Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-06-05 02:44:37 -04:00
Code Issues Packages Projects Releases Wiki Activity
invoiceninja/app/Policies/UserPolicy.php
David Bomba 957ac9f5d8
Fix for password protected authorization (#3198) 
* Remove unnecessary save() on invoice

* Update copyright

* Working on Credit Repository

* Implement credits as a paymentable entity

* Add credit_id to transformer

* fix rules for update payment

* Fix random deleted_at keys in transformers

* Fix for password_protect check
2020-01-07 11:13:47 +11:00

49 lines
1.1 KiB
PHP
Raw Blame History

<?php
/**
* Invoice Ninja (https://invoiceninja.com)
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
*
* @license https://opensource.org/licenses/AAL
*/
namespace App\Policies;
use App\Models\Client;
use App\Models\CompanyUser;
use App\Models\User;
/**
* Class UserPolicy
* @package App\Policies
*/
class UserPolicy extends EntityPolicy
{
/**
* Checks if the user has create permissions
*
* @param User $user
* @return bool
*/
public function create(User $user) : bool
{
return $user->isAdmin() || $user->hasPermission('create_user') || $user->hasPermission('create_all');
}
/*
*
* We need to override as User does not have the company_id property!!!!!
*
* We use the CompanyUser table as a proxy
*/
public function edit(User $user, $user_entity) : bool
{
$company_user = CompanyUser::whereUserId($user_entity->id)->company()->first();
return ($user->isAdmin() && $company_user);
}
}
Reference in New Issue View Git Blame Copy Permalink