currentWorkspace(); if (! $workspace instanceof Workspace) { return false; } $tenant = $this->currentTenant(); return $tenant instanceof Tenant && (int) $tenant->workspace_id === (int) $workspace->getKey() && Gate::forUser($user)->allows('provider.view', $tenant); } public function view(User $user, ProviderConnection $connection): Response|bool { $workspace = $this->currentWorkspace(); if (! $workspace instanceof Workspace) { return Response::denyAsNotFound(); } $tenant = $this->currentTenant(); if (! $tenant instanceof Tenant || (int) $tenant->workspace_id !== (int) $workspace->getKey()) { return Response::denyAsNotFound(); } if (! Gate::forUser($user)->allows('provider.view', $tenant)) { return false; } if ((int) $connection->tenant_id !== (int) $tenant->getKey()) { return Response::denyAsNotFound(); } if ((int) $connection->workspace_id !== (int) $workspace->getKey()) { return Response::denyAsNotFound(); } return true; } public function create(User $user): bool { $workspace = $this->currentWorkspace(); if (! $workspace instanceof Workspace) { return false; } $tenant = $this->currentTenant(); return $tenant instanceof Tenant && (int) $tenant->workspace_id === (int) $workspace->getKey() && Gate::forUser($user)->allows('provider.manage', $tenant); } public function update(User $user, ProviderConnection $connection): Response|bool { $workspace = $this->currentWorkspace(); if (! $workspace instanceof Workspace) { return Response::denyAsNotFound(); } $tenant = $this->currentTenant(); if (! $tenant instanceof Tenant || (int) $tenant->workspace_id !== (int) $workspace->getKey()) { return Response::denyAsNotFound(); } if (! Gate::forUser($user)->allows('provider.view', $tenant)) { return false; } if ((int) $connection->tenant_id !== (int) $tenant->getKey()) { return Response::denyAsNotFound(); } if ((int) $connection->workspace_id !== (int) $workspace->getKey()) { return Response::denyAsNotFound(); } return true; } public function delete(User $user, ProviderConnection $connection): Response|bool { $workspace = $this->currentWorkspace(); if (! $workspace instanceof Workspace) { return Response::denyAsNotFound(); } $tenant = $this->currentTenant(); if (! $tenant instanceof Tenant || (int) $tenant->workspace_id !== (int) $workspace->getKey()) { return Response::denyAsNotFound(); } if (! Gate::forUser($user)->allows('provider.manage', $tenant)) { return false; } if ((int) $connection->tenant_id !== (int) $tenant->getKey()) { return Response::denyAsNotFound(); } if ((int) $connection->workspace_id !== (int) $workspace->getKey()) { return Response::denyAsNotFound(); } return false; } private function currentWorkspace(): ?Workspace { $workspaceId = app(WorkspaceContext::class)->currentWorkspaceId(request()); return is_int($workspaceId) ? Workspace::query()->whereKey($workspaceId)->first() : null; } private function currentTenant(): ?Tenant { $tenant = request()->route('tenant'); if ($tenant instanceof Tenant) { return $tenant; } if (is_string($tenant) && $tenant !== '') { return Tenant::query() ->where('external_id', $tenant) ->first(); } return Tenant::current(); } }