Proximity/staffmanager
1
0
Fork 0
forked from miguel456/rbrecruiter
Code Issues Pull Requests Projects Releases Wiki Activity

Add user directory & isolate authorisation

Browse Source
This commit is contained in:
Miguel Nogueira
2020-06-27 19:15:33 +01:00
parent 71efdf93d8
commit 33c16fcf46
25 changed files with 812 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
app/Policies/ApplicationPolicy.php
View File

@@ -21,6 +21,16 @@ class ApplicationPolicy
//
}
public function viewAny(User $user)
{
if ($user->can('applications.view.all'))
{
return Response::allow();
}
return Response::deny('Forbidden');
}
public function view(User $user, Application $application)
{
if ($user->is($application->user) && $user->can('applications.view.own') || $user->can('applications.view.all'))
@@ -30,4 +40,9 @@ class ApplicationPolicy
return Response::deny('You are not authorised to view this application');
}
public function update(User $user)
{
return $user->hasAnyRole('admin', 'hiringManager');
}
}

94
app/Policies/AppointmentPolicy.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
namespace App\Policies;
use App\Appointment;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class AppointmentPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
{
//
}
/**
* Determine whether the user can view the model.
*
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function view(User $user, Appointment $appointment)
{
//
}
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
return $user->can('appointments.schedule');
}
/**
* Determine whether the user can update the model.
*
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function update(User $user, Appointment $appointment)
{
return $user->can('appointments.schedule.edit');
}
/**
* Determine whether the user can delete the model.
*
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function delete(User $user, Appointment $appointment)
{
//
}
/**
* Determine whether the user can restore the model.
*
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function restore(User $user, Appointment $appointment)
{
//
}
/**
* Determine whether the user can permanently delete the model.
*
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function forceDelete(User $user, Appointment $appointment)
{
//
}
}

94
app/Policies/BanPolicy.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
namespace App\Policies;
use App\Ban;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class BanPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
{
//
}
/**
* Determine whether the user can view the model.
*
* @param \App\User $user
* @param \App\Ban $ban
* @return mixed
*/
public function view(User $user, Ban $ban)
{
//
}
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
//
}
/**
* Determine whether the user can update the model.
*
* @param \App\User $user
* @param \App\Ban $ban
* @return mixed
*/
public function update(User $user, Ban $ban)
{
//
}
/**
* Determine whether the user can delete the model.
*
* @param \App\User $user
* @param \App\Ban $ban
* @return mixed
*/
public function delete(User $user, Ban $ban)
{
return $user->hasRole('admin');
}
/**
* Determine whether the user can restore the model.
*
* @param \App\User $user
* @param \App\Ban $ban
* @return mixed
*/
public function restore(User $user, Ban $ban)
{
//
}
/**
* Determine whether the user can permanently delete the model.
*
* @param \App\User $user
* @param \App\Ban $ban
* @return mixed
*/
public function forceDelete(User $user, Ban $ban)
{
//
}
}

99
app/Policies/CommentPolicy.php Normal file
View File

@@ -0,0 +1,99 @@
<?php
namespace App\Policies;
use App\Comment;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class CommentPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
{
//
}
/**
* Determine whether the user can view the model.
*
* @param \App\User $user
* @param \App\Comment $comment
* @return mixed
*/
public function view(User $user, Comment $comment)
{
//
}
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
return $user->isStaffMember();
}
/**
* Determine whether the user can update the model.
*
* @param \App\User $user
* @param \App\Comment $comment
* @return mixed
*/
public function update(User $user, Comment $comment)
{
//
}
/**
* Determine whether the user can delete the model.
*
* @param \App\User $user
* @param \App\Comment $comment
* @return mixed
*/
public function delete(User $user, Comment $comment)
{
if ($user->is($comment->user) || $user->hasRole('admin'))
{
return true;
}
return false;
}
/**
* Determine whether the user can restore the model.
*
* @param \App\User $user
* @param \App\Comment $comment
* @return mixed
*/
public function restore(User $user, Comment $comment)
{
//
}
/**
* Determine whether the user can permanently delete the model.
*
* @param \App\User $user
* @param \App\Comment $comment
* @return mixed
*/
public function forceDelete(User $user, Comment $comment)
{
//
}
}

