$this->_seenFieldTypes[$type] = true;
return true;
}
-
- public function addOwnerClause($user)
- {
- if (!$this->model instanceof CubistMagicAbstractModel) {
- return;
- }
- if ($this->model->canAdmin($user)) {
- return;
- }
- $this->model->addOwnerClause($this,$user);
- }
-
- public function hasAccess($operation)
- {
- // First filter with standard backpack gate
- if (!parent::hasAccess($operation)) {
- return false;
- }
-
- // Then, apply model rules
- if ($this->model instanceof CubistMagicAbstractModel) {
- $funcMap = ['list' => 'canList',
- 'create' => 'canCreate',
- 'update' => 'canUpdate',
- 'delete' => 'canDelete',
- 'revisions' => 'canUpdate',
- 'revise' => 'canUpdate',
- 'bulkClone' => 'canCreate',
- 'clone' => 'canCreate',
- 'bulkDelete' => 'canDelete',
- ];
-
- if (isset($funcMap[$operation])) {
- $func = $funcMap[$operation];
- } else {
- $func = 'can' . ucfirst($operation);
- }
- $model = $this->entry ?? $this->model;
- if (is_callable([$model, $func])) {
- $res = $model->$func(backpack_user());
- } else {
- $res = true;
- }
- return $res;
- }
-
- return true;
- }
-
- public function hasAccessOrFail($operation)
- {
- if (!$this->hasAccess($operation)) {
- throw new AccessDeniedException(trans('backpack::crud.unauthorized_access', ['access' => $operation]));
- }
-
-
- return true;
- }
-
- public function hasAccessToAll($operation_array)
- {
- foreach ((array)$operation_array as $key => $operation) {
- if (!$this->hasAccess($operation)) {
- return false;
- }
- }
-
- return true;
- }
-
- public function hasAccessToAny($operation_array)
- {
- foreach ((array)$operation_array as $key => $operation) {
- if ($this->hasAccess($operation) == true) {
- return true;
- }
- }
-
- return false;
- }
}
protected $_enableCreation = true;
protected $_enableRevisions = true;
protected $_enableBulk = true;
- protected $_ownerAttribute = 'owner';
+ protected static $_ownerAttribute = 'owner';
protected $_syncDbSchema = true;
public static function boot()
{
parent::boot();
+
+ static::addGlobalScope('userfilter', function (Builder $builder) {
+ static::addOwnerClause($builder);
+ });
+ }
+
+ public static function addOwnerClause(Builder $builder)
+ {
+ $builder->where(static::$_ownerAttribute, backpack_user()->id);
}
public function __construct(array $attributes = [])
*/
public function isOwner($user)
{
+ if (null === $this->id) {
+ return true;
+ }
+
return null !== $user && ($this->canAdmin($user) || $this->getAttribute($this->_ownerAttribute) === $user->id);
}
/**
- * @param $crud CubistCrudPanel
* @param $user CubistMagicAuthenticatable
+ * @return bool
*/
- public function addOwnerClause($crud, $user)
+ public function canList($user)
{
- $crud->addClause('where', $this->_ownerAttribute, $user->id);
+ return null !== $user && ($this->canAdmin($user) || $this->_can('read', $user));
}
/**
* @param $user CubistMagicAuthenticatable
* @return bool
*/
- public function canList($user)
+ public function canShow($user)
{
- return null !== $user && ($this->canAdmin($user) || $this->_can('read', $user));
+ return $this->canList($user);
}
/**
projects / cubist_cms-back.git / commitdiff