ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
45f1e6b06e
TenantAtlas/app/Policies/ProviderConnectionPolicy.php

156 lines
4.3 KiB
PHP
Raw Blame History

<?php
namespace App\Policies;
use App\Models\ProviderConnection;
use App\Models\Tenant;
use App\Models\User;
use App\Models\Workspace;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Auth\Access\Response;
use Illuminate\Support\Facades\Gate;
class ProviderConnectionPolicy
{
use HandlesAuthorization;
public function viewAny(User $user): bool
{
$workspace = $this->currentWorkspace();
if (! $workspace instanceof Workspace) {
return false;
}
$tenant = $this->currentTenant();
return $tenant instanceof Tenant
&& (int) $tenant->workspace_id === (int) $workspace->getKey()
&& Gate::forUser($user)->allows('provider.view', $tenant);
}
public function view(User $user, ProviderConnection $connection): Response|bool
{
$workspace = $this->currentWorkspace();
if (! $workspace instanceof Workspace) {
return Response::denyAsNotFound();
}
$tenant = $this->currentTenant();
if (! $tenant instanceof Tenant || (int) $tenant->workspace_id !== (int) $workspace->getKey()) {
return Response::denyAsNotFound();
}
if (! Gate::forUser($user)->allows('provider.view', $tenant)) {
return false;
}
if ((int) $connection->tenant_id !== (int) $tenant->getKey()) {
return Response::denyAsNotFound();
}
if ((int) $connection->workspace_id !== (int) $workspace->getKey()) {
return Response::denyAsNotFound();
}
return true;
}
public function create(User $user): bool
{
$workspace = $this->currentWorkspace();
if (! $workspace instanceof Workspace) {
return false;
}
$tenant = $this->currentTenant();
return $tenant instanceof Tenant
&& (int) $tenant->workspace_id === (int) $workspace->getKey()
&& Gate::forUser($user)->allows('provider.manage', $tenant);
}
public function update(User $user, ProviderConnection $connection): Response|bool
{
$workspace = $this->currentWorkspace();
if (! $workspace instanceof Workspace) {
return Response::denyAsNotFound();
}
$tenant = $this->currentTenant();
if (! $tenant instanceof Tenant || (int) $tenant->workspace_id !== (int) $workspace->getKey()) {
return Response::denyAsNotFound();
}
if (! Gate::forUser($user)->allows('provider.view', $tenant)) {
return false;
}
if ((int) $connection->tenant_id !== (int) $tenant->getKey()) {
return Response::denyAsNotFound();
}
if ((int) $connection->workspace_id !== (int) $workspace->getKey()) {
return Response::denyAsNotFound();
}
return true;
}
public function delete(User $user, ProviderConnection $connection): Response|bool
{
$workspace = $this->currentWorkspace();
if (! $workspace instanceof Workspace) {
return Response::denyAsNotFound();
}
$tenant = $this->currentTenant();
if (! $tenant instanceof Tenant || (int) $tenant->workspace_id !== (int) $workspace->getKey()) {
return Response::denyAsNotFound();
}
if (! Gate::forUser($user)->allows('provider.manage', $tenant)) {
return false;
}
if ((int) $connection->tenant_id !== (int) $tenant->getKey()) {
return Response::denyAsNotFound();
}
if ((int) $connection->workspace_id !== (int) $workspace->getKey()) {
return Response::denyAsNotFound();
}
return false;
}
private function currentWorkspace(): ?Workspace
{
$workspaceId = app(WorkspaceContext::class)->currentWorkspaceId(request());
return is_int($workspaceId)
? Workspace::query()->whereKey($workspaceId)->first()
: null;
}
private function currentTenant(): ?Tenant
{
$tenant = request()->route('tenant');
if ($tenant instanceof Tenant) {
return $tenant;
}
if (is_string($tenant) && $tenant !== '') {
return Tenant::query()
->where('external_id', $tenant)
->first();
}
return Tenant::current();
}
}
Reference in New Issue View Git Blame Copy Permalink