JobPolicy::claim() - Code Metrics - Inspection of "Bump @storybook/addon-info from 5.3.3 to 5.3.4" - GCTC-NTGC/TalentCloud - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — dependabot/npm_and_yarn/dev/st... ( 917c39...79f3f4 )

unknown

created 2020-01-16 15:07 UTC

JobPolicy::claim() A

↳ Parent: JobPolicy

Complexity

Conditions	2
Paths	2

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	1
c	0
b	0
f	0
dl	0
loc	3
rs	10
cc	2
nc	2
nop	2

<?php

namespace App\Policies;

use App\Models\User;
use App\Models\JobPoster;
use App\Policies\BasePolicy;
use Illuminate\Support\Facades\Log;

class JobPolicy extends BasePolicy
{

    /**
     * Determine whether the user can view the job poster.
     *
     * @param \App\Models\?User     $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function view(?User $user, JobPoster $jobPoster)
    {
        // Anyone can view a published job
        // Only the manager that created it can view an unpublished job
        // Hr Advisors can view all jobs.
        return $jobPoster->status() == 'published' || $jobPoster->status() == 'closed' ||
            ($user &&
                $user->isManager() &&
                $jobPoster->manager->user_id == $user->id) ||
            ($user &&
                $user->isHrAdvisor() &&
                $user->hr_advisor->department_id === $jobPoster->department_id &&
                $jobPoster->isVisibleToHr());
    }

    /**
     * Any user is permitted to request a list of jobs,
     * but only the jobs they are permitted to *view* should be returned.
     *
     * @param \App\Models\?User $user User object making the request.
     * @return boolean
     */
    public function viewAny(?User $user)
    {
        return true;
    }

    /**
     * Determine whether the user can create job posters.
     *
     * @param  \App\Models\User $user User to test against.
     * @return mixed
     */
    public function create(User $user)
    {
        // Any manager can create a new job poster.
        return $user->isManager();
    }

    /**
     * Determine whether the user can update the job poster.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function update(User $user, JobPoster $jobPoster)
    {
        // Only managers can edit jobs, and only their own, managers can't publish jobs or edit published jobs.
        return $user->isManager() &&
            $jobPoster->manager->user->id == $user->id &&
            !$jobPoster->published;
    }

    /**
     * Determine whether the user can delete the job poster.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     *
     * @return boolean
     */
    public function delete(User $user, JobPoster $jobPoster): bool
    {
        // Jobs can only be deleted when they're in the 'draft'
        // state, and only by managers that created them.
        return $user->isManager() &&
            $jobPoster->manager->user->id == $user->id &&
            !$jobPoster->published;
    }

    /**
     * Determine whether the user can submit a job poster for review.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function submitForReview(User $user, JobPoster $jobPoster)
    {
        // Only upgradedManagers can submit jobs for review, only their own jobs, and only if they're still drafts.
        // NOTE: this is one of the only permissions to require an upgradedManager, as opposed to a demoManager.
        return $user->isUpgradedManager() &&
            $jobPoster->manager->user->id == $user->id &&
            $jobPoster->status() === 'draft';
    }
    /**
     * Determine whether the user can review applications to the job poster.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return mixed
     */
    public function reviewApplicationsFor(User $user, JobPoster $jobPoster)
    {
        // Managers can only review applications their own jobs.
        // HR Advisors can review applications for jobs they manage.
        // The job must always be closed.
        $authManager = $user->isManager() && $jobPoster->manager->user->id == $user->id;
        $authHr = $user->isHrAdvisor() && $this->manage($user, $jobPoster);

        return $jobPoster->isClosed() && ($authManager || $authHr);
    }

    /**
     * Determine whether the user is a Manager or an HR Advisor with permission to manage this job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function manage(User $user, JobPoster $jobPoster)
    {
        return ($user->isManager() &&
            $jobPoster->manager->user->id == $user->id) ||
            ($user->isHrAdvisor()
                && $this->view($user, $jobPoster)
                && $user->hr_advisor->claimed_job_ids->contains($jobPoster->id));
    }

    /**
     * Determine whether the user can view the comments.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function viewComments(User $user, JobPoster $jobPoster): bool
    {
        // Only the manager that created the job can view the comment.
        // Only Hr advisors who have claimed a job can view the comments.
        return $this->manage($user, $jobPoster);
    }

    /**
     * Determine whether the user can create a comment
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function storeComment(User $user, JobPoster $jobPoster): bool
    {
        // Only the manager that created the job can view the comment.
        // Only Hr advisors who have claimed a job can view the comments.
        return $this->viewComments($user, $jobPoster);
    }

    /**
     * Determine whether the user can 'claim' this job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function claim(User $user, JobPoster $jobPoster): bool
    {
        return $user->isHrAdvisor() && $this->view($user, $jobPoster);
    }

    /**
     * Determine whether the user can 'unclaim' this job.
     *
     * @param \App\Models\User      $user      User object making the request.
     * @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
     * @return boolean
     */
    public function unClaim(User $user, JobPoster $jobPoster): bool
    {
        return $this->claim($user, $jobPoster);
    }
}


