opnform-host-nginx/api/app/Policies/TemplatePolicy.php

<?php

namespace App\Policies;

use App\Models\Template;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class TemplatePolicy
{
    use HandlesAuthorization;

    /**
     * Determine whether the user can create models.
     */
    public function create(User $user)
    {
        return $user !== null;
    }

    /**
     * Determine whether the user can perform write operations on the model.
     */
    private function canPerformWriteOperation(User $user, Template $template): bool
    {
        return $user->admin || $user->template_editor || $template->creator_id === $user->id;
    }

    public function update(User $user, Template $template)
    {
        return $this->canPerformWriteOperation($user, $template);
    }

    public function delete(User $user, Template $template)
    {
        return $this->canPerformWriteOperation($user, $template);
    }
}
Added template editor separate role 2022-11-16 13:12:48 +01:00			`<?php`

			`namespace App\Policies;`

			`use App\Models\Template;`
			`use App\Models\User;`
			`use Illuminate\Auth\Access\HandlesAuthorization;`

			`class TemplatePolicy`
			`{`
			`use HandlesAuthorization;`

			`/**`
			`* Determine whether the user can create models.`
			`*/`
			`public function create(User $user)`
			`{`
Allow users to create private form templates (#210) * Allow users to create private form templates * Improve back-end efficiency --------- Co-authored-by: Julien Nahum <julien@nahum.net> 2023-10-13 12:11:03 +02:00			`return $user !== null;`
Improve Templates (#183) * Improve Templates * Fix test case * Update AI GenerateTemplate * update openai client and GPT completer * composer.lock * Update types and list json with script * Template changes * fix on draft template * Finish opnform templates --------- Co-authored-by: Forms Dev <chirag+new@notionforms.io> Co-authored-by: Julien Nahum <julien@nahum.net> 2023-09-08 13:00:28 +02:00			`}`

			`/**`
Readonly User (#637) * Readonly User * Refactor FormPolicy and TemplatePolicy to centralize write operation logic - Introduced a private method `canPerformWriteOperation` in both FormPolicy and TemplatePolicy to encapsulate the logic for determining if a user can perform write operations on the respective models. - Updated the `update`, `delete`, `restore`, and `forceDelete` methods in FormPolicy to use the new method for improved readability and maintainability. - Simplified the `update` and `delete` methods in TemplatePolicy to leverage the centralized write operation logic. This refactoring enhances code clarity and reduces duplication across policy classes. * Refactor user and workspace permissions handling - Updated FormController to authorize form creation based on workspace context. - Removed the `is_readonly` attribute from UserResource and integrated it into WorkspaceResource for better encapsulation. - Refactored User model to eliminate the `getIsReadonlyAttribute` method, shifting readonly logic to the Workspace model. - Adjusted FormPolicy and TemplatePolicy to utilize workspace readonly checks for user permissions. - Updated various frontend components to reference workspace readonly status instead of user readonly status, enhancing clarity and consistency in permission handling. These changes improve the management of user permissions in relation to workspaces, ensuring a more robust and maintainable authorization system. * Fix isReadonlyUser * fix pint --------- Co-authored-by: Julien Nahum <julien@nahum.net> 2024-12-30 14:35:23 +01:00			`* Determine whether the user can perform write operations on the model.`
Improve Templates (#183) * Improve Templates * Fix test case * Update AI GenerateTemplate * update openai client and GPT completer * composer.lock * Update types and list json with script * Template changes * fix on draft template * Finish opnform templates --------- Co-authored-by: Forms Dev <chirag+new@notionforms.io> Co-authored-by: Julien Nahum <julien@nahum.net> 2023-09-08 13:00:28 +02:00			`*/`
Readonly User (#637) * Readonly User * Refactor FormPolicy and TemplatePolicy to centralize write operation logic - Introduced a private method `canPerformWriteOperation` in both FormPolicy and TemplatePolicy to encapsulate the logic for determining if a user can perform write operations on the respective models. - Updated the `update`, `delete`, `restore`, and `forceDelete` methods in FormPolicy to use the new method for improved readability and maintainability. - Simplified the `update` and `delete` methods in TemplatePolicy to leverage the centralized write operation logic. This refactoring enhances code clarity and reduces duplication across policy classes. * Refactor user and workspace permissions handling - Updated FormController to authorize form creation based on workspace context. - Removed the `is_readonly` attribute from UserResource and integrated it into WorkspaceResource for better encapsulation. - Refactored User model to eliminate the `getIsReadonlyAttribute` method, shifting readonly logic to the Workspace model. - Adjusted FormPolicy and TemplatePolicy to utilize workspace readonly checks for user permissions. - Updated various frontend components to reference workspace readonly status instead of user readonly status, enhancing clarity and consistency in permission handling. These changes improve the management of user permissions in relation to workspaces, ensuring a more robust and maintainable authorization system. * Fix isReadonlyUser * fix pint --------- Co-authored-by: Julien Nahum <julien@nahum.net> 2024-12-30 14:35:23 +01:00			`private function canPerformWriteOperation(User $user, Template $template): bool`
Improve Templates (#183) * Improve Templates * Fix test case * Update AI GenerateTemplate * update openai client and GPT completer * composer.lock * Update types and list json with script * Template changes * fix on draft template * Finish opnform templates --------- Co-authored-by: Forms Dev <chirag+new@notionforms.io> Co-authored-by: Julien Nahum <julien@nahum.net> 2023-09-08 13:00:28 +02:00			`{`
Allow users to create private form templates (#210) * Allow users to create private form templates * Improve back-end efficiency --------- Co-authored-by: Julien Nahum <julien@nahum.net> 2023-10-13 12:11:03 +02:00			`return $user->admin \|\| $user->template_editor \|\| $template->creator_id === $user->id;`
Improve Templates (#183) * Improve Templates * Fix test case * Update AI GenerateTemplate * update openai client and GPT completer * composer.lock * Update types and list json with script * Template changes * fix on draft template * Finish opnform templates --------- Co-authored-by: Forms Dev <chirag+new@notionforms.io> Co-authored-by: Julien Nahum <julien@nahum.net> 2023-09-08 13:00:28 +02:00			`}`

