JobPolicy::storeComment() - Code Metrics - GCTC-NTGC/TalentCloud - Measure and Improve Code Quality continuously with Scrutinizer

JobPolicy::storeComment() A
last analyzed 2022-08-11 13:57 UTC

↳ Parent: JobPolicy

Complexity

Conditions	1
Paths	1

Size

Total Lines	5
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
eloc	1
c	0
b	0
f	0
dl	0
loc	5
rs	10
ccs	0
cts	0
cp	0
cc	1
nc	1
nop	2
crap	2

<?php

namespace App\Policies;

use App\Models\User;
use App\Models\JobPoster;
use App\Policies\BasePolicy;
use Illuminate\Support\Facades\Log;

class JobPolicy extends BasePolicy
{

    /**
     * Determine whether the user can view the job poster.
     *
     * @param \App\Models\?User     $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function view(?User $user, JobPoster $jobPoster)
    {
        // Anyone can view a published job past the open date
        // Managers can always view jobs they created.
        // Hr Advisors can view all jobs in their department.
        return $jobPoster->isPublic() ||
            ($user &&
                $user->isManager() &&
                $jobPoster->manager->user_id == $user->id) ||
            ($user &&
                $user->isHrAdvisor() &&
                $user->department_id === $jobPoster->department_id &&
                $jobPoster->isVisibleToHr());
    }

    /**
     * Any user is permitted to request a list of jobs,
     * but only the jobs they are permitted to *view* should be returned.
     *
     * @param \App\Models\?User $user User object making the request.
     * @return boolean
     */
    public function viewAny(?User $user)
    {
        return true;
    }

    /**
     * Determine whether the user can create job posters.
     *
     * @param  \App\Models\User $user User to test against.
     * @return mixed
     */
    public function create(User $user)
    {
        // Any manager can create a new job poster.
        return $user->isManager();
    }

    /**
     * Determine whether the user can update the job poster.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function update(User $user, JobPoster $jobPoster)
    {
        // Only managers can edit jobs, and only their own, managers can't publish jobs or edit published jobs.
        return $user->isManager() &&
            $jobPoster->manager->user->id == $user->id &&
            $jobPoster->isEditable();
    }

    /**
     * Determine whether the user can delete the job poster.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     *
     * @return boolean
     */
    public function delete(User $user, JobPoster $jobPoster): bool
    {
        // Jobs can only be deleted when they're in the 'draft'
        // state, and only by managers that created them.
        return $user->isManager() &&
            $jobPoster->manager->user->id == $user->id &&
            $jobPoster->isEditable();
    }

    /**
     * Determine whether the user can review applications to the job poster.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function reviewApplicationsFor(User $user, JobPoster $jobPoster)
    {
        $user->loadMissing('user_role');
        $jobPoster->loadMissing('manager.user');
        // Managers can only review applications their own jobs.
        // HR Advisors can review applications for jobs they manage.
        $authManager = $user->isManager() && $jobPoster->manager->user->id == $user->id;
        $authHr = $user->isHrAdvisor() && $this->manage($user, $jobPoster);

        return $jobPoster->isPublic() && ($authManager || $authHr);
    }

    /**
     * Determine whether the user is a Manager or an HR Advisor with permission to manage this job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function manage(User $user, JobPoster $jobPoster)
    {
        return ($user->isManager() &&
            $jobPoster->manager->user->id == $user->id) ||
            ($user->isHrAdvisor()
                && $this->view($user, $jobPoster)
                && $user->hr_advisor->claimed_job_ids->contains($jobPoster->id));
    }

    /**
     * Determine whether the user can view the comments.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function viewComments(User $user, JobPoster $jobPoster): bool
    {
        // Only the manager that created the job can view the comment.
        // Only Hr advisors who have claimed a job can view the comments.
        return $this->manage($user, $jobPoster);
    }

    /**
     * Determine whether the user can create a comment
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function storeComment(User $user, JobPoster $jobPoster): bool
    {
        // Only the manager that created the job can view the comment.
        // Only Hr advisors who have claimed a job can view the comments.
        return $this->viewComments($user, $jobPoster);
    }

    /**
     * Determine whether the user can 'claim' this job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function claim(User $user, JobPoster $jobPoster): bool
    {
        return $user->isHrAdvisor() && $this->view($user, $jobPoster);
    }

    /**
     * Determine whether the user can 'unclaim' this job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function unClaim(User $user, JobPoster $jobPoster): bool
    {
        return $this->claim($user, $jobPoster);
    }

    /**
     * Determine whether the user can view assessment plan.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function viewAssessmentPlan(User $user, JobPoster $jobPoster): bool
    {
        return $user->isAdmin() ||
            $user->isManager() && $jobPoster->manager->user_id === $user->id ||
            $user->isHrAdvisor() && $jobPoster->hr_advisors->contains('user_id', $user->id);
    }

    /**
     * Determine whether the user can download CSV file of applicants who have applied to job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function downloadApplicants(User $user, JobPoster $jobPoster): bool
    {
        return $user->isAdmin() && $jobPoster->isPublic();
    }
}


