2016-04-25 21:53:39 -04:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Policies;
|
|
|
|
|
|
2016-07-03 18:11:58 +02:00
|
|
|
use App\Models\User;
|
|
|
|
|
|
|
|
|
|
/**
|
2017-01-30 21:40:43 +02:00
|
|
|
* Class DocumentPolicy.
|
2016-07-03 18:11:58 +02:00
|
|
|
*/
|
|
|
|
|
class DocumentPolicy extends EntityPolicy
|
|
|
|
|
{
|
|
|
|
|
/**
|
2017-01-30 21:49:42 +02:00
|
|
|
* @param User $user
|
|
|
|
|
* @param mixed $item
|
2017-01-30 21:40:43 +02:00
|
|
|
*
|
2016-07-03 18:11:58 +02:00
|
|
|
* @return bool
|
|
|
|
|
*/
|
2016-10-28 09:42:49 +03:00
|
|
|
public static function create(User $user, $item)
|
2016-07-03 18:11:58 +02:00
|
|
|
{
|
2017-01-30 21:40:43 +02:00
|
|
|
return ! empty($user);
|
2016-04-25 21:53:39 -04:00
|
|
|
}
|
2016-07-03 18:11:58 +02:00
|
|
|
|
|
|
|
|
/**
|
2017-01-30 21:40:43 +02:00
|
|
|
* @param User $user
|
2016-07-21 15:35:23 +03:00
|
|
|
* @param Document $document
|
2017-01-30 21:40:43 +02:00
|
|
|
*
|
2016-07-03 18:11:58 +02:00
|
|
|
* @return bool
|
|
|
|
|
*/
|
2016-07-21 15:35:23 +03:00
|
|
|
public static function view(User $user, $document)
|
2016-07-03 18:11:58 +02:00
|
|
|
{
|
|
|
|
|
if ($user->hasPermission('view_all')) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
if ($document->expense) {
|
|
|
|
|
if ($document->expense->invoice) {
|
|
|
|
|
return $user->can('view', $document->expense->invoice);
|
|
|
|
|
}
|
2017-01-30 21:40:43 +02:00
|
|
|
|
2016-07-03 18:11:58 +02:00
|
|
|
return $user->can('view', $document->expense);
|
|
|
|
|
}
|
|
|
|
|
if ($document->invoice) {
|
|
|
|
|
return $user->can('view', $document->invoice);
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-29 18:02:08 +03:00
|
|
|
return $user->owns($document);
|
2016-04-25 21:53:39 -04:00
|
|
|
}
|
2016-07-14 12:01:05 +03:00
|
|
|
}
|