74 lines
3.7 KiB
PHP
74 lines
3.7 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
// use Illuminate\Support\Facades\Gate;
|
|
use App\Policies\ResourceCreatePolicy;
|
|
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
|
use Illuminate\Support\Facades\Gate;
|
|
|
|
class AuthServiceProvider extends ServiceProvider
|
|
{
|
|
/**
|
|
* The model to policy mappings for the application.
|
|
*
|
|
* @var array<class-string, class-string>
|
|
*/
|
|
protected $policies = [
|
|
\App\Models\Server::class => \App\Policies\ServerPolicy::class,
|
|
\App\Models\PrivateKey::class => \App\Policies\PrivateKeyPolicy::class,
|
|
\App\Models\StandaloneDocker::class => \App\Policies\StandaloneDockerPolicy::class,
|
|
\App\Models\SwarmDocker::class => \App\Policies\SwarmDockerPolicy::class,
|
|
\App\Models\Application::class => \App\Policies\ApplicationPolicy::class,
|
|
\App\Models\ApplicationPreview::class => \App\Policies\ApplicationPreviewPolicy::class,
|
|
\App\Models\ApplicationSetting::class => \App\Policies\ApplicationSettingPolicy::class,
|
|
\App\Models\Service::class => \App\Policies\ServicePolicy::class,
|
|
\App\Models\ServiceApplication::class => \App\Policies\ServiceApplicationPolicy::class,
|
|
\App\Models\ServiceDatabase::class => \App\Policies\ServiceDatabasePolicy::class,
|
|
\App\Models\Project::class => \App\Policies\ProjectPolicy::class,
|
|
\App\Models\Environment::class => \App\Policies\EnvironmentPolicy::class,
|
|
\App\Models\EnvironmentVariable::class => \App\Policies\EnvironmentVariablePolicy::class,
|
|
\App\Models\SharedEnvironmentVariable::class => \App\Policies\SharedEnvironmentVariablePolicy::class,
|
|
// Database policies - all use the shared DatabasePolicy
|
|
\App\Models\StandalonePostgresql::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneMysql::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneMariadb::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneMongodb::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneRedis::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneKeydb::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneDragonfly::class => \App\Policies\DatabasePolicy::class,
|
|
\App\Models\StandaloneClickhouse::class => \App\Policies\DatabasePolicy::class,
|
|
|
|
// Notification policies - all use the shared NotificationPolicy
|
|
\App\Models\EmailNotificationSettings::class => \App\Policies\NotificationPolicy::class,
|
|
\App\Models\DiscordNotificationSettings::class => \App\Policies\NotificationPolicy::class,
|
|
\App\Models\TelegramNotificationSettings::class => \App\Policies\NotificationPolicy::class,
|
|
\App\Models\SlackNotificationSettings::class => \App\Policies\NotificationPolicy::class,
|
|
\App\Models\PushoverNotificationSettings::class => \App\Policies\NotificationPolicy::class,
|
|
|
|
// API Token policy
|
|
\Laravel\Sanctum\PersonalAccessToken::class => \App\Policies\ApiTokenPolicy::class,
|
|
|
|
// Team policy
|
|
\App\Models\Team::class => \App\Policies\TeamPolicy::class,
|
|
|
|
// Git source policies
|
|
\App\Models\GithubApp::class => \App\Policies\GithubAppPolicy::class,
|
|
|
|
];
|
|
|
|
/**
|
|
* Register any authentication / authorization services.
|
|
*/
|
|
public function boot(): void
|
|
{
|
|
// Register gates for resource creation policy
|
|
Gate::define('createAnyResource', [ResourceCreatePolicy::class, 'createAny']);
|
|
|
|
// Register gate for terminal access
|
|
Gate::define('canAccessTerminal', function ($user) {
|
|
return $user->isAdmin() || $user->isOwner();
|
|
});
|
|
}
|
|
}
|