wip #3753 @0.75

diff --git a/src/app/Magic/Models/CubistMagicAbstractModel.php b/src/app/Magic/Models/CubistMagicAbstractModel.php
index 5b62a758f831ad99a975c93635c66ebd09ed3172..a404571ec1ccad9f0e4277894fef444534b6e812 100644 (file)
--- a/src/app/Magic/Models/CubistMagicAbstractModel.php
+++ b/src/app/Magic/Models/CubistMagicAbstractModel.php
@@ -17,6 +17,7 @@ use Cubist\Backpack\app\Magic\Controllers\CubistMagicController;
 use Cubist\Backpack\app\Magic\EntityData;
 use Cubist\Backpack\app\Magic\Fields\Field;
 use Cubist\Backpack\app\Magic\PageData;
+use Cubist\Backpack\app\Magic\Policies\CubistMagicPermissivePolicy;
 use Cubist\Backpack\app\Magic\QueryBuilder;
 use Cubist\Backpack\app\Magic\Requests\CubistMagicUpdateRequest;
 use Cubist\Backpack\app\Magic\Util;
@@ -50,6 +51,7 @@ class CubistMagicAbstractModel extends Model implements HasMedia
     protected $_operations = [];
     public $timestamps = true;
 
+    protected $_policy = null;
     protected $_enableClone = true;
     protected $_enableDeletion = true;
     protected $_enableEdition = true;
@@ -671,19 +673,24 @@ class CubistMagicAbstractModel extends Model implements HasMedia
         Cache::tags($tags)->flush();
     }
 
-    public function canView(CubistMagicAuthenticatable $user)
+    public function isOwner(CubistMagicAuthenticatable $user)
     {
         return true;
     }
 
+    public function canView(CubistMagicAuthenticatable $user)
+    {
+        return $this->isOwner($user);
+    }
+
     public function canUpdate(CubistMagicAuthenticatable $user)
     {
-        return true;
+        return $this->isOwner($user);
     }
 
     public function canDelete(CubistMagicAuthenticatable $user)
     {
-        return true;
+        return $this->isOwner($user);
     }
 
     public function canForceDelete(CubistMagicAuthenticatable $user)
@@ -695,4 +702,9 @@ class CubistMagicAbstractModel extends Model implements HasMedia
     {
         return $this->canUpdate($user);
     }
+
+    public function getPolicyClass()
+    {
+        return $this->_policy;
+    }
 }

diff --git a/src/app/Providers/AuthServiceProvider.php b/src/app/Providers/AuthServiceProvider.php
index c6cd9388c818c1953e57a10c3a568bb96a3db1ce..d8ee1a82ec5ae622e439a12e4b67b2e5c5e95c67 100644 (file)
--- a/src/app/Providers/AuthServiceProvider.php
+++ b/src/app/Providers/AuthServiceProvider.php
@@ -3,9 +3,38 @@
 
 namespace Cubist\Backpack\app\Providers;
 
+use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel;
+use Cubist\Backpack\app\Magic\Policies\CubistMagicPermissivePolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
+use Illuminate\Support\Facades\Gate;
 
 class AuthServiceProvider extends ServiceProvider
 {
+    protected $_defaultPolicy = CubistMagicPermissivePolicy::class;
+    /**
+     * The policy mappings for the application.
+     *
+     * @var array
+     */
+    protected $policies = [];
 
+    /**
+     * Register any authentication / authorization services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        $this->registerPolicies();
+        Gate::guessPolicyNamesUsing(function ($modelClass) {
+            $i = new $modelClass;
+            if ($i instanceof CubistMagicAbstractModel) {
+                $policy = $i->getPolicyClass();
+                if (null !== $policy) {
+                    return $policy;
+                }
+                return $this->_defaultPolicy;
+            }
+        });
+    }
 }