X-Git-Url: https://git.localhorst.tv/?a=blobdiff_plain;f=app%2FPolicies%2FApplicationPolicy.php;fp=app%2FPolicies%2FApplicationPolicy.php;h=3dc9ad8c54cc11a89c74c9924b38696abef71465;hb=3a774bb649734fc3a2135ec1b52cef9a049880ee;hp=0000000000000000000000000000000000000000;hpb=8d97d023740e438361e659c6e133418e33343178;p=alttp.git

diff --git a/app/Policies/ApplicationPolicy.php b/app/Policies/ApplicationPolicy.php
new file mode 100644
index 0000000..3dc9ad8
--- /dev/null
+++ b/app/Policies/ApplicationPolicy.php
@@ -0,0 +1,97 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\Application;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class ApplicationPolicy
+{
+	use HandlesAuthorization;
+
+	/**
+	 * Determine whether the user can view any models.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function viewAny(User $user)
+	{
+		return $user->isAdmin();
+	}
+
+	/**
+	 * Determine whether the user can view the model.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @param  \App\Models\Application  $application
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function view(User $user, Application $application)
+	{
+		return $user->isAdmin()
+		   	|| $user->isTournamentAdmin($application->tournament)
+		   	|| $user->id == $application->user->id;
+	}
+
+	/**
+	 * Determine whether the user can create models.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function create(User $user)
+	{
+		return false;
+	}
+
+	/**
+	 * Determine whether the user can update the model.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @param  \App\Models\Application  $application
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function update(User $user, Application $application)
+	{
+		return false;
+	}
+
+	/**
+	 * Determine whether the user can delete the model.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @param  \App\Models\Application  $application
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function delete(User $user, Application $application)
+	{
+		return false;
+	}
+
+	/**
+	 * Determine whether the user can restore the model.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @param  \App\Models\Application  $application
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function restore(User $user, Application $application)
+	{
+		return false;
+	}
+
+	/**
+	 * Determine whether the user can permanently delete the model.
+	 *
+	 * @param  \App\Models\User  $user
+	 * @param  \App\Models\Application  $application
+	 * @return \Illuminate\Auth\Access\Response|bool
+	 */
+	public function forceDelete(User $user, Application $application)
+	{
+		return false;
+	}
+
+}