36 lines
1004 B
PHP
36 lines
1004 B
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use App\Models\Course;
|
|
|
|
class AuthServiceProvider extends ServiceProvider
|
|
{
|
|
protected $policies = [
|
|
// 'App\Models\Model' => 'App\Policies\ModelPolicy',
|
|
];
|
|
|
|
public function boot(): void
|
|
{
|
|
$this->registerPolicies();
|
|
|
|
// God mode: super-admin can do anything
|
|
Gate::before(fn($user) => $user->hasRole('super-admin') ? true : null);
|
|
|
|
// Example gates
|
|
Gate::define('view-course', fn($user, Course $course) =>
|
|
$user->hasAnyRole(['admin', 'teacher'])
|
|
);
|
|
|
|
Gate::define('update-course', fn($user, Course $course) =>
|
|
$user->hasRole('admin') ||
|
|
($user->hasRole('teacher') && $course->teacher_id === $user->id)
|
|
);
|
|
|
|
Gate::define('answer-question', fn($user) =>
|
|
$user->hasAnyRole(['teacher', 'admin'])
|
|
);
|
|
}
|
|
} |