From 6e71a8194f1421cd5938836ee073856fbd83ca28 Mon Sep 17 00:00:00 2001
From: Vincent Vanwaelscappel <vincent@cubedesigners.com>
Date: Mon, 30 Nov 2020 18:45:58 +0100
Subject: [PATCH] wip #3753 @0.75

---
 .../Magic/Models/CubistMagicAbstractModel.php | 18 ++++++++++--
 src/app/Providers/AuthServiceProvider.php     | 29 +++++++++++++++++++
 2 files changed, 44 insertions(+), 3 deletions(-)

diff --git a/src/app/Magic/Models/CubistMagicAbstractModel.php b/src/app/Magic/Models/CubistMagicAbstractModel.php
index 5b62a75..a404571 100644
--- a/src/app/Magic/Models/CubistMagicAbstractModel.php
+++ b/src/app/Magic/Models/CubistMagicAbstractModel.php
@@ -17,6 +17,7 @@ use Cubist\Backpack\app\Magic\Controllers\CubistMagicController;
 use Cubist\Backpack\app\Magic\EntityData;
 use Cubist\Backpack\app\Magic\Fields\Field;
 use Cubist\Backpack\app\Magic\PageData;
+use Cubist\Backpack\app\Magic\Policies\CubistMagicPermissivePolicy;
 use Cubist\Backpack\app\Magic\QueryBuilder;
 use Cubist\Backpack\app\Magic\Requests\CubistMagicUpdateRequest;
 use Cubist\Backpack\app\Magic\Util;
@@ -50,6 +51,7 @@ class CubistMagicAbstractModel extends Model implements HasMedia
     protected $_operations = [];
     public $timestamps = true;
 
+    protected $_policy = null;
     protected $_enableClone = true;
     protected $_enableDeletion = true;
     protected $_enableEdition = true;
@@ -671,19 +673,24 @@ class CubistMagicAbstractModel extends Model implements HasMedia
         Cache::tags($tags)->flush();
     }
 
-    public function canView(CubistMagicAuthenticatable $user)
+    public function isOwner(CubistMagicAuthenticatable $user)
     {
         return true;
     }
 
+    public function canView(CubistMagicAuthenticatable $user)
+    {
+        return $this->isOwner($user);
+    }
+
     public function canUpdate(CubistMagicAuthenticatable $user)
     {
-        return true;
+        return $this->isOwner($user);
     }
 
     public function canDelete(CubistMagicAuthenticatable $user)
     {
-        return true;
+        return $this->isOwner($user);
     }
 
     public function canForceDelete(CubistMagicAuthenticatable $user)
@@ -695,4 +702,9 @@ class CubistMagicAbstractModel extends Model implements HasMedia
     {
         return $this->canUpdate($user);
     }
+
+    public function getPolicyClass()
+    {
+        return $this->_policy;
+    }
 }
diff --git a/src/app/Providers/AuthServiceProvider.php b/src/app/Providers/AuthServiceProvider.php
index c6cd938..d8ee1a8 100644
--- a/src/app/Providers/AuthServiceProvider.php
+++ b/src/app/Providers/AuthServiceProvider.php
@@ -3,9 +3,38 @@
 
 namespace Cubist\Backpack\app\Providers;
 
+use Cubist\Backpack\app\Magic\Models\CubistMagicAbstractModel;
+use Cubist\Backpack\app\Magic\Policies\CubistMagicPermissivePolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
+use Illuminate\Support\Facades\Gate;
 
 class AuthServiceProvider extends ServiceProvider
 {
+    protected $_defaultPolicy = CubistMagicPermissivePolicy::class;
+    /**
+     * The policy mappings for the application.
+     *
+     * @var array
+     */
+    protected $policies = [];
 
+    /**
+     * Register any authentication / authorization services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        $this->registerPolicies();
+        Gate::guessPolicyNamesUsing(function ($modelClass) {
+            $i = new $modelClass;
+            if ($i instanceof CubistMagicAbstractModel) {
+                $policy = $i->getPolicyClass();
+                if (null !== $policy) {
+                    return $policy;
+                }
+                return $this->_defaultPolicy;
+            }
+        });
+    }
 }
-- 
2.39.5