gitmedia/presseportale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

12-05-2026 Frontend dev
Some checks are pending
linter / quality (push) Waiting to run
Details
tests / ci (push) Waiting to run
Details

Browse source
This commit is contained in:
Kevin Adametz 2026-05-12 18:32:33 +02:00
parent 405df0a122
commit 5b8bdf4182
779 changed files with 480564 additions and 6241 deletions
Download patch file Download diff file Expand all files Collapse all files

76
app/Policies/CompanyPolicy.php Normal file
View file

@ -0,0 +1,76 @@
<?php
namespace App\Policies;
use App\Models\Company;
use App\Models\User;
class CompanyPolicy
{
public function before(User $user): ?bool
{
return $user->is_super_admin ? true : null;
}
public function viewAny(User $user): bool
{
return $user->canAccessCustomer();
}
public function view(User $user, Company $company): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $this->isLinked($user, $company);
}
public function create(User $user): bool
{
return $user->canAccessAdmin();
}
public function update(User $user, Company $company): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $this->isOwnerOrResponsible($user, $company);
}
public function delete(User $user, Company $company): bool
{
return $user->canAccessAdmin();
}
public function restore(User $user, Company $company): bool
{
return $user->canAccessAdmin();
}
public function forceDelete(User $user, Company $company): bool
{
return $user->is_super_admin === true;
}
private function isLinked(User $user, Company $company): bool
{
return $user->companies()->withoutGlobalScopes()->whereKey($company->id)->exists()
|| $company->owner_user_id === $user->id;
}
private function isOwnerOrResponsible(User $user, Company $company): bool
{
if ($company->owner_user_id === $user->id) {
return true;
}
return $user->companies()
->withoutGlobalScopes()
->whereKey($company->id)
->wherePivotIn('role', ['owner', 'responsible'])
->exists();
}
}

66
app/Policies/ContactPolicy.php Normal file
View file

@ -0,0 +1,66 @@
<?php
namespace App\Policies;
use App\Models\Contact;
use App\Models\User;
class ContactPolicy
{
public function before(User $user): ?bool
{
return $user->is_super_admin ? true : null;
}
public function viewAny(User $user): bool
{
return $user->canAccessCustomer();
}
public function view(User $user, Contact $contact): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $this->sharesCompanyWith($user, $contact);
}
public function create(User $user): bool
{
return $user->canAccessCustomer();
}
public function update(User $user, Contact $contact): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $this->sharesCompanyWith($user, $contact);
}
public function delete(User $user, Contact $contact): bool
{
return $user->canAccessAdmin();
}
public function restore(User $user, Contact $contact): bool
{
return $user->canAccessAdmin();
}
public function forceDelete(User $user, Contact $contact): bool
{
return $user->is_super_admin === true;
}
private function sharesCompanyWith(User $user, Contact $contact): bool
{
if (blank($contact->company_id)) {
return false;
}
return $user->companies()->whereKey($contact->company_id)->exists();
}
}

33
app/Policies/LegacyInvoicePolicy.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace App\Policies;
use App\Models\LegacyInvoice;
use App\Models\User;
class LegacyInvoicePolicy
{
public function before(User $user): ?bool
{
return $user->is_super_admin ? true : null;
}
public function viewAny(User $user): bool
{
return $user->canAccessCustomer();
}
public function view(User $user, LegacyInvoice $legacyInvoice): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $legacyInvoice->user_id === $user->id;
}
public function downloadPdf(User $user, LegacyInvoice $legacyInvoice): bool
{
return $this->view($user, $legacyInvoice);
}
}

83
app/Policies/PressReleasePolicy.php Normal file
View file

@ -0,0 +1,83 @@
<?php
namespace App\Policies;
use App\Enums\PressReleaseStatus;
use App\Models\PressRelease;
use App\Models\User;
class PressReleasePolicy
{
public function before(User $user): ?bool
{
return $user->is_super_admin ? true : null;
}
public function viewAny(User $user): bool
{
return $user->canAccessCustomer();
}
public function view(User $user, PressRelease $pressRelease): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $this->isAuthor($user, $pressRelease);
}
public function create(User $user): bool
{
return $user->canAccessCustomer();
}
public function update(User $user, PressRelease $pressRelease): bool
{
if (! $this->isAuthor($user, $pressRelease) && ! $user->canAccessAdmin()) {
return false;
}
return in_array(
$pressRelease->status,
[PressReleaseStatus::Draft, PressReleaseStatus::Rejected, PressReleaseStatus::Review],
true,
) || $user->canAccessAdmin();
}
public function submitForReview(User $user, PressRelease $pressRelease): bool
{
return $this->isAuthor($user, $pressRelease)
&& in_array($pressRelease->status, [PressReleaseStatus::Draft, PressReleaseStatus::Rejected], true);
}
public function delete(User $user, PressRelease $pressRelease): bool
{
if ($user->canAccessAdmin()) {
return true;
}
return $this->isAuthor($user, $pressRelease)
&& $pressRelease->status !== PressReleaseStatus::Published;
}
public function restore(User $user, PressRelease $pressRelease): bool
{
return $user->canAccessAdmin();
}
public function forceDelete(User $user, PressRelease $pressRelease): bool
{
return $user->is_super_admin === true;
}
public function publish(User $user, PressRelease $pressRelease): bool
{
return $user->canAccessAdmin() && $user->can('press-releases:publish');
}
private function isAuthor(User $user, PressRelease $pressRelease): bool
{
return $pressRelease->user_id === $user->id;
}
}