noorilahi/cattr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Noor E Ilahi
2026-01-09 12:54:53 +05:30
commit 7ccf44f7da
1070 changed files with 113036 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
app/Policies/InvitationPolicy.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
namespace App\Policies;
use Illuminate\Auth\Access\HandlesAuthorization;
use App\Models\User;
class InvitationPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function view(): bool
{
return false;
}
public function viewAny(): bool
{
return false;
}
public function create(): bool
{
return false;
}
public function update(): bool
{
return false;
}
public function destroy(): bool
{
return false;
}
}

41
app/Policies/PriorityPolicy.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
namespace App\Policies;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class PriorityPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function view(): bool
{
return true;
}
public function viewAny(): bool
{
return true;
}
public function create(): bool
{
return false;
}
public function update(): bool
{
return false;
}
public function destroy(): bool
{
return false;
}
}

42
app/Policies/ProjectGroupPolicy.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace App\Policies;
use App\Enums\Role;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class ProjectGroupPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function view(User $user): bool
{
return true;
}
public function viewAny(User $user)
{
return true;
}
public function create(User $user): bool
{
return $user->hasRole(Role::MANAGER);
}
public function update(User $user): bool
{
return $user->hasRole(Role::MANAGER);
}
public function destroy(User $user): bool
{
return $user->hasRole(Role::MANAGER);
}
}

56
app/Policies/ProjectPolicy.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
namespace App\Policies;
use App\Enums\Role;
use App\Models\Project;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class ProjectPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function view(User $user, Project $project): bool
{
return $user->hasProjectRole(Role::ANY, $project->id);
}
public function viewAny(): bool
{
return true;
}
public function create(User $user): bool
{
return $user->hasRole(Role::MANAGER);
}
public function update(User $user, Project $project): bool
{
if ($project->source !== 'internal') {
return false;
}
return $user->hasRole(Role::MANAGER) || $user->hasProjectRole(Role::MANAGER, $project->id);
}
public function updateMembers(User $user, Project $project): bool
{
return $user->hasRole(Role::MANAGER) || $user->hasProjectRole(Role::MANAGER, $project->id);
}
public function destroy(User $user, Project $project): bool
{
if ($project->source !== 'internal') {
return false;
}
return $user->hasRole(Role::MANAGER);
}
}

41
app/Policies/StatusPolicy.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
namespace App\Policies;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class StatusPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function view(): bool
{
return true;
}
public function viewAny(): bool
{
return true;
}
public function create(): bool
{
return false;
}
public function update(): bool
{
return false;
}
public function destroy(): bool
{
return false;
}
}

45
app/Policies/TaskCommentPolicy.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace App\Policies;
use App\Models\TaskComment;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class TaskCommentPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function viewAny(): bool
{
return true;
}
public function view(): bool
{
return true;
}
public function create(): bool
{
return true;
}
public function update(): bool
{
return true;
}
public function destroy(): bool
{
return true;
}
}

93
app/Policies/TaskPolicy.php Normal file
View File

@@ -0,0 +1,93 @@
<?php
namespace App\Policies;
use App\Enums\Role;
use App\Models\Project;
use App\Models\Task;
use App\Models\User;
use Cache;
use Illuminate\Auth\Access\HandlesAuthorization;
class TaskPolicy
{
use HandlesAuthorization;
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function viewAny(): bool
{
return true;
}
/**
* Determine if the given task can be viewed by the user.
*
* @param User $user
* @param Task $task
* @return bool
*/
public function view(User $user, Task $task): bool
{
return Cache::store('octane')->remember(
"role_user_task_{$user->id}_$task->id",
config('cache.role_caching_ttl'),
static fn() => Task::whereId($task->id)->exists(),
);
}
/**
* Determine if the given task can be created by the user.
*
* @param User $user
* @param int $projectId
* @return bool
*/
public function create(User $user, int $projectId): bool
{
if (optional(Project::find($projectId))->source !== 'internal') {
return false;
}
return $user->hasRole(Role::MANAGER)
|| $user->hasProjectRole([Role::MANAGER, Role::USER], $projectId);
}
/**
* Determine if the given task can be updated by the user.
*
* @param User $user
* @param Task $task
* @return bool
*/
public function update(User $user, Task $task): bool
{
if (isset($task->project) && $task->project->source !== 'internal') {
return false;
}
return $user->hasRole(Role::MANAGER)
|| $user->hasProjectRole(Role::MANAGER, $task->project_id)
|| ($user->hasProjectRole(Role::USER, $task->project_id) && $task->assigned_by === $user->id);
}
/**
* Determine if the given task can be destroyed by the user.
*
* @param User $user
* @param Task $task
* @return bool
*/
public function destroy(User $user, Task $task): bool
{
if (isset($task->project) && $task->project->source !== 'internal') {
return false;
}
return $user->hasRole(Role::MANAGER)
|| $user->hasProjectRole(Role::MANAGER, $task->project_id);
}
}

