Beta version

This commit is too large to list all changes.

app/Policies/ApplicationPolicy.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Policies;
+
+use App\Application;
+use Illuminate\Auth\Access\Response;
+use App\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class ApplicationPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Create a new policy instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    public function view(User $user, Application $application)
+    {
+       if ($user->is($application->user) && $user->can('applications.view.own') || $user->can('applications.view.all'))
+       {
+           return Response::allow();
+       }
+
+       return Response::deny('You are not authorised to view this application');
+    }
+}

app/Policies/ProfilePolicy.php

@@ -2,6 +2,7 @@
 
 namespace App\Policies;
 
+use App\Profile;
 use App\User;
 use Illuminate\Auth\Access\HandlesAuthorization;
 
@@ -16,6 +17,11 @@ class ProfilePolicy
      */
     public function __construct()
     {
-        //
+
+    }
+
+    public function edit(User $user, Profile $profile)
+    {
+        return $user->is($profile->user);
     }
 }

app/Policies/UserPolicy.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Policies;
+
+use App\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class UserPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Create a new policy instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+
+    }
+
+    public function edit(User $authUser, User $user)
+    {
+        return $authUser->is($user) || $authUser->hasRole('admin');
+    }
+
+    public function viewStaff(User $user)
+    {
+        return $user->can('admin.stafflist');
+    }
+
+    public function viewPlayers(User $user)
+    {
+        return $user->can('admin.userlist');
+    }
+
+    public function terminate(User $authUser)
+    {
+       return $authUser->hasRole('admin');
+    }
+}