|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Insenseanalytics\LaravelNovaPermission; |
|
4
|
|
|
|
|
5
|
|
|
use Illuminate\Support\Str; |
|
6
|
|
|
use Illuminate\Http\Request; |
|
7
|
|
|
use Laravel\Nova\Http\Requests\NovaRequest; |
|
8
|
|
|
use Illuminate\Auth\Access\AuthorizationException; |
|
9
|
|
|
|
|
10
|
|
|
trait PermissionsBasedAuthTrait |
|
11
|
|
|
{ |
|
12
|
|
|
/** |
|
13
|
|
|
* Determine if the given resource is authorizable. |
|
14
|
|
|
* |
|
15
|
|
|
* @return bool |
|
16
|
|
|
*/ |
|
17
|
|
|
public static function authorizable() |
|
18
|
|
|
{ |
|
19
|
|
|
return true; |
|
20
|
|
|
} |
|
21
|
|
|
|
|
22
|
|
|
/** |
|
23
|
|
|
* Determine if the resource should be available for the given request. |
|
24
|
|
|
* |
|
25
|
|
|
* @param \Illuminate\Http\Request $request |
|
26
|
|
|
* |
|
27
|
|
|
* @return bool |
|
28
|
|
|
*/ |
|
29
|
|
|
public function authorizeToViewAny(Request $request) |
|
30
|
|
|
{ |
|
31
|
|
|
if (!static::authorizable()) { |
|
32
|
|
|
return; |
|
33
|
|
|
} |
|
34
|
|
|
|
|
35
|
|
|
return $this->authorizeTo($request, 'viewAny'); |
|
|
|
|
|
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* Determine if the resource should be available for the given request. |
|
40
|
|
|
* |
|
41
|
|
|
* @param \Illuminate\Http\Request $request |
|
42
|
|
|
* |
|
43
|
|
|
* @return bool |
|
44
|
|
|
*/ |
|
45
|
|
|
public static function authorizedToViewAny(Request $request) |
|
46
|
|
|
{ |
|
47
|
|
|
if (!static::authorizable()) { |
|
48
|
|
|
return true; |
|
49
|
|
|
} |
|
50
|
|
|
|
|
51
|
|
|
return static::hasPermissionsTo($request, 'viewAny'); |
|
52
|
|
|
} |
|
53
|
|
|
|
|
54
|
|
|
/** |
|
55
|
|
|
* Determine if the current user can view the given resource or throw an exception. |
|
56
|
|
|
* |
|
57
|
|
|
* @param \Illuminate\Http\Request $request |
|
58
|
|
|
* |
|
59
|
|
|
* @throws \Illuminate\Auth\Access\AuthorizationException |
|
60
|
|
|
*/ |
|
61
|
|
|
public function authorizeToView(Request $request) |
|
62
|
|
|
{ |
|
63
|
|
|
return $this->authorizeTo($request, 'view') && $this->authorizeToViewAny($request); |
|
|
|
|
|
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* Determine if the current user can create new resources. |
|
68
|
|
|
* |
|
69
|
|
|
* @param \Illuminate\Http\Request $request |
|
70
|
|
|
* |
|
71
|
|
|
* @return bool |
|
72
|
|
|
*/ |
|
73
|
|
|
public static function authorizedToCreate(Request $request) |
|
74
|
|
|
{ |
|
75
|
|
|
return static::hasPermissionsTo($request, 'create'); |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
/** |
|
79
|
|
|
* Determine if the user can add / associate models of the given type to the resource. |
|
80
|
|
|
* |
|
81
|
|
|
* @param \Laravel\Nova\Http\Requests\NovaRequest $request |
|
82
|
|
|
* @param \Illuminate\Database\Eloquent\Model|string $model |
|
83
|
|
|
* |
|
84
|
|
|
* @return bool |
|
85
|
|
|
*/ |
|
86
|
|
|
public function authorizedToAdd(NovaRequest $request, $model) |
|
87
|
|
|
{ |
|
88
|
|
|
if (!static::authorizable()) { |
|
89
|
|
|
return true; |
|
90
|
|
|
} |
|
91
|
|
|
|
|
92
|
|
|
$method = 'add' . class_basename($model); |
|
93
|
|
|
|
|
94
|
|
|
return $this->authorizedTo($request, $method); |
|
95
|
|
|
} |
|
96
|
|
|
|
|
97
|
|
|
/** |
|
98
|
|
|
* Determine if the user can attach any models of the given type to the resource. |
|
99
|
|
|
* |
|
100
|
|
|
* @param \Laravel\Nova\Http\Requests\NovaRequest $request |
|
101
|
|
|
* @param \Illuminate\Database\Eloquent\Model|string $model |
|
102
|
|
|
* |
|
103
|
|
|
* @return bool |
|
104
|
|
|
*/ |
|
105
|
|
|
public function authorizedToAttachAny(NovaRequest $request, $model) |
|
106
|