1			<?php
2
3			namespace App\Policies;
4
5			use App\Models\User;
6			use App\Models\JobPoster;
7			use App\Policies\BasePolicy;
8			use Illuminate\Support\Facades\Log;
9
10			class JobPolicy extends BasePolicy
11			{
12
13			/**
14			* Determine whether the user can view the job poster.
15			*
16			* @param \App\Models\?User $user User object making the request.
17			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
18			* @return mixed
19			*/
20			public function view(?User $user, JobPoster $jobPoster)
21			{
22			// Anyone can view a published job
23			// Only the manager that created it can view an unpublished job
24			// Hr Advisors can view all jobs.
25			return $jobPoster->status() == 'published' \|\| $jobPoster->status() == 'closed' \|\|
26			($user &&
27			$user->isManager() &&
28			$jobPoster->manager->user_id == $user->id) \|\|
29			($user &&
30			$user->isHrAdvisor() &&
31			$user->hr_advisor->department_id === $jobPoster->department_id &&
32			$jobPoster->isVisibleToHr());
33			}
34
35			/**
36			* Any user is permitted to request a list of jobs,
37			* but only the jobs they are permitted to view should be returned.
38			*
39			* @param \App\Models\?User $user User object making the request.
40			* @return boolean
41			*/
42			public function viewAny(?User $user)
43			{
44			return true;
45			}
46
47			/**
48			* Determine whether the user can create job posters.
49			*
50			* @param \App\Models\User $user User to test against.
51			* @return mixed
52			*/
53			public function create(User $user)
54			{
55			// Any manager can create a new job poster.
56			return $user->isManager();
57			}
58
59			/**
60			* Determine whether the user can update the job poster.
61			*
62			* @param \App\Models\User $user User object making the request.
63			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
64			* @return mixed
65			*/
66			public function update(User $user, JobPoster $jobPoster)
67			{
68			// Only managers can edit jobs, and only their own, managers can't publish jobs or edit published jobs.
69			return $user->isManager() &&
70			$jobPoster->manager->user->id == $user->id &&
71			!$jobPoster->published;
72			}
73
74			/**
75			* Determine whether the user can delete the job poster.
76			*
77			* @param \App\Models\User $user User object making the request.
78			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
79			*
80			* @return boolean
81			*/
82			public function delete(User $user, JobPoster $jobPoster): bool
83			{
84			// Jobs can only be deleted when they're in the 'draft'
85			// state, and only by managers that created them.
86			return $user->isManager() &&
87			$jobPoster->manager->user->id == $user->id &&
88			!$jobPoster->published;
89			}
90
91			/**
92			* Determine whether the user can submit a job poster for review.
93			*
94			* @param \App\Models\User $user User object making the request.
95			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
96			* @return mixed
97			*/
98			public function submitForReview(User $user, JobPoster $jobPoster)
99			{
100			// Only upgradedManagers can submit jobs for review, only their own jobs, and only if they're still drafts.
101			// NOTE: this is one of the only permissions to require an upgradedManager, as opposed to a demoManager.
102			return $user->isUpgradedManager() &&
103			$jobPoster->manager->user->id == $user->id &&
104			$jobPoster->status() === 'draft';
105			}
106			/**
107			* Determine whether the user can review applications to the job poster.
108			*
109			* @param \App\Models\User $user User object making the request.
110			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
111			* @return mixed
112			*/
113			public function reviewApplicationsFor(User $user, JobPoster $jobPoster)
114			{
115			// Managers can only review applications their own jobs.
116			// HR Advisors can review applications for jobs they manage.
117			// The job must always be closed.
118			$authManager = $user->isManager() && $jobPoster->manager->user->id == $user->id;
119			$authHr = $user->isHrAdvisor() && $this->manage($user, $jobPoster);
120
121			return $jobPoster->isClosed() && ($authManager \|\| $authHr);
122			}
123
124			/**
125			* Determine whether the user is a Manager or an HR Advisor with permission to manage this job.
126			*
127			* @param \App\Models\User $user User object making the request.
128			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
129			* @return boolean
130			*/
131			public function manage(User $user, JobPoster $jobPoster)
132			{
133			return ($user->isManager() &&
134			$jobPoster->manager->user->id == $user->id) \|\|
135			($user->isHrAdvisor()
136			&& $this->view($user, $jobPoster)
137			&& $user->hr_advisor->claimed_job_ids->contains($jobPoster->id));
138			}
139
140			/**
141			* Determine whether the user can view the comments.
142			*
143			* @param \App\Models\User $user User object making the request.
144			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
145			* @return boolean
146			*/
147			public function viewComments(User $user, JobPoster $jobPoster): bool
148			{
149			// Only the manager that created the job can view the comment.
150			// Only Hr advisors who have claimed a job can view the comments.
151			return $this->manage($user, $jobPoster);
152			}
153
154			/**
155			* Determine whether the user can create a comment
156			*
157			* @param \App\Models\User $user User object making the request.
158			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
159			* @return boolean
160			*/
161			public function storeComment(User $user, JobPoster $jobPoster): bool
162			{
163			// Only the manager that created the job can view the comment.
164			// Only Hr advisors who have claimed a job can view the comments.
165			return $this->viewComments($user, $jobPoster);
166			}
167
168			/**
169			* Determine whether the user can 'claim' this job.
170			*
171			* @param \App\Models\User $user User object making the request.
172			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
173			* @return boolean
174			*/
175			public function claim(User $user, JobPoster $jobPoster): bool
176			{
177			return $user->isHrAdvisor() && $this->view($user, $jobPoster);
178			}
179
180			/**
181			* Determine whether the user can 'unclaim' this job.
182			*
183			* @param \App\Models\User $user User object making the request.
184			* @param \App\Models\JobPoster $jobPoster Job Poster object being acted upon.
185			* @return boolean
186			*/
187			public function unClaim(User $user, JobPoster $jobPoster): bool
188			{
189			return $this->claim($user, $jobPoster);
190			}
191			}
192

GCTC-NTGC / TalentCloud

Push — dependabot/npm_and_yarn/dev/st... ( 917c39...79f3f4 )

JobPolicy::claim() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like