odon
/
free-pmo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add project policy for viewing more project details 

Add view-jobs policy
Add view-payments policy
Add view-subscriptions policy
Add view-invoices policy
Add view-documents policy
pull/6/head
Nafies Luthfi 8 years ago
parent
4f51094087
commit
0901fd2ce9
2 changed files with 126 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 67
      app/Policies/Projects/ProjectPolicy.php
  2. 59
      tests/Unit/Policies/ProjectPolicyTest.php

67
app/Policies/Projects/ProjectPolicy.php
View File

@ -67,4 +67,71 @@ class ProjectPolicy
{
return $user->hasRole('admin');
}
/**
* Determine whether the user can view project jobs.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Project $project
*
* @return mixed
*/
public function viewJobs(User $user, Project $project)
{
return $user->hasRole('admin')
|| ($user->hasRole('worker') && $user->projects->contains($project->id));
}
/**
* Determine whether the user can view project payments.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Project $project
*
* @return mixed
*/
public function viewPayments(User $user, Project $project)
{
return $user->hasRole('admin');
}
/**
* Determine whether the user can view project subscriptions.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Project $project
*
* @return mixed
*/
public function viewSubscriptions(User $user, Project $project)
{
return $user->hasRole('admin');
}
/**
* Determine whether the user can view project invoices.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Project $project
*
* @return mixed
*/
public function viewInvoices(User $user, Project $project)
{
return $user->hasRole('admin');
}
/**
* Determine whether the user can view project files.
*
* @param \App\Entities\Users\User $user
* @param \App\Entities\Projects\Project $project
*
* @return mixed
*/
public function viewFiles(User $user, Project $project)
{
return $user->hasRole('admin')
|| ($user->hasRole('worker') && $user->projects->contains($project->id));
}
}

59
tests/Unit/Policies/ProjectPolicyTest.php
View File

@ -66,4 +66,63 @@ class ProjectPolicyTest extends TestCase
$this->assertTrue($admin->can('delete', $project));
$this->assertFalse($worker->can('delete', $project));
}
/** @test */
public function admin_and_worker_view_project_job_list()
{
$admin = $this->createUser('admin');
$worker = $this->createUser('worker');
$project = factory(Project::class)->create();
$job = factory(Job::class)->create([
'project_id' => $project->id,
'worker_id' => $worker->id,
]);
$this->assertTrue($admin->can('view-jobs', $project));
$this->assertTrue($worker->can('view-jobs', $project));
}
/** @test */
public function only_admin_view_project_payment_list()
{
$admin = $this->createUser('admin');
$project = factory(Project::class)->create();
$this->assertTrue($admin->can('view-payments', $project));
}
/** @test */
public function only_admin_view_project_subscription_list()
{
$admin = $this->createUser('admin');
$project = factory(Project::class)->create();
$this->assertTrue($admin->can('view-subscriptions', $project));
}
/** @test */
public function only_admin_view_project_invoice_list()
{
$admin = $this->createUser('admin');
$project = factory(Project::class)->create();
$this->assertTrue($admin->can('view-invoices', $project));
}
/** @test */
public function admin_and_worker_view_project_file_list()
{
$admin = $this->createUser('admin');
$worker = $this->createUser('worker');
$project = factory(Project::class)->create();
$job = factory(Job::class)->create([
'project_id' => $project->id,
'worker_id' => $worker->id,
]);
$this->assertTrue($admin->