|
|
{ |
|
107
|
|
|
if (!static::authorizable()) { |
|
108
|
|
|
return true; |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
$method = 'attachAny' . Str::singular(class_basename($model)); |
|
112
|
|
|
|
|
113
|
|
|
return $this->authorizedTo($request, $method); |
|
114
|
|
|
} |
|
115
|
|
|
|
|
116
|
|
|
/** |
|
117
|
|
|
* Determine if the user can attach models of the given type to the resource. |
|
118
|
|
|
* |
|
119
|
|
|
* @param \Laravel\Nova\Http\Requests\NovaRequest $request |
|
120
|
|
|
* @param \Illuminate\Database\Eloquent\Model|string $model |
|
121
|
|
|
* |
|
122
|
|
|
* @return bool |
|
123
|
|
|
*/ |
|
124
|
|
|
public function authorizedToAttach(NovaRequest $request, $model) |
|
125
|
|
|
{ |
|
126
|
|
|
if (!static::authorizable()) { |
|
127
|
|
|
return true; |
|
128
|
|
|
} |
|
129
|
|
|
|
|
130
|
|
|
$method = 'attach' . Str::singular(class_basename($model)); |
|
131
|
|
|
|
|
132
|
|
|
return $this->authorizedTo($request, $method); |
|
133
|
|
|
} |
|
134
|
|
|
|
|
135
|
|
|
/** |
|
136
|
|
|
* Determine if the user can detach models of the given type to the resource. |
|
137
|
|
|
* |
|
138
|
|
|
* @param \Laravel\Nova\Http\Requests\NovaRequest $request |
|
139
|
|
|
* @param \Illuminate\Database\Eloquent\Model|string $model |
|
140
|
|
|
* @param string $relationship |
|
141
|
|
|
* |
|
142
|
|
|
* @return bool |
|
143
|
|
|
*/ |
|
144
|
|
|
public function authorizedToDetach(NovaRequest $request, $model, $relationship) |
|
|
|
|
|
|
145
|
|
|
{ |
|
146
|
|
|
if (!static::authorizable()) { |
|
147
|
|
|
return true; |
|
148
|
|
|
} |
|
149
|
|
|
|
|
150
|
|
|
$method = 'detach' . Str::singular(class_basename($model)); |
|
151
|
|
|
|
|
152
|
|
|
return $this->authorizedTo($request, $method); |
|
153
|
|
|
} |
|
154
|
|
|
|
|
155
|
|
|
/** |
|
156
|
|
|
* Determine if the current user has a given ability. |
|
157
|
|
|
* |
|
158
|
|
|
* @param \Illuminate\Http\Request $request |
|
159
|
|
|
* @param string $ability |
|
160
|
|
|
* |
|
161
|
|
|
* @throws \Illuminate\Auth\Access\AuthorizationException |
|
162
|
|
|
*/ |
|
163
|
|
|
public function authorizeTo(Request $request, $ability) |
|
164
|
|
|
{ |
|
165
|
|
|
throw_unless($this->authorizedTo($request, $ability), AuthorizationException::class); |
|
166
|
|
|
} |
|
167
|
|
|
|
|
168
|
|
|
/** |
|
169
|
|
|
* Determine if the current user can view the given resource. |
|
170
|
|
|
* |
|
171
|
|
|
* @param \Illuminate\Http\Request $request |
|
172
|
|
|
* @param string $ability |
|
173
|
|
|
* |
|
174
|
|
|
* @return bool |
|
175
|
|
|
*/ |
|
176
|
|
|
public function authorizedTo(Request $request, $ability) |
|
177
|
|
|
{ |
|
178
|
|
|
return static::authorizable() ? static::hasPermissionsTo($request, $ability) : true; |
|
179
|
|
|
} |
|
180
|
|
|
|
|
181
|
|
|
public static function hasPermissionsTo(Request $request, $ability) |
|
182
|
|
|
{ |
|
183
|
|
|
if (isset(static::$permissionsForAbilities[$ability])) { |
|
184
|
|
|
return $request->user()->can(static::$permissionsForAbilities[$ability]); |
|
185
|
|
|
} |
|
186
|
|
|
|
|
187
|
|
|
if (isset(static::$permissionsForAbilities['all'])) { |
|
188
|
|
|
return $request->user()->can(static::$permissionsForAbilities['all']); |
|
189
|
|
|
} |
|
190
|
|
|
|
|
191
|
|
|
return false; |
|
192
|
|
|
} |
|
193
|
|
|
} |
|
194
|
|
|
|
insenseanalytics /
laravel-nova-permission
Paras Malhotra
Loading history...
This check looks for function or method calls that always return null and whose return value is used.
The method
getObject()can return nothing but null, so it makes no sense to use the return value.The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.