matt/opnform-host-nginx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
4cf2ef17180c044ee7ecd8e63ba8e4f491f7d8b3
opnform-host-nginx/app/Policies/WorkspacePolicy.php
Favour Olayinka 90ff91b1e9 Team functionality (#459) 
* add api enpoints for adding, removing, updating user to workspace and leaving workspace

* feat: updates client site workspace settings

* refactor and add domain setting ui in modal

* move workspace user functionality to its own component

* adds tests

* fix linting

* updates select input to FlatSelectInput

* moves workspace user role edit to seperated component

* move user adding to its own component

* adds check to usure users exist before checking is admin

* fix loading users

* feat: invite user to team functionality

* fix token coulmn

* fix self host mode changes

* tests for  user invite

* Refactor back-end

* Rename variables

* Improve some styling elements + refactor workspace settings

* More styling

* More UI polishing

* More UI fixes

* PHP linting

* Implemented most of the logic for team-functionnality

* Fix user avatar URL

* WIP remove users on cancellation

* Finished pricing for team functionality

* Fix tests

* Fix linting

* Added pricing_enabled helper

* Fix pricing_enabled shortcut

* Debug CI

* Disable pricing when testing

---------

Co-authored-by: LL-Etiane <lukongleinyuyetiane@gmail.com>
Co-authored-by: Lukong Etiane <83535251+LL-Etiane@users.noreply.github.com>
Co-authored-by: Julien Nahum <julien@nahum.net>
2024-07-04 17:21:36 +02:00

126 lines
3.0 KiB
PHP
Raw Blame History

<?php
namespace App\Policies;
use App\Models\User;
use App\Models\Workspace;
use App\Models\UserWorkspace;
use App\Service\UserHelper;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Auth\Access\Response;
class WorkspacePolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*
* @return mixed
*/
public function viewAny(User $user)
{
return true;
}
/**
* Determine whether the user can view the model.
*
* @return mixed
*/
public function view(User $user, Workspace $workspace)
{
return $user->ownsWorkspace($workspace);
}
/**
* Determine whether the user can create models.
*
* @return mixed
*/
public function create(User $user)
{
return false;
}
/**
* Determine whether the user can update the model.
*
* @return mixed
*/
public function update(User $user, Workspace $workspace)
{
return false;
}
/**
* Determine whether the user can delete the model.
*
* @return mixed
*/
public function delete(User $user, Workspace $workspace)
{
return !$workspace->owners->where('id', $user->id)->isEmpty() && $user->workspaces()->count() > 1;
}
/**
* Determine whether the user can restore the model.
*
* @return mixed
*/
public function restore(User $user, Workspace $workspace)
{
return false;
}
/**
* Determine whether the user can permanently delete the model.
*
* @return mixed
*/
public function forceDelete(User $user, Workspace $workspace)
{
return false;
}
public function inviteUser(User $user, Workspace $workspace)
{
if (!$this->adminAction($user, $workspace)) {
return Response::deny('You need to be an admin of this workspace to do this.');
}
// If self-hosted, allow
if (!pricing_enabled()) {
return Response::allow();
}
if (!$workspace->is_pro) {
return Response::deny('You need a Pro subscription to invite a user.');
}
// In case of special license, check license limit
$billingOwner = $workspace->billingOwners()->first();
if ($license = $billingOwner->activeLicense()) {
$userActiveMembers = (new UserHelper($billingOwner))->getActiveMembersCount();
if ($userActiveMembers >= $license->max_users_limit_count) {
return Response::deny('You have reached the maximum number of users allowed with your license.');
}
}
return true;
}
/**
* Determine whether the user is an admin in the workspace.
*
* @return mixed
*/
public function adminAction(User $user, Workspace $workspace)
{
$userWorkspace = UserWorkspace::where('user_id', $user->id)
->where('workspace_id', $workspace->id)
->first();
return $userWorkspace && $userWorkspace->role === 'admin';
}
}
Reference in New Issue View Git Blame Copy Permalink