miguel456/athenahr
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
298a8c7c47a13cf95411555b7c33c622cf0bdc36
athenahr/app/Policies/InvitationPolicy.php

35 lines
1.0 KiB
PHP
Raw Normal View History

feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
<?php
namespace App\Policies;
use App\Invitation;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Auth\Access\Response;
class InvitationPolicy
{
use HandlesAuthorization;
fix: ensure invitation feature is properly gated to authorized users and guests Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 21:52:07 +01:00
public function viewAny(User $user): Response
feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
{
fix: ensure invitation feature is properly gated to authorized users and guests Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 21:52:07 +01:00
return $user->can('admin.manageInvitations') ? Response::allow() : Response::deny(__('You do not have permission to view invitation requests.'));
feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
}
public function create(?User $user): Response
{
if (is_null($user)) {
return Response::allow();
}
fix: ensure invitation feature is properly gated to authorized users and guests Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 21:52:07 +01:00
return $user->can('admin.manageInvitations') ? Response::allow() : Response::deny(__('You do not have permission to request privileged invitations.'));
feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
}
fix: ensure invitation feature is properly gated to authorized users and guests Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 21:52:07 +01:00
public function update(User $user, Invitation $invitation): Response
feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
{
fix: ensure invitation feature is properly gated to authorized users and guests Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 21:52:07 +01:00
return $user->can('admin.manageInvitations') ? Response::allow() : Response::deny(__('You do not have permission to update invitations.'));
feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
}
fix: ensure invitation feature is properly gated to authorized users and guests Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 21:52:07 +01:00
// no delete policy; cleanup is handled by jobs, no users can delete directly
feat: add invite notification emails, functionality to admin dashboard and sign up page Signed-off-by: Miguel Nogueira <me@nogueira.codes>
2025-08-07 18:46:34 +01:00
}
Reference in New Issue Copy Permalink