first commit

2026-01-09 12:54:53 +05:30
commit 7ccf44f7da
1070 changed files with 113036 additions and 0 deletions
--- a/app/Scopes/UserAccessScope.php
+++ b/app/Scopes/UserAccessScope.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Scopes;
+
+use App\Exceptions\Entities\AuthorizationException;
+use App\Enums\Role;
+use Illuminate\Contracts\Database\Query\Builder;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Scope;
+use Throwable;
+
+class UserAccessScope implements Scope
+{
+    /**
+     * @param Builder $builder
+     * @param Model $model
+     * @return Builder|null
+     * @throws Throwable
+     */
+    public function apply(Builder $builder, Model $model): ?Builder
+    {
+        if (!auth()->hasUser()) {
+            return null;
+        }
+
+        if (app()->runningInConsole()) {
+            return $builder;
+        }
+
+        $user = optional(request())->user();
+
+        throw_unless($user, new AuthorizationException);
+
+        if ($user->hasRole([Role::ADMIN, Role::MANAGER, Role::AUDITOR])) {
+            return $builder;
+        }
+
+        return $builder
+            ->where('id', $user->id)
+            ->orWhereHas('projectsRelation', static fn(Builder $builder) => $builder
+                ->whereIn('project_id', static fn(Builder $builder) => $builder
+                    ->from('projects_users')
+                    ->select('project_id')
+                    ->where(static fn(Builder $builder) => $builder
+                        ->where('user_id', $user->id)
+                        ->where('role_id', Role::MANAGER->value))
+                    ->orWhere(static fn(Builder $builder) => $builder
+                        ->where('user_id', $user->id)
+                        ->where('role_id', Role::AUDITOR->value))));
+    }
+}