Readonly User (#637) * Readonly User * Refactor FormPolicy and TemplatePolicy to centralize write operation logic - Introduced a private method `canPerformWriteOperation` in both FormPolicy and TemplatePolicy to encapsulate the logic for determining if a user can perform write operations on the respective models. - Updated the `update`, `delete`, `restore`, and `forceDelete` methods in FormPolicy to use the new method for improved readability and maintainability. - Simplified the `update` and `delete` methods in TemplatePolicy to leverage the centralized write operation logic. This refactoring enhances code clarity and reduces duplication across policy classes. * Refactor user and workspace permissions handling - Updated FormController to authorize form creation based on workspace context. - Removed the `is_readonly` attribute from UserResource and integrated it into WorkspaceResource for better encapsulation. - Refactored User model to eliminate the `getIsReadonlyAttribute` method, shifting readonly logic to the Workspace model. - Adjusted FormPolicy and TemplatePolicy to utilize workspace readonly checks for user permissions. - Updated various frontend components to reference workspace readonly status instead of user readonly status, enhancing clarity and consistency in permission handling. These changes improve the management of user permissions in relation to workspaces, ensuring a more robust and maintainable authorization system. * Fix isReadonlyUser * fix pint --------- Co-authored-by: Julien Nahum <julien@nahum.net> 2024-12-30 14:35:23 +01:00			`public function update(User $user, Template $template)`
			`{`
			`return $this->canPerformWriteOperation($user, $template);`
			`}`

Improve Templates (#183) * Improve Templates * Fix test case * Update AI GenerateTemplate * update openai client and GPT completer * composer.lock * Update types and list json with script * Template changes * fix on draft template * Finish opnform templates --------- Co-authored-by: Forms Dev <chirag+new@notionforms.io> Co-authored-by: Julien Nahum <julien@nahum.net> 2023-09-08 13:00:28 +02:00			`public function delete(User $user, Template $template)`
			`{`
Readonly User (#637) * Readonly User * Refactor FormPolicy and TemplatePolicy to centralize write operation logic - Introduced a private method `canPerformWriteOperation` in both FormPolicy and TemplatePolicy to encapsulate the logic for determining if a user can perform write operations on the respective models. - Updated the `update`, `delete`, `restore`, and `forceDelete` methods in FormPolicy to use the new method for improved readability and maintainability. - Simplified the `update` and `delete` methods in TemplatePolicy to leverage the centralized write operation logic. This refactoring enhances code clarity and reduces duplication across policy classes. * Refactor user and workspace permissions handling - Updated FormController to authorize form creation based on workspace context. - Removed the `is_readonly` attribute from UserResource and integrated it into WorkspaceResource for better encapsulation. - Refactored User model to eliminate the `getIsReadonlyAttribute` method, shifting readonly logic to the Workspace model. - Adjusted FormPolicy and TemplatePolicy to utilize workspace readonly checks for user permissions. - Updated various frontend components to reference workspace readonly status instead of user readonly status, enhancing clarity and consistency in permission handling. These changes improve the management of user permissions in relation to workspaces, ensuring a more robust and maintainable authorization system. * Fix isReadonlyUser * fix pint --------- Co-authored-by: Julien Nahum <julien@nahum.net> 2024-12-30 14:35:23 +01:00			`return $this->canPerformWriteOperation($user, $template);`
Added template editor separate role 2022-11-16 13:12:48 +01:00			`}`
			`}`