wip #3753 @2

author Vincent Vanwaelscappel <vincent@cubedesigners.com>

Mon, 30 Nov 2020 16:38:12 +0000 (17:38 +0100)

committer Vincent Vanwaelscappel <vincent@cubedesigners.com>

Mon, 30 Nov 2020 16:38:12 +0000 (17:38 +0100)
author Vincent Vanwaelscappel <vincent@cubedesigners.com>
Mon, 30 Nov 2020 16:38:12 +0000 (17:38 +0100)
committer Vincent Vanwaelscappel <vincent@cubedesigners.com>
Mon, 30 Nov 2020 16:38:12 +0000 (17:38 +0100)
diff --git a/src/app/Http/Controllers/CubistCrudController.php b/src/app/Http/Controllers/CubistCrudController.php

index 7855d9163c4855eb350b892ce4b61107af7ef91e..ba1165bc3c27230ec26419d93b4d0b306599991c 100644 (file)
--- a/src/app/Http/Controllers/CubistCrudController.php
+++ b/src/app/Http/Controllers/CubistCrudController.php
@@ -15,9 +15,11 @@ use Backpack\CRUD\app\Http\Controllers\Operations\DeleteOperation;
  use Backpack\CRUD\app\Http\Controllers\Operations\ListOperation;
  use Backpack\CRUD\app\Http\Controllers\Operations\UpdateOperation;
  use Cubist\Backpack\app\Http\Controllers\Operations\MediaOperation;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
  
  class CubistCrudController extends CrudController
  {
      use ListOperation;
      use MediaOperation;
+    use AuthorizesRequests;
  }
diff --git a/src/app/Magic/Models/CubistMagicAbstractModel.php b/src/app/Magic/Models/CubistMagicAbstractModel.php

index a5e4dc93e07f5eba52aa19cc6a21855e4e0841b9..5b62a758f831ad99a975c93635c66ebd09ed3172 100644 (file)
--- a/src/app/Magic/Models/CubistMagicAbstractModel.php
+++ b/src/app/Magic/Models/CubistMagicAbstractModel.php
@@ -670,4 +670,29 @@ class CubistMagicAbstractModel extends Model implements HasMedia
          }
          Cache::tags($tags)->flush();
      }
+
+    public function canView(CubistMagicAuthenticatable $user)
+    {
+        return true;
+    }
+
+    public function canUpdate(CubistMagicAuthenticatable $user)
+    {
+        return true;
+    }
+
+    public function canDelete(CubistMagicAuthenticatable $user)
+    {
+        return true;
+    }
+
+    public function canForceDelete(CubistMagicAuthenticatable $user)
+    {
+        return $this->canDelete($user);
+    }
+
+    public function canRestore(CubistMagicAuthenticatable $user)
+    {
+        return $this->canUpdate($user);
+    }
  }
diff --git a/src/app/Magic/Policies/CubistMagicPermissivePolicy.php b/src/app/Magic/Policies/CubistMagicPermissivePolicy.php

new file mode 100644 (file)

index 0000000..3de0051
--- /dev/null
+++ b/src/app/Magic/Policies/CubistMagicPermissivePolicy.php
@@ -0,0 +1,10 @@
+<?php
+
+
+namespace Cubist\Backpack\app\Magic\Policies;
+
+
+class CubistMagicPermissivePolicy extends CubistMagicPolicy
+{
+    public $allowAll = true;
+}
diff --git a/src/app/Magic/Policies/CubistMagicPolicy.php b/src/app/Magic/Policies/CubistMagicPolicy.php

new file mode 100644 (file)

index 0000000..0b36d93
--- /dev/null
+++ b/src/app/Magic/Policies/CubistMagicPolicy.php
@@ -0,0 +1,127 @@
+<?php
+
+
+namespace Cubist\Backpack\app\Magic\Policies;
+
+use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel;
+use Cubist\Backpack\app\Magic\Models\CubistMagicAuthenticatable;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class CubistMagicPolicy
+{
+    use HandlesAuthorization;
+
+    public $permissionBase = '';
+    public $allowAll = false;
+
+    /**
+     * Determine whether the user can view any quizzes.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @return mixed
+     */
+    public function viewAny(CubistMagicAuthenticatable $user)
+    {
+        return $this->allowAll || $user->hasPermissionTo($this->permissionBase . ':admin');
+    }
+
+    public function viewList(CubistMagicAuthenticatable $user)
+    {
+        return $this->allowAll || $this->viewAny($user) || $user->hasPermissionTo($this->permissionBase . ':list');
+    }
+
+    /**
+     * Determine whether the user can view the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function view(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        if ($this->viewAny($user)) {
+            return true;
+        }
+        return $model->canView($user);
+    }
+
+    /**
+     * Determine whether the user can create quizzes.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @return mixed
+     */
+    public function create(CubistMagicAuthenticatable $user)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        if ($this->viewAny($user)) {
+            return true;
+        }
+        $user->hasPermissionTo($this->permissionBase . ':create');
+    }
+
+    /**
+     * Determine whether the user can update the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function update(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canUpdate($user);
+    }
+
+    /**
+     * Determine whether the user can delete the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function delete(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canDelete($user);
+    }
+
+    /**
+     * Determine whether the user can restore the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function restore(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canRestore($user);
+    }
+
+    /**
+     * Determine whether the user can permanently delete the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function forceDelete(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canForceDelete($user);
+    }
+}
diff --git a/src/app/Providers/AuthServiceProvider.php b/src/app/Providers/AuthServiceProvider.php

new file mode 100644 (file)

index 0000000..c6cd938
--- /dev/null
+++ b/src/app/Providers/AuthServiceProvider.php
@@ -0,0 +1,11 @@
+<?php
+
+
+namespace Cubist\Backpack\app\Providers;
+
+use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
+
+class AuthServiceProvider extends ServiceProvider
+{
+
+}
author	Vincent Vanwaelscappel <vincent@cubedesigners.com>
	Mon, 30 Nov 2020 16:38:12 +0000 (17:38 +0100)
committer	Vincent Vanwaelscappel <vincent@cubedesigners.com>
	Mon, 30 Nov 2020 16:38:12 +0000 (17:38 +0100)
src/app/Http/Controllers/CubistCrudController.php		patch \| blob \| history
src/app/Magic/Models/CubistMagicAbstractModel.php		patch \| blob \| history
src/app/Magic/Policies/CubistMagicPermissivePolicy.php	[new file with mode: 0644]	patch \| blob
src/app/Magic/Policies/CubistMagicPolicy.php	[new file with mode: 0644]	patch \| blob
src/app/Providers/AuthServiceProvider.php	[new file with mode: 0644]	patch \| blob