File: /home/xedaptot/ai.naniguide.com/app/Policies/CustomerPolicy.php
<?php
namespace App\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
use App\Model\User;
use App\Model\Customer;
class CustomerPolicy
{
use HandlesAuthorization;
public function read(User $user, Customer $item)
{
$can = $user->admin->getPermission('customer_read') != 'no';
return $can;
}
public function readAll(User $user, Customer $item)
{
$can = $user->admin->getPermission('customer_read') == 'all';
return $can;
}
public function create(User $user, Customer $item, $role = 'admin')
{
$can = $user->admin->getPermission('customer_create') == 'yes';
return $can;
}
public function updateProfile(User $user, Customer $customer)
{
$can = $user->customer_id == $customer->id;
// RBAC check
if ($user->hasPermission('account.full_access')) {
$permission = true;
} else {
$permission = false;
}
return $can && $permission;
}
public function update(User $user, Customer $item)
{
$ability = $user->admin->getPermission('customer_update');
return $ability == 'all' || $ability == 'own';
}
public function delete(User $user, Customer $item)
{
$ability = $user->admin->getPermission('customer_delete');
return $ability == 'all' || $ability == 'own';
}
public function disable(User $user, Customer $item)
{
$ability = $user->admin->getPermission('customer_update');
return ($ability == 'all' || $ability == 'own') && $item->status != 'inactive';
}
public function enable(User $user, Customer $item)
{
$ability = $user->admin->getPermission('customer_update');
return ($ability == 'all' || $ability == 'own') && $item->status != 'active';
}
public function register(User $user, Customer $item)
{
$ability = \App\Model\Setting::get('enable_user_registration') == 'yes';
$can = $ability;
return true;
}
public function assignPlan(User $user, Customer $item)
{
$ability = $user->admin->getPermission('customer_update');
return $ability == 'all' || $ability == 'own';
}
public function changePlan(User $user, Customer $item)
{
$ability = $user->admin->getPermission('customer_update');
return $ability == 'all' || $ability == 'own';
}
public function profile(User $user, Customer $customer)
{
return $user->customer_id == $customer->id;
}
public function loginAs(User $user, Customer $customer, $role = 'admin')
{
//
switch ($role) {
case 'admin':
$ability = $user->admin->getPermission('customer_login_as');
$can = $customer->id != $user->customer_id && ($ability == 'all');
break;
case 'customer':
$can = false;
break;
}
return $can;
}
}