HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/ai.naniguide.com/app/Policies/SendingIdentityPolicy.php
<?php

namespace App\Policies;

use App\Model\SendingIdentity;
use App\Model\User;
use Illuminate\Auth\Access\HandlesAuthorization;

/**
 * Policy for SendingIdentity (replaces legacy SendingDomainPolicy).
 *
 * Customer-side permissions still gate on the original "sending_domain"
 * RBAC keys + `getPermission('sending_domain_*')` ability strings. The
 * policy now operates on SendingIdentity rows; `customer_id` field has
 * the same meaning (owner of the identity).
 *
 * **Important** — read/update/delete should NOT additionally gate on the
 * plan's primary server capability. Customers manage identities they own
 * across all 3 modes (LOCAL_DKIM, VENDOR_SYNC, MANUAL); whether the
 * identity is *usable* through the current plan's server is a separate
 * question handled at runtime by `SendingIdentity::isAllowedBy()` (the
 * UI greys those rows out, but they remain owned and editable).
 */
class SendingIdentityPolicy
{
    use HandlesAuthorization;

    public function read(User $user, SendingIdentity $item, $role)
    {
        return match ($role) {
            'admin'    => $user->admin->getPermission('sending_domain_read') !== 'no',
            'customer' => $this->customerHasAccess($user)
                && $this->customerOwns($user, $item),
            default    => false,
        };
    }

    public function readAll(User $user, SendingIdentity $item, $role)
    {
        return match ($role) {
            'admin'    => $user->admin->getPermission('sending_domain_read') === 'all',
            // Customers never see other customers' identities — list is auto-scoped.
            'customer' => false,
            default    => false,
        };
    }

    public function create(User $user, $role)
    {
        return match ($role) {
            'admin'    => true,
            'customer' => (bool) $user->hasPermission('sending_domain.full_access'),
            default    => false,
        };
    }

    // No `update` method — sending domains cannot be edited. The `value`
    // is bound to the locally-generated DKIM keypair and the customer's
    // DNS records; renaming would silently break verification + signing.
    // To change: delete and re-add.

    public function delete(User $user, SendingIdentity $item, $role)
    {
        return match ($role) {
            'admin' => in_array(
                $user->admin->getPermission('sending_domain_delete'),
                ['all', 'own'],
                true,
            ),
            'customer' => $user->hasPermission('sending_domain.full_access')
                && $this->customerOwns($user, $item),
            default => false,
        };
    }

    // ------------------------------------------------------------------

    private function customerHasAccess(User $user): bool
    {
        return $user->hasPermission('sending_domain.full_access')
            || $user->hasPermission('sending_domain.read_only');
    }

    private function customerOwns(User $user, SendingIdentity $item): bool
    {
        return $user->customer && $user->customer->id === $item->customer_id;
    }
}