company $company, Organisation $organisation): bool
|
|
{
|
|
if ($company->organisation_id !== $organisation->id) {
|
|
return false;
|
|
}
|
|
|
|
return $this->canManageOrganisation($user, $organisation);
|
|
}
|
|
|
|
public function delete(User $user, Company $company, Organisation $organisation): bool
|
|
{
|
|
if ($company->organisation_id !== $organisation->id) {
|
|
return false;
|
|
}
|
|
|
|
return $this->canManageOrganisation($user, $organisation);
|
|
}
|
|
|
|
private function canManageOrganisation(User $user, Organisation $organisation): bool
|
|
{
|
|
if ($user->hasRole('super_admin')) {
|
|
return true;
|
|
}
|
|
|
|
return $organisation->users()
|
|
->where('user_id', $user->id)
|
|
->wherePivot('role', 'org_admin')
|
|
->exists();
|
|
}
|
|
}
|