98
app/Policies/FormPolicy.php Normal file
View File

@@ -0,0 +1,98 @@
<?php
namespace App\Policies;
use App\Form;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class FormPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
{
return $user->can('admin.hiring.forms');
}
/**
* Determine whether the user can view the model.
*
* @param \App\User $user
* @param \App\Form $form
* @return mixed
*/
public function view(User $user, Form $form)
{
return $user->can('admin.hiring.forms');
}
public function viewFormbuilder(User $user)
{
return $user->can('admin.hiring.formbuilder');
}
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
return $this->user->can('admin.hiring.forms');
}
/**
* Determine whether the user can update the model.
*
* @param \App\User $user
* @param \App\Form $form
* @return mixed
*/
public function update(User $user, Form $form)
{
// unused
}
/**
* Determine whether the user can delete the model.
*
* @param \App\User $user
* @param \App\Form $form
* @return mixed
*/
public function delete(User $user, Form $form)
{
return $this->user->can('admin.hiring.forms');
}
/**
* Determine whether the user can restore the model.
*
* @param \App\User $user
* @param \App\Form $form
* @return mixed
*/
public function restore(User $user, Form $form)
{
//
}
/**
* Determine whether the user can permanently delete the model.
*
* @param \App\User $user
* @param \App\Form $form
* @return mixed
*/
public function forceDelete(User $user, Form $form)
{
//
}
}

94
app/Policies/VacancyPolicy.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
namespace App\Policies;
use App\User;
use App\Vacancy;
use Illuminate\Auth\Access\HandlesAuthorization;
class VacancyPolicy
{
use HandlesAuthorization;
// TODO: Switch to permissions (there are no specific permissions yet)
/**
* Determine whether the user can view any models.
*
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
{
return $user->hasAnyRole('admin', 'hiringManager');
}
/**
* Determine whether the user can view the model.
*
* @param \App\User $user
* @param \App\Vacancy $vacancy
* @return mixed
*/
public function view(User $user, Vacancy $vacancy)
{
// unused
}
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
return $user->hasAnyRole('admin', 'hiringManager');
}
/**
* Determine whether the user can update the model.
*
* @param \App\User $user
* @param \App\Vacancy $vacancy
* @return mixed
*/
public function update(User $user, Vacancy $vacancy)
{
return $user->hasRole('admin', 'hiringManager');
}
/**
* Determine whether the user can delete the model.
*
* @param \App\User $user
* @param \App\Vacancy $vacancy
* @return mixed
*/
public function delete(User $user, Vacancy $vacancy)
{
//
}
/**
* Determine whether the user can restore the model.
*
* @param \App\User $user
* @param \App\Vacancy $vacancy
* @return mixed
*/
public function restore(User $user, Vacancy $vacancy)
{
//
}
/**
* Determine whether the user can permanently delete the model.
*
* @param \App\User $user
* @param \App\Vacancy $vacancy
* @return mixed
*/
public function forceDelete(User $user, Vacancy $vacancy)
{
//
}
}

94
app/Policies/VotePolicy.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
namespace App\Policies;
use App\User;
use App\Vote;
use Illuminate\Auth\Access\HandlesAuthorization;
class VotePolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
{
//
}
/**
* Determine whether the user can view the model.
*
* @param \App\User $user
* @param \App\Vote $vote
* @return mixed
*/
public function view(User $user, Vote $vote)
{
//
}
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
return $user->can('applications.vote');
}
/**
* Determine whether the user can update the model.
*
* @param \App\User $user
* @param \App\Vote $vote
* @return mixed
*/
public function update(User $user, Vote $vote)
{
//
}
/**
* Determine whether the user can delete the model.
*
* @param \App\User $user
* @param \App\Vote $vote
* @return mixed
*/
public function delete(User $user, Vote $vote)
{
//
}
/**
* Determine whether the user can restore the model.
*
* @param \App\User $user
* @param \App\Vote $vote
* @return mixed
*/
public function restore(User $user, Vote $vote)
{
//
}
/**
* Determine whether the user can permanently delete the model.
*
* @param \App\User $user
* @param \App\Vote $vote
* @return mixed
*/
public function forceDelete(User $user, Vote $vote)
{
//
}
}