diff --git a/README.md b/README.md index ebeba6e..408a18d 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,37 @@ Install via composer composer require custom-d/laravel-helpers ``` +## Crud Policy Trait + +by using the `CustomD\LaravelHelpers\Models\Policies\CrudPermissions` trait in your model policy along side Spatie role permissions using wildcard permissions +you can have your policy look like: + +```php + +namespace App\Models\Policies; + +use App\Models\Policies\Traits\CrudPermissions; +use Illuminate\Auth\Access\HandlesAuthorization; + +class UserPolicy +{ + use HandlesAuthorization; + use CrudPermissions; +} +``` + +and it will check for the following permissions: + +- user.list +- user.view +- user.create +- user.update +- user.delete +- user.restore + +for user locked based policy permissions you can add the following method to your model: +`userHasPermission(User $user): bool` + ## Helpers **execute** - this helper runs an execute action on an action file with dependancy injection on the contructor diff --git a/src/Models/Policies/CrudPermissions.php b/src/Models/Policies/CrudPermissions.php new file mode 100644 index 0000000..054c59b --- /dev/null +++ b/src/Models/Policies/CrudPermissions.php @@ -0,0 +1,103 @@ +permission_name ?? self::parsePermissionNameFromPolicy(), + $action + ])->filter()->implode("."); + + if (method_exists($model, 'userHasPermission') && ! $model->userHasPermission($user)) { + return false; + } + + return $user->can($permission); + } + + public static function parsePermissionNameFromPolicy() + { + $class = class_basename(get_called_class()); + $class = Str::replaceLast('Policy', '', $class); + $class = Str::lower($class); + return Str::plural($class); + } + + /** + * Determine whether the user can view any models. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @return mixed + */ + public function viewAny(Authenticatable $user) + { + return $this->can($user, 'list'); + } + + /** + * Determine whether the user can view the model. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @param \Illuminate\Database\Eloquent\Model $model + * @return mixed + */ + public function view(Authenticatable $user, Model $model) + { + return $this->can($user, 'view'); + } + + /** + * Determine whether the user can create models. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @return mixed + */ + public function create(Authenticatable $user) + { + return $this->can($user, 'create'); + } + + /** + * Determine whether the user can update the model. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @param \Illuminate\Database\Eloquent\Model $model + * @return mixed + */ + public function update(Authenticatable $user, Model $model) + { + return $this->can($user, 'update'); + } + + /** + * Determine whether the user can delete the model. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @param \Illuminate\Database\Eloquent\Model $model + * @return mixed + */ + public function delete(Authenticatable $user, Model $model) + { + return $this->can($user, 'delete'); + } + + /** + * Determine whether the user can restore the model. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @param \Illuminate\Database\Eloquent\Model $model + * @return mixed + */ + public function restore(Authenticatable $user, Model $model) + { + return $this->can($user, 'restore'); + } +}