--- /dev/null
+<?php
+
+namespace App\Policies;
+
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class UserPolicy
+{
+ use HandlesAuthorization;
+
+ /**
+ * Determine whether the user can view any models.
+ *
+ * @param \App\Models\User $user
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function viewAny(User $user)
+ {
+ return true;
+ }
+
+ /**
+ * Determine whether the user can view the model.
+ *
+ * @param \App\Models\User $user
+ * @param \App\Models\User $model
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function view(User $user, User $model)
+ {
+ return true;
+ }
+
+ /**
+ * Determine whether the user can create models.
+ *
+ * @param \App\Models\User $user
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function create(User $user)
+ {
+ return false;
+ }
+
+ /**
+ * Determine whether the user can update the model.
+ *
+ * @param \App\Models\User $user
+ * @param \App\Models\User $model
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function update(User $user, User $model)
+ {
+ return $user->id === $model->id;
+ }
+
+ /**
+ * Determine whether the user can delete the model.
+ *
+ * @param \App\Models\User $user
+ * @param \App\Models\User $model
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function delete(User $user, User $model)
+ {
+ return false;
+ }
+
+ /**
+ * Determine whether the user can restore the model.
+ *
+ * @param \App\Models\User $user
+ * @param \App\Models\User $model
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function restore(User $user, User $model)
+ {
+ return false;
+ }
+
+ /**
+ * Determine whether the user can permanently delete the model.
+ *
+ * @param \App\Models\User $user
+ * @param \App\Models\User $model
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function forceDelete(User $user, User $model)
+ {
+ return false;
+ }
+
+ /**
+ * Determine whether the user change the stream link of the model.
+ *
+ * @param \App\Models\User $user
+ * @param \App\Models\User $model
+ * @return \Illuminate\Auth\Access\Response|bool
+ */
+ public function setStreamLink(User $user, User $model)
+ {
+ return $user->role == 'admin' || $user->id == $model->id;
+ }
+
+}