From: Vincent Vanwaelscappel <vincent@cubedesigners.com>
Date: Fri, 27 Nov 2020 16:49:22 +0000 (+0100)
Subject: wip #3753 @0.5
X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=aa29f3839dd77629ef08288349dbc32603fd064d;p=fluidbook-toolbox.git

wip #3753 @0.5
---

diff --git a/app/Models/Quiz.php b/app/Models/Quiz.php
index 411d7adbd..e3b5f35b5 100644
--- a/app/Models/Quiz.php
+++ b/app/Models/Quiz.php
@@ -6,7 +6,6 @@ namespace App\Models;
 use App\Http\Controllers\Admin\Base\QuizController;
 use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel;
 use Cubist\Util\Files\Files;
-use Cubist\Util\Zip;
 use Spatie\MediaLibrary\MediaCollections\Models\Media;
 use Spatie\Image\Manipulations;
 use App\Fields\User;
diff --git a/app/Policies/FluidbookQuotePolicy.php b/app/Policies/FluidbookQuotePolicy.php
new file mode 100644
index 000000000..f11313d01
--- /dev/null
+++ b/app/Policies/FluidbookQuotePolicy.php
@@ -0,0 +1,97 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\FluidbookQuote;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class FluidbookQuotePolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Determine whether the user can view any models.
+     *
+     * @param User $user
+     * @return mixed
+     */
+    public function viewAny(User $user)
+    {
+        return $user->hasPermissionTo('fluidbook:quote:admin');
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     *
+     * @param User $user
+     * @param FluidbookQuote $fluidbookQuote
+     * @return mixed
+     */
+    public function view(User $user, FluidbookQuote $fluidbookQuote)
+    {
+        if ($this->viewAny($user)) {
+            return true;
+        }
+        return $user->getKey() == $fluidbookQuote->reseller;
+    }
+
+    /**
+     * Determine whether the user can create models.
+     *
+     * @param User $user
+     * @return mixed
+     */
+    public function create(User $user)
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     *
+     * @param User $user
+     * @param FluidbookQuote $fluidbookQuote
+     * @return mixed
+     */
+    public function update(User $user, FluidbookQuote $fluidbookQuote)
+    {
+        return $this->view($user, $fluidbookQuote);
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     *
+     * @param User $user
+     * @param FluidbookQuote $fluidbookQuote
+     * @return mixed
+     */
+    public function delete(User $user, FluidbookQuote $fluidbookQuote)
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can restore the model.
+     *
+     * @param User $user
+     * @param FluidbookQuote $fluidbookQuote
+     * @return mixed
+     */
+    public function restore(User $user, FluidbookQuote $fluidbookQuote)
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can permanently delete the model.
+     *
+     * @param User $user
+     * @param FluidbookQuote $fluidbookQuote
+     * @return mixed
+     */
+    public function forceDelete(User $user, FluidbookQuote $fluidbookQuote)
+    {
+        return false;
+    }
+}
diff --git a/app/Policies/QuizPolicy.php b/app/Policies/QuizPolicy.php
index e37b60982..0903a2749 100644
--- a/app/Policies/QuizPolicy.php
+++ b/app/Policies/QuizPolicy.php
@@ -2,8 +2,8 @@
 
 namespace App\Policies;
 
-use App\Quiz;
-use App\User;
+use App\Models\Quiz;
+use App\Models\User;
 use Illuminate\Auth\Access\HandlesAuthorization;
 
 class QuizPolicy
@@ -13,7 +13,7 @@ class QuizPolicy
     /**
      * Determine whether the user can view any quizzes.
      *
-     * @param \App\User $user
+     * @param User $user
      * @return mixed
      */
     public function viewAny(User $user)
@@ -24,8 +24,8 @@ class QuizPolicy
     /**
      * Determine whether the user can view the quiz.
      *
-     * @param \App\User $user
-     * @param \App\Quiz $quiz
+     * @param User $user
+     * @param Quiz $quiz
      * @return mixed
      */
     public function view(User $user, Quiz $quiz)
@@ -39,7 +39,7 @@ class QuizPolicy
     /**
      * Determine whether the user can create quizzes.
      *
-     * @param \App\User $user
+     * @param User $user
      * @return mixed
      */
     public function create(User $user)
@@ -50,8 +50,8 @@ class QuizPolicy
     /**
      * Determine whether the user can update the quiz.
      *
-     * @param \App\User $user
-     * @param \App\Quiz $quiz
+     * @param User $user
+     * @param Quiz $quiz
      * @return mixed
      */
     public function update(User $user, Quiz $quiz)
@@ -62,8 +62,8 @@ class QuizPolicy
     /**
      * Determine whether the user can delete the quiz.
      *
-     * @param \App\User $user
-     * @param \App\Quiz $quiz
+     * @param User $user
+     * @param Quiz $quiz
      * @return mixed
      */
     public function delete(User $user, Quiz $quiz)
@@ -74,8 +74,8 @@ class QuizPolicy
     /**
      * Determine whether the user can restore the quiz.
      *
-     * @param \App\User $user
-     * @param \App\Quiz $quiz
+     * @param User $user
+     * @param Quiz $quiz
      * @return mixed
      */
     public function restore(User $user, Quiz $quiz)
@@ -86,8 +86,8 @@ class QuizPolicy
     /**
      * Determine whether the user can permanently delete the quiz.
      *
-     * @param \App\User $user
-     * @param \App\Quiz $quiz
+     * @param User $user
+     * @param Quiz $quiz
      * @return mixed
      */
     public function forceDelete(User $user, Quiz $quiz)
diff --git a/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php b/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php
index 5df30c6fd..da9b51691 100644
--- a/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php
+++ b/resources/views/vendor/backpack/base/inc/sidebar_content.blade.php
@@ -19,17 +19,21 @@
     </li>
 @endcanany
 
-@can('fluidbook:admin')
+@canany(['fluidbook:admin','fluidbook:quote'])
     <li class='nav-item nav-dropdown open'><a class='nav-link nav-dropdown-toggle' href='#'><i
                 class="nav-icon la"><img src="/images/icons/icon-fluidbook.svg"/></i>Fluidbook</a>
         <ul class='nav-dropdown-items'>
-            <li class="nav-item"><a class="nav-link" href="{{ backpack_url('signature') }}"><i
-                        class="la la-signature nav-icon"></i> Signatures</a></li>
-            <li class="nav-item"><a class="nav-link" href="{{ backpack_url('fluidbook-quote') }}"><i
-                        class="la la-wpforms nav-icon"></i> Demandes de devis</a></li>
+            @can('fluidbook:admin')
+                <li class="nav-item"><a class="nav-link" href="{{ backpack_url('signature') }}"><i
+                            class="la la-signature nav-icon"></i> Signatures</a></li>
+            @endcan
+            @can('fluidbook:quote')
+                <li class="nav-item"><a class="nav-link" href="{{ backpack_url('fluidbook-quote') }}"><i
+                            class="la la-wpforms nav-icon"></i> Demandes de devis</a></li>
+            @endcan
         </ul>
     </li>
-@endcan
+@endcanany
 
 
 @can('toolbox:maintenance')