d2d.emegrendeles.hu/app/Policies/ProductPolicy.php
2026-04-26 05:37:07 +02:00

76 lines
1.8 KiB
PHP

<?php
namespace App\Policies;
use App\Models\Product;
use App\Models\User;
use Illuminate\Auth\Access\Response;
class ProductPolicy
{
/**
* Determine whether the user can view any models.
*/
public function viewAny(User $user): bool
{
return $user->hasRole(['root', 'developer', 'admin', 'supplier']);
}
/**
* Determine whether the user can view the model.
*/
public function view(User $user, Product $product): bool
{
if ($user->hasRole('supplier')) {
return $user->supplier_id === $product->supplier_id;
}
return $user->hasRole(['root', 'developer', 'admin']);
}
/**
* Determine whether the user can create models.
*/
public function create(User $user): bool
{
return $user->hasRole(['root', 'developer', 'admin']);
}
/**
* Csak akkor engedélyezett a szerkesztés, ha a termék
* a bejelentkezett supplier-hez tartozik.
*/
public function update(User $user, Product $product): bool
{
if ($user->hasRole('supplier')) {
return $user->supplier_id === $product->supplier_id;
}
return $user->hasRole(['root', 'developer', 'admin']);
}
/**
* Determine whether the user can delete the model.
*/
public function delete(User $user, Product $product): bool
{
return $user->hasRole(['root', 'developer', 'admin']);
}
/**
* Determine whether the user can restore the model.
*/
public function restore(User $user, Product $product): bool
{
return $user->hasRole(['root', 'developer', 'admin']);
}
/**
* Determine whether the user can permanently delete the model.
*/
public function forceDelete(User $user, Product $product): bool
{
return $user->hasRole(['root', 'developer', 'admin']);
}
}