ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
084-verification-surfaces-unification
TenantAtlas/app/Policies/OperationRunPolicy.php

62 lines
1.5 KiB
PHP
Raw Permalink Blame History

<?php
namespace App\Policies;
use App\Models\OperationRun;
use App\Models\User;
use App\Models\WorkspaceMembership;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Auth\Access\Response;
class OperationRunPolicy
{
use HandlesAuthorization;
public function viewAny(User $user): bool
{
$workspaceId = app(WorkspaceContext::class)->currentWorkspaceId();
if ($workspaceId === null) {
return false;
}
return WorkspaceMembership::query()
->where('workspace_id', (int) $workspaceId)
->where('user_id', (int) $user->getKey())
->exists();
}
public function view(User $user, OperationRun $run): Response|bool
{
$workspaceId = (int) ($run->workspace_id ?? 0);
if ($workspaceId <= 0) {
return Response::denyAsNotFound();
}
$isMember = WorkspaceMembership::query()
->where('workspace_id', $workspaceId)
->where('user_id', (int) $user->getKey())
->exists();
if (! $isMember) {
return Response::denyAsNotFound();
}
$tenantId = (int) ($run->tenant_id ?? 0);
if ($tenantId > 0) {
$hasTenantEntitlement = $user->tenantMemberships()
->where('tenant_id', $tenantId)
->exists();
if (! $hasTenantEntitlement) {
return Response::denyAsNotFound();
}
}
return true;
}
}
Reference in New Issue View Git Blame Copy Permalink