Skip to main content

Black Friday 2025! Only until December 1st: coupon FRIDAY25 for 40% off Yearly/Lifetime membership!

Read more here

cattr-app/server-application

87 stars
policies
2 code files
View cattr-app/server-application on GitHub

app/Policies/TimeIntervalPolicy.php

Open in GitHub 
use App\Enums\Role;
use App\Models\Project;
use App\Models\TimeInterval;
use App\Models\User;
use Cache;
use Illuminate\Contracts\Database\Query\Builder;
 
class TimeIntervalPolicy
{
    public function before(User $user): ?bool
    {
        return $user->isAdmin() ?: null;
    }
 
    public function viewAny(): bool
    {
        return true;
    }
 
    public function view(User $user, TimeInterval $timeInterval): bool
    {
        return $timeInterval->user_id === $user->id || $user->can('view', $timeInterval->task);
    }
 
    public function create(User $user, int $userId, int $taskId, bool $isManual): bool
    {
        $projectId = self::getProjectIdByTaskId($taskId);
 
        if ($isManual) {
            if ((bool)$user->manual_time === false) {
                return false;
            }
 
            if ($user->id !== $userId) {
                return $user->hasRole(Role::MANAGER) || $user->hasProjectRole(Role::MANAGER, $projectId);
            }
 
            return (
                $user->hasProjectRole([Role::USER, Role::MANAGER], $projectId)
                || $user->hasRole(Role::MANAGER)
            );
        }
 
        return $user->hasProjectRole([Role::USER, Role::MANAGER], $projectId);
    }
 
    public function update(User $user, TimeInterval $timeInterval): bool
    {
        return $user->id === $timeInterval->user_id;
    }
 
    public function bulkUpdate(User $user, array $timeIntervalIds): bool
    {
        foreach ($timeIntervalIds as $id) {
            if (!$user->can('update', TimeInterval::find($id))) {
                return false;
            }
        }
 
        return true;
    }
 
    public function destroy(User $user, TimeInterval $timeInterval): bool
    {
        return $user->id === $timeInterval->user_id;
    }
 
    public function bulkDestroy(User $user, array $timeIntervalIds): bool
    {
        foreach ($timeIntervalIds as $id) {
            $can = $user->can('destroy', TimeInterval::find($id));
 
            if (!$can) {
                return false;
            }
        }
 
        return true;
    }
 
    private static function getProjectIdByTaskId(int $taskId): int
    {
        return Cache::store('octane')->remember(
            "project_of_task_$taskId",
            config('cache.role_caching_ttl'),
            static fn() => Project::whereHas(
                'tasks',
                static fn(Builder $query) => $query->where('id', '=', $taskId)
            )->firstOrFail()->id
        );
    }
}

app/Providers/AuthServiceProvider.php

Open in GitHub 
use App\Models\Invitation;
use App\Models\Priority;
use App\Models\Project;
use App\Models\Status;
use App\Models\Task;
use App\Models\TaskComment;
use App\Models\TimeInterval;
use App\Models\User;
use App\Policies\InvitationPolicy;
use App\Policies\PriorityPolicy;
use App\Policies\ProjectPolicy;
use App\Policies\StatusPolicy;
use App\Policies\TaskCommentPolicy;
use App\Policies\TaskPolicy;
use App\Policies\TimeIntervalPolicy;
use App\Policies\UserPolicy;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 
class AuthServiceProvider extends ServiceProvider
{
    protected $policies = [
        Project::class => ProjectPolicy::class,
        Task::class => TaskPolicy::class,
        User::class => UserPolicy::class,
        TimeInterval::class => TimeIntervalPolicy::class,
        Priority::class => PriorityPolicy::class,
        Status::class => StatusPolicy::class,
        Invitation::class => InvitationPolicy::class,
        TaskComment::class => TaskCommentPolicy::class,
    ];
 
    // ...
}

We'd Love Your Feedback

Tell us what you like or what we can improve

Feel free to share anything you like or dislike about this page or the platform in general.