HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/be.naniguide.com/app/Policies/SegmentPolicy.php
<?php

namespace Acelle\Policies;

use Illuminate\Auth\Access\HandlesAuthorization;
use Acelle\Model\User;
use Acelle\Model\Segment;

class SegmentPolicy
{
    use HandlesAuthorization;

    public function list(User $user)
    {
        if (app_profile('list.disable_segment') === true) {
            return false;
        }

        return true;
    }

    public function create(User $user, Segment $item)
    {
        // RBAC check
        if ($user->hasPermission('account.read_only')) {
            return false;
        }

        if (app_profile('list.disable_segment') === true) {
            return false;
        }

        $customer = $user->customer;
        $max_per_list = get_tmp_quota($customer, 'segment_per_list_max');

        return $customer->id == $item->mailList->customer_id
                && ($max_per_list > $item->mailList->segments()->count()
                || $max_per_list == -1);
    }

    public function update(User $user, Segment $item)
    {
        // RBAC check
        if ($user->hasPermission('account.read_only')) {
            return false;
        }

        if (app_profile('list.disable_segment') === true) {
            return false;
        }

        $customer = $user->customer;
        return $item->mailList->customer_id == $customer->id;
    }

    public function delete(User $user, Segment $item)
    {
        // RBAC check
        if ($user->hasPermission('account.read_only')) {
            return false;
        }

        if (app_profile('list.disable_segment') === true) {
            return false;
        }

        $customer = $user->customer;
        return $item->mailList->customer_id == $customer->id;
    }

    public function export(User $user, Segment $item)
    {
        // RBAC check
        if ($user->hasPermission('account.read_only')) {
            return false;
        }

        if (app_profile('list.disable_segment') === true) {
            return false;
        }

        $customer = $user->customer;
        return $item->mailList->customer_id == $customer->id;
    }
}