119
app/Policies/TimeIntervalPolicy.php Normal file
View File

@@ -0,0 +1,119 @@
<?php
namespace App\Policies;
use App\Enums\Role;
use App\Models\Project;
use App\Models\Task;
use App\Models\TimeInterval;
use App\Models\User;
use Cache;
use Illuminate\Contracts\Database\Query\Builder;
class TimeIntervalPolicy
{
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function viewAny(): bool
{
return true;
}
public function view(User $user, TimeInterval $timeInterval): bool
{
return $timeInterval->user_id === $user->id || $user->can('view', $timeInterval->task);
}
public function create(User $user, int $userId, int $taskId, bool $isManual): bool
{
$projectId = self::getProjectIdByTaskId($taskId);
if ($isManual) {
if ((bool)$user->manual_time === false) {
return false;
}
if ($user->id !== $userId) {
return $user->hasRole(Role::MANAGER) || $user->hasProjectRole(Role::MANAGER, $projectId);
}
return (
$user->hasProjectRole([Role::USER, Role::MANAGER], $projectId)
|| $user->hasRole(Role::MANAGER)
);
}
if ($user->id !== $userId) {
return $user->hasRole(Role::MANAGER) || $user->hasProjectRole(Role::MANAGER, $projectId);
}
return $user->hasProjectRole([Role::USER, Role::MANAGER], $projectId)
|| Task::whereId($taskId)->whereHas(
'users',
fn($query) => $query->where('user_id', '=', $userId)->withoutGlobalScopes()
)->withoutGlobalScopes()->exists();
}
public function update(User $user, TimeInterval $timeInterval): bool
{
return $user->id === $timeInterval->user_id;
}
public function bulkUpdate(User $user, array $timeIntervalIds): bool
{
foreach ($timeIntervalIds as $id) {
if (!$user->can('update', TimeInterval::find($id))) {
return false;
}
}
return true;
}
/**
* Determine if the given time interval can be destroyed by the user.
*
* @param User $user
* @param TimeInterval $timeInterval
* @return bool
*/
public function destroy(User $user, TimeInterval $timeInterval): bool
{
return $user->id === $timeInterval->user_id;
}
/**
* Determine if the given time intervals can be destroyed by the user.
*
* @param User $user
* @param array $timeIntervalIds
* @return bool
*/
public function bulkDestroy(User $user, array $timeIntervalIds): bool
{
foreach ($timeIntervalIds as $id) {
$can = $user->can('destroy', TimeInterval::find($id));
if (!$can) {
return false;
}
}
return true;
}
private static function getProjectIdByTaskId(int $taskId): int
{
return Cache::store('octane')->remember(
"project_of_task_$taskId",
config('cache.role_caching_ttl'),
static fn() => Project::whereHas(
'tasks',
static fn(Builder $query) => $query->where('id', '=', $taskId)->withoutGlobalScopes()
)->withoutGlobalScopes()->firstOrFail()->id
);
}
}

76
app/Policies/UserPolicy.php Normal file
View File

@@ -0,0 +1,76 @@
<?php
namespace App\Policies;
use App\Models\User;
use Cache;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Validation\ValidationException;
class UserPolicy
{
use HandlesAuthorization;
private const ALLOWED_EDITABLE_FIELDS = [
'full_name',
'email',
'password',
'user_language',
'screenshots_state',
'screenshots_state_locked',
];
public function before(User $user): ?bool
{
return $user->isAdmin() ?: null;
}
public function viewAny(): bool
{
return true;
}
public function view(User $user, User $model): bool
{
return Cache::store('octane')->remember(
"role_user_user_{$user->id}_$model->id",
config('cache.role_caching_ttl'),
static fn() => User::whereId($model->id)->exists(),
);
}
public function create(User $user): bool
{
return $user->isAdmin();
}
/**
* @throws ValidationException
*/
public function update(User $user, User $model): bool
{
$extraFields = array_diff(array_keys(request()?->except('id')), self::ALLOWED_EDITABLE_FIELDS);
if (count($extraFields)) {
$errorMessages = [];
foreach ($extraFields as $fieldKey) {
$errorMessages[$fieldKey] = __('You don\'t have permission to edit this field');
}
throw ValidationException::withMessages($errorMessages);
}
return $user->id === $model->id;
}
public function destroy(User $user): bool
{
return $user->isAdmin();
}
public function sendInvite(): bool
{
return false;
}
}