feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled.
This commit is contained in:
Andras Bacsai
@@ -20,7 +20,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function view(User $user, $database): bool
|
||||
{
|
||||
return $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -28,7 +29,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function create(User $user): bool
|
||||
{
|
||||
return $user->isAdmin();
|
||||
// return $user->isAdmin();
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -36,11 +38,12 @@ class DatabasePolicy
|
||||
*/
|
||||
public function update(User $user, $database): Response
|
||||
{
|
||||
if ($user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null) {
|
||||
return Response::allow();
|
||||
}
|
||||
// if ($user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id)) {
|
||||
// return Response::allow();
|
||||
// }
|
||||
|
||||
return Response::deny('As a member, you cannot update this database.<br/><br/>You need at least admin or owner permissions.');
|
||||
// return Response::deny('As a member, you cannot update this database.<br/><br/>You need at least admin or owner permissions.');
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -48,7 +51,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function delete(User $user, $database): bool
|
||||
{
|
||||
return $user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -56,7 +60,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function restore(User $user, $database): bool
|
||||
{
|
||||
return $user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -64,7 +69,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function forceDelete(User $user, $database): bool
|
||||
{
|
||||
return $user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -72,7 +78,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function manage(User $user, $database): bool
|
||||
{
|
||||
return $user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -80,7 +87,8 @@ class DatabasePolicy
|
||||
*/
|
||||
public function manageBackups(User $user, $database): bool
|
||||
{
|
||||
return $user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -88,6 +96,7 @@ class DatabasePolicy
|
||||
*/
|
||||
public function manageEnvironment(User $user, $database): bool
|
||||
{
|
||||
return $user->isAdmin() && $user->teams()->get()->firstWhere('id', $database->team()->first()->id) !== null;
|
||||
// return $user->isAdmin() && $user->teams->contains('id', $database->team()->first()->id);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user