1		<?php
2
3		namespace App\Policies;
4
5		use App\Models\User;
6		use App\Models\JobPoster;
7		use App\Policies\BasePolicy;
8		use Illuminate\Support\Facades\Log;
9
10		class JobPolicy extends BasePolicy
11		{
12
13		/**
14		* Determine whether the user can view the job poster.
15		*
16		* @param \App\Models\?User $user User object making the request.
17		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
18		* @return mixed
19	12	*/
20		public function view(?User $user, JobPoster $jobPoster)
21		{
22		// Anyone can view a published job past the open date
23	12	// Managers can always view jobs they created.
24		// Hr Advisors can view all jobs in their department.
25	6	return $jobPoster->isPublic() \|\|
26	6	($user &&
27	12	$user->isManager() &&
28		$jobPoster->manager->user_id == $user->id) \|\|
29		($user &&
30		$user->isHrAdvisor() &&
31		$user->department_id === $jobPoster->department_id &&
32		$jobPoster->isVisibleToHr());
33		}
34
35		/**
36		* Any user is permitted to request a list of jobs,
37	1	* but only the jobs they are permitted to view should be returned.
38		*
39		* @param \App\Models\?User $user User object making the request.
40	1	* @return boolean
41		*/
42		public function viewAny(?User $user)
43		{
44		return true;
45		}
46
47		/**
48		* Determine whether the user can create job posters.
49		*
50	19	* @param \App\Models\User $user User to test against.
51		* @return mixed
52		*/
53	19	public function create(User $user)
54	19	{
55	19	// Any manager can create a new job poster.
56		return $user->isManager();
57		}
58
59		/**
60		* Determine whether the user can update the job poster.
61		*
62		* @param \App\Models\User $user User object making the request.
63		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
64		* @return mixed
65		*/
66		public function update(User $user, JobPoster $jobPoster)
67		{
68		// Only managers can edit jobs, and only their own, managers can't publish jobs or edit published jobs.
69		return $user->isManager() &&
70		$jobPoster->manager->user->id == $user->id &&
71		$jobPoster->isEditable();
72		}
73
74		/**
75		* Determine whether the user can delete the job poster.
76		*
77		* @param \App\Models\User $user User object making the request.
78		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
79		*
80		* @return boolean
81		*/
82		public function delete(User $user, JobPoster $jobPoster): bool
83		{
84		// Jobs can only be deleted when they're in the 'draft'
85		// state, and only by managers that created them.
86		return $user->isManager() &&
87		$jobPoster->manager->user->id == $user->id &&
88		$jobPoster->isEditable();
89		}
90
91		/**
92		* Determine whether the user can review applications to the job poster.
93		*
94		* @param \App\Models\User $user User object making the request.
95		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
96		* @return mixed
97		*/
98		public function reviewApplicationsFor(User $user, JobPoster $jobPoster)
99		{
100		$user->loadMissing('user_role');
101		$jobPoster->loadMissing('manager.user');
102		// Managers can only review applications their own jobs.
103		// HR Advisors can review applications for jobs they manage.
104		$authManager = $user->isManager() && $jobPoster->manager->user->id == $user->id;
105		$authHr = $user->isHrAdvisor() && $this->manage($user, $jobPoster);
106
107		return $jobPoster->isPublic() && ($authManager \|\| $authHr);
108		}
109
110		/**
111		* Determine whether the user is a Manager or an HR Advisor with permission to manage this job.
112		*
113		* @param \App\Models\User $user User object making the request.
114		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
115		* @return boolean
116		*/
117		public function manage(User $user, JobPoster $jobPoster)
118		{
119		return ($user->isManager() &&
120		$jobPoster->manager->user->id == $user->id) \|\|
121		($user->isHrAdvisor()
122		&& $this->view($user, $jobPoster)
123		&& $user->hr_advisor->claimed_job_ids->contains($jobPoster->id));
124		}
125
126		/**
127		* Determine whether the user can view the comments.
128		*
129		* @param \App\Models\User $user User object making the request.
130		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
131		* @return boolean
132		*/
133		public function viewComments(User $user, JobPoster $jobPoster): bool
134		{
135		// Only the manager that created the job can view the comment.
136		// Only Hr advisors who have claimed a job can view the comments.
137		return $this->manage($user, $jobPoster);
138		}
139
140		/**
141		* Determine whether the user can create a comment
142		*
143		* @param \App\Models\User $user User object making the request.
144		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
145		* @return boolean
146		*/
147		public function storeComment(User $user, JobPoster $jobPoster): bool
148		{
149		// Only the manager that created the job can view the comment.
150		// Only Hr advisors who have claimed a job can view the comments.
151		return $this->viewComments($user, $jobPoster);
152		}
153
154		/**
155		* Determine whether the user can 'claim' this job.
156		*
157		* @param \App\Models\User $user User object making the request.
158		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
159		* @return boolean
160		*/
161		public function claim(User $user, JobPoster $jobPoster): bool
162		{
163		return $user->isHrAdvisor() && $this->view($user, $jobPoster);
164		}
165
166		/**
167		* Determine whether the user can 'unclaim' this job.
168		*
169		* @param \App\Models\User $user User object making the request.
170		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
171		* @return boolean
172		*/
173		public function unClaim(User $user, JobPoster $jobPoster): bool
174		{
175		return $this->claim($user, $jobPoster);
176		}
177
178		/**
179		* Determine whether the user can view assessment plan.
180		*
181		* @param \App\Models\User $user User object making the request.
182		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
183		* @return boolean
184		*/
185		public function viewAssessmentPlan(User $user, JobPoster $jobPoster): bool
186		{
187		return $user->isAdmin() \|\|
188		$user->isManager() && $jobPoster->manager->user_id === $user->id \|\|
189		$user->isHrAdvisor() && $jobPoster->hr_advisors->contains('user_id', $user->id);
190		}
191
192		/**
193		* Determine whether the user can download CSV file of applicants who have applied to job.
194		*
195		* @param \App\Models\User $user User object making the request.
196		* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
197		* @return boolean
198		*/
199		public function downloadApplicants(User $user, JobPoster $jobPoster): bool
200		{
201		return $user->isAdmin() && $jobPoster->isPublic();
202		}
203		}
204

GCTC-NTGC / TalentCloud

JobPolicy::storeComment() A last analyzed 2022-08-11 13:57 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

JobPolicy::storeComment() A
last analyzed 2022-08-11 13:57 UTC