devhub-az/devhub

use App\Models\User;
 
final class AuthorPolicy
{
    const FOLLOW = 'follow';
    const ADMIN = 'admin';
    const BAN = 'ban';
    const DELETE = 'delete';
 
    public function follow(User $user, User $subject): bool
    {
        return $user->id !== $subject->id;
    }
 
    public function admin(User $user): bool
    {
        return $user->isAdmin() || $user->isModerator();
    }
 
    public function ban(User $user, User $subject): bool
    {
        return ($user->isAdmin() && ! $subject->isAdmin()) ||
            ($user->isModerator() && ! $subject->isAdmin() && ! $subject->isModerator());
    }
 
    public function delete(User $user, User $subject): bool
    {
        return ($user->isAdmin() || $user->matches($subject)) && ! $subject->isAdmin();
    }
}

use App\Models\User;
use App\Policies\AuthorPolicy;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 
class AuthServiceProvider extends ServiceProvider
{
    //
    protected $policies = [
        User::class => AuthorPolicy::class,
        //
    ];
    //
}

use App\Models\User;
use App\Policies\AuthorPolicy;
use App\Jobs\BanUser;
use Illuminate\Auth\Access\AuthorizationException;
 
class UsersController extends Controller
{
    //
    public function ban(User $user): RedirectResponse
    {
        try {
            $this->authorize(AuthorPolicy::BAN, $user);
        } catch (AuthorizationException $e) {
        }
 
        $this->dispatchNow(new BanUser($user));
 
        return back();
    }
    //
}