klevze/SkinbaseNova
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f04854bb8ddd27b2920dcdf9c7b8d63d245d03d9
SkinbaseNova/app/Policies/ArtworkPolicy.php
Gregor Klevze 0a4372c40d Current state
2026-02-07 08:23:18 +01:00

91 lines
2.0 KiB
PHP
Raw Blame History

<?php
namespace App\Policies;
use App\Models\Artwork;
use App\Models\User;
class ArtworkPolicy
{
/**
* Global before hook: admins can do everything.
* Accepts null $user to allow public checks to continue.
*/
public function before($user, $ability)
{
if (! $user) {
return null;
}
if ($this->isAdmin($user)) {
return true;
}
return null;
}
protected function isAdmin(User $user): bool
{
if (isset($user->is_admin)) {
return (bool) $user->is_admin;
}
if (method_exists($user, 'isAdmin')) {
return (bool) $user->isAdmin();
}
if (method_exists($user, 'hasRole')) {
return (bool) $user->hasRole('admin');
}
return false;
}
/**
* Public view: only approved + public + not-deleted artworks.
*/
public function view(?User $user, Artwork $artwork): bool
{
return $artwork->is_public && $artwork->is_approved && ! $artwork->trashed();
}
/**
* Any authenticated user can create artworks.
*/
public function create(?User $user): bool
{
return (bool) $user;
}
/**
* Owner can update their own artwork.
*/
public function update(User $user, Artwork $artwork): bool
{
return $user->id === $artwork->user_id;
}
/**
* Owner can delete their own artwork (soft delete).
*/
public function delete(User $user, Artwork $artwork): bool
{
return $user->id === $artwork->user_id;
}
/**
* Restore: owner or admin can restore soft-deleted artwork.
*/
public function restore(User $user, Artwork $artwork): bool
{
return $user->id === $artwork->user_id || $this->isAdmin($user);
}
/**
* Force delete reserved for admins only.
*/
public function forceDelete(User $user, Artwork $artwork): bool
{
return $this->isAdmin($user);
}
}
Reference in New Issue View Git Blame Copy Permalink