HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/ai.naniguide.com/app/Policies/CustomerPolicy.php
<?php

namespace App\Policies;

use Illuminate\Auth\Access\HandlesAuthorization;
use App\Model\User;
use App\Model\Customer;

class CustomerPolicy
{
    use HandlesAuthorization;

    public function read(User $user, Customer $item)
    {
        $can = $user->admin->getPermission('customer_read') != 'no';

        return $can;
    }

    public function readAll(User $user, Customer $item)
    {
        $can = $user->admin->getPermission('customer_read') == 'all';

        return $can;
    }

    public function create(User $user, Customer $item, $role = 'admin')
    {
        $can = $user->admin->getPermission('customer_create') == 'yes';

        return $can;
    }

    public function updateProfile(User $user, Customer $customer)
    {
        $can = $user->customer_id == $customer->id;

        // RBAC check
        if ($user->hasPermission('account.full_access')) {
            $permission = true;
        } else {
            $permission = false;
        }

        return $can && $permission;
    }

    public function update(User $user, Customer $item)
    {
        $ability = $user->admin->getPermission('customer_update');
        return $ability == 'all' || $ability == 'own';
    }

    public function delete(User $user, Customer $item)
    {
        $ability = $user->admin->getPermission('customer_delete');
        return $ability == 'all' || $ability == 'own';
    }

    public function disable(User $user, Customer $item)
    {
        $ability = $user->admin->getPermission('customer_update');
        return ($ability == 'all' || $ability == 'own') && $item->status != 'inactive';
    }

    public function enable(User $user, Customer $item)
    {
        $ability = $user->admin->getPermission('customer_update');
        return ($ability == 'all' || $ability == 'own') && $item->status != 'active';
    }

    public function register(User $user, Customer $item)
    {
        $ability = \App\Model\Setting::get('enable_user_registration') == 'yes';
        $can = $ability;

        return true;
    }

    public function assignPlan(User $user, Customer $item)
    {
        $ability = $user->admin->getPermission('customer_update');
        return $ability == 'all' || $ability == 'own';
    }

    public function changePlan(User $user, Customer $item)
    {
        $ability = $user->admin->getPermission('customer_update');
        return $ability == 'all' || $ability == 'own';
    }

    public function profile(User $user, Customer $customer)
    {
        return $user->customer_id == $customer->id;
    }

    public function loginAs(User $user, Customer $customer, $role = 'admin')
    {
        //
        switch ($role) {
            case 'admin':
                $ability = $user->admin->getPermission('customer_login_as');
                $can = $customer->id != $user->customer_id && ($ability == 'all');
                break;
            case 'customer':
                $can = false;
                break;
        }
        return $can;
    }
}