From 4139b765aac2ea33810695c6551b66751233a164 Mon Sep 17 00:00:00 2001
From: Vincent Vanwaelscappel <vincent@cubedesigners.com>
Date: Mon, 30 Nov 2020 17:38:12 +0100
Subject: [PATCH] wip #3753 @2

---
 .../Http/Controllers/CubistCrudController.php |   2 +
 .../Magic/Models/CubistMagicAbstractModel.php |  25 ++++
 .../Policies/CubistMagicPermissivePolicy.php  |  10 ++
 src/app/Magic/Policies/CubistMagicPolicy.php  | 127 ++++++++++++++++++
 src/app/Providers/AuthServiceProvider.php     |  11 ++
 5 files changed, 175 insertions(+)
 create mode 100644 src/app/Magic/Policies/CubistMagicPermissivePolicy.php
 create mode 100644 src/app/Magic/Policies/CubistMagicPolicy.php
 create mode 100644 src/app/Providers/AuthServiceProvider.php

diff --git a/src/app/Http/Controllers/CubistCrudController.php b/src/app/Http/Controllers/CubistCrudController.php
index 7855d91..ba1165b 100644
--- a/src/app/Http/Controllers/CubistCrudController.php
+++ b/src/app/Http/Controllers/CubistCrudController.php
@@ -15,9 +15,11 @@ use Backpack\CRUD\app\Http\Controllers\Operations\DeleteOperation;
 use Backpack\CRUD\app\Http\Controllers\Operations\ListOperation;
 use Backpack\CRUD\app\Http\Controllers\Operations\UpdateOperation;
 use Cubist\Backpack\app\Http\Controllers\Operations\MediaOperation;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 
 class CubistCrudController extends CrudController
 {
     use ListOperation;
     use MediaOperation;
+    use AuthorizesRequests;
 }
diff --git a/src/app/Magic/Models/CubistMagicAbstractModel.php b/src/app/Magic/Models/CubistMagicAbstractModel.php
index a5e4dc9..5b62a75 100644
--- a/src/app/Magic/Models/CubistMagicAbstractModel.php
+++ b/src/app/Magic/Models/CubistMagicAbstractModel.php
@@ -670,4 +670,29 @@ class CubistMagicAbstractModel extends Model implements HasMedia
         }
         Cache::tags($tags)->flush();
     }
+
+    public function canView(CubistMagicAuthenticatable $user)
+    {
+        return true;
+    }
+
+    public function canUpdate(CubistMagicAuthenticatable $user)
+    {
+        return true;
+    }
+
+    public function canDelete(CubistMagicAuthenticatable $user)
+    {
+        return true;
+    }
+
+    public function canForceDelete(CubistMagicAuthenticatable $user)
+    {
+        return $this->canDelete($user);
+    }
+
+    public function canRestore(CubistMagicAuthenticatable $user)
+    {
+        return $this->canUpdate($user);
+    }
 }
diff --git a/src/app/Magic/Policies/CubistMagicPermissivePolicy.php b/src/app/Magic/Policies/CubistMagicPermissivePolicy.php
new file mode 100644
index 0000000..3de0051
--- /dev/null
+++ b/src/app/Magic/Policies/CubistMagicPermissivePolicy.php
@@ -0,0 +1,10 @@
+<?php
+
+
+namespace Cubist\Backpack\app\Magic\Policies;
+
+
+class CubistMagicPermissivePolicy extends CubistMagicPolicy
+{
+    public $allowAll = true;
+}
diff --git a/src/app/Magic/Policies/CubistMagicPolicy.php b/src/app/Magic/Policies/CubistMagicPolicy.php
new file mode 100644
index 0000000..0b36d93
--- /dev/null
+++ b/src/app/Magic/Policies/CubistMagicPolicy.php
@@ -0,0 +1,127 @@
+<?php
+
+
+namespace Cubist\Backpack\app\Magic\Policies;
+
+use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel;
+use Cubist\Backpack\app\Magic\Models\CubistMagicAuthenticatable;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class CubistMagicPolicy
+{
+    use HandlesAuthorization;
+
+    public $permissionBase = '';
+    public $allowAll = false;
+
+    /**
+     * Determine whether the user can view any quizzes.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @return mixed
+     */
+    public function viewAny(CubistMagicAuthenticatable $user)
+    {
+        return $this->allowAll || $user->hasPermissionTo($this->permissionBase . ':admin');
+    }
+
+    public function viewList(CubistMagicAuthenticatable $user)
+    {
+        return $this->allowAll || $this->viewAny($user) || $user->hasPermissionTo($this->permissionBase . ':list');
+    }
+
+    /**
+     * Determine whether the user can view the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function view(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        if ($this->viewAny($user)) {
+            return true;
+        }
+        return $model->canView($user);
+    }
+
+    /**
+     * Determine whether the user can create quizzes.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @return mixed
+     */
+    public function create(CubistMagicAuthenticatable $user)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        if ($this->viewAny($user)) {
+            return true;
+        }
+        $user->hasPermissionTo($this->permissionBase . ':create');
+    }
+
+    /**
+     * Determine whether the user can update the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function update(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canUpdate($user);
+    }
+
+    /**
+     * Determine whether the user can delete the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function delete(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canDelete($user);
+    }
+
+    /**
+     * Determine whether the user can restore the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function restore(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canRestore($user);
+    }
+
+    /**
+     * Determine whether the user can permanently delete the quiz.
+     *
+     * @param CubistMagicAuthenticatable $user
+     * @param CubistMagicAbstractModel $model
+     * @return mixed
+     */
+    public function forceDelete(CubistMagicAuthenticatable $user, CubistMagicAbstractModel $model)
+    {
+        if ($this->allowAll) {
+            return true;
+        }
+        return $model->canForceDelete($user);
+    }
+}
diff --git a/src/app/Providers/AuthServiceProvider.php b/src/app/Providers/AuthServiceProvider.php
new file mode 100644
index 0000000..c6cd938
--- /dev/null
+++ b/src/app/Providers/AuthServiceProvider.php
@@ -0,0 +1,11 @@
+<?php
+
+
+namespace Cubist\Backpack\app\Providers;
+
+use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
+
+class AuthServiceProvider extends ServiceProvider
+{
+
+}
-- 
2.39.5