Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
12 / 12 |
|
100.00% |
8 / 8 |
CRAP | |
100.00% |
1 / 1 |
| CategoryPolicy | |
100.00% |
12 / 12 |
|
100.00% |
8 / 8 |
10 | |
100.00% |
1 / 1 |
| viewAny | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| view | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| create | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| update | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| delete | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
3 | |||
| restore | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| forceDelete | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| search | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| 1 | <?php |
| 2 | |
| 3 | namespace App\Policies; |
| 4 | |
| 5 | use App\Models\Category; |
| 6 | use App\Models\User; |
| 7 | |
| 8 | class CategoryPolicy |
| 9 | { |
| 10 | /** |
| 11 | * Determine whether the user can view any models. |
| 12 | * User level (100) and above can browse categories |
| 13 | */ |
| 14 | public function viewAny(User $user): bool |
| 15 | { |
| 16 | return $user->hasRole(['client', 'staff', 'admin', 'superuser']); |
| 17 | } |
| 18 | |
| 19 | /** |
| 20 | * Determine whether the user can view the model. |
| 21 | * User level (100) and above can view categories |
| 22 | */ |
| 23 | public function view(User $user, Category $category): bool |
| 24 | { |
| 25 | return $user->hasRole(['client', 'staff', 'admin', 'superuser']); |
| 26 | } |
| 27 | |
| 28 | /** |
| 29 | * Determine whether the user can create models. |
| 30 | * Staff level (500) and above can create categories |
| 31 | */ |
| 32 | public function create(User $user): bool |
| 33 | { |
| 34 | return $user->hasRole(['staff', 'admin', 'superuser']); |
| 35 | } |
| 36 | |
| 37 | /** |
| 38 | * Determine whether the user can update the model. |
| 39 | * Staff level (500) and above can update categories |
| 40 | */ |
| 41 | public function update(User $user, Category $category): bool |
| 42 | { |
| 43 | return $user->hasRole(['staff', 'admin', 'superuser']); |
| 44 | } |
| 45 | |
| 46 | /** |
| 47 | * Determine whether the user can delete the model. |
| 48 | * Staff level (500) and above can soft delete categories |
| 49 | * Staff can delete ALL categories OR their own categories |
| 50 | */ |
| 51 | public function delete(User $user, Category $category): bool |
| 52 | { |
| 53 | // Admin and Superuser can delete any category |
| 54 | if ($user->hasRole(['admin', 'superuser'])) { |
| 55 | return true; |
| 56 | } |
| 57 | |
| 58 | // Staff can delete any category OR their own categories |
| 59 | if ($user->hasRole('staff')) { |
| 60 | return true; // Staff can delete all categories |
| 61 | } |
| 62 | |
| 63 | return false; |
| 64 | } |
| 65 | |
| 66 | /** |
| 67 | * Determine whether the user can restore the model. |
| 68 | * Staff level (500) and above can restore soft deleted categories |
| 69 | */ |
| 70 | public function restore(User $user, Category $category): bool |
| 71 | { |
| 72 | return $user->hasRole(['staff', 'admin', 'superuser']); |
| 73 | } |
| 74 | |
| 75 | /** |
| 76 | * Determine whether the user can permanently delete the model. |
| 77 | * Admin level (750) and above can permanently delete categories |
| 78 | */ |
| 79 | public function forceDelete(User $user, Category $category): bool |
| 80 | { |
| 81 | return $user->hasRole(['admin', 'superuser']); |
| 82 | } |
| 83 | |
| 84 | /** |
| 85 | * Determine whether the user can search categories. |
| 86 | * User level (100) and above can search categories |
| 87 | */ |
| 88 | public function search(User $user): bool |
| 89 | { |
| 90 | return $user->hasRole(['client', 'staff', 'admin', 'superuser']); |
| 91 | } |
| 92 | } |