Added TeamFile Authorization Policy
This commit is contained in:
parent
7323ffec2b
commit
a206782187
|
@ -32,6 +32,8 @@ class TeamFileController extends Controller
|
||||||
*/
|
*/
|
||||||
public function index(Request $request)
|
public function index(Request $request)
|
||||||
{
|
{
|
||||||
|
$this->authorize('index');
|
||||||
|
|
||||||
if (is_null(Auth::user()->currentTeam))
|
if (is_null(Auth::user()->currentTeam))
|
||||||
{
|
{
|
||||||
$request->session()->flash('error', 'Please choose a team before viewing it\'s files.');
|
$request->session()->flash('error', 'Please choose a team before viewing it\'s files.');
|
||||||
|
@ -51,6 +53,8 @@ class TeamFileController extends Controller
|
||||||
*/
|
*/
|
||||||
public function store(UploadFileRequest $request)
|
public function store(UploadFileRequest $request)
|
||||||
{
|
{
|
||||||
|
$this->authorize('store');
|
||||||
|
|
||||||
$upload = $request->file('file');
|
$upload = $request->file('file');
|
||||||
|
|
||||||
$file = $upload->store('uploads');
|
$file = $upload->store('uploads');
|
||||||
|
@ -83,6 +87,8 @@ class TeamFileController extends Controller
|
||||||
|
|
||||||
public function download(Request $request, TeamFile $teamFile)
|
public function download(Request $request, TeamFile $teamFile)
|
||||||
{
|
{
|
||||||
|
$this->authorize('download');
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
return Storage::download($teamFile->fs_location, $teamFile->name);
|
return Storage::download($teamFile->fs_location, $teamFile->name);
|
||||||
|
@ -127,6 +133,7 @@ class TeamFileController extends Controller
|
||||||
*/
|
*/
|
||||||
public function destroy(Request $request, TeamFile $teamFile)
|
public function destroy(Request $request, TeamFile $teamFile)
|
||||||
{
|
{
|
||||||
|
$this->authorize('delete');
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Policies;
|
||||||
|
|
||||||
|
use App\Team;
|
||||||
|
use App\User;
|
||||||
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||||
|
|
||||||
|
class TeamFilePolicy
|
||||||
|
{
|
||||||
|
use HandlesAuthorization;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a new policy instance.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
//
|
||||||
|
}
|
||||||
|
|
||||||
|
public function index(User $user)
|
||||||
|
{
|
||||||
|
return $user->hasPermissionTo('teams.files.view');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function store(User $user, Team $team)
|
||||||
|
{
|
||||||
|
return $user->hasPermissionTo('teams.files.upload') || $user->hasTeam($team);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function download(User $user)
|
||||||
|
{
|
||||||
|
return $user->hasPermissionTo('teams.files.download');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function delete(User $user)
|
||||||
|
{
|
||||||
|
return $user->hasPermissionTo('teams.files.delete');
|
||||||
|
}
|
||||||
|
}
|
|
@ -30,11 +30,13 @@ use App\Policies\AppointmentPolicy;
|
||||||
use App\Policies\BanPolicy;
|
use App\Policies\BanPolicy;
|
||||||
use App\Policies\FormPolicy;
|
use App\Policies\FormPolicy;
|
||||||
use App\Policies\ProfilePolicy;
|
use App\Policies\ProfilePolicy;
|
||||||
|
use App\Policies\TeamFilePolicy;
|
||||||
use App\Policies\TeamPolicy;
|
use App\Policies\TeamPolicy;
|
||||||
use App\Policies\UserPolicy;
|
use App\Policies\UserPolicy;
|
||||||
use App\Policies\VacancyPolicy;
|
use App\Policies\VacancyPolicy;
|
||||||
use App\Policies\VotePolicy;
|
use App\Policies\VotePolicy;
|
||||||
use App\Team;
|
use App\Team;
|
||||||
|
use App\TeamFile;
|
||||||
use App\User;
|
use App\User;
|
||||||
use App\Vacancy;
|
use App\Vacancy;
|
||||||
use App\Vote;
|
use App\Vote;
|
||||||
|
@ -58,7 +60,8 @@ class AuthServiceProvider extends ServiceProvider
|
||||||
Vote::class => VotePolicy::class,
|
Vote::class => VotePolicy::class,
|
||||||
Ban::class => BanPolicy::class,
|
Ban::class => BanPolicy::class,
|
||||||
Appointment::class => AppointmentPolicy::class,
|
Appointment::class => AppointmentPolicy::class,
|
||||||
Team::class => TeamPolicy::class
|
Team::class => TeamPolicy::class,
|
||||||
|
TeamFile::class, TeamFilePolicy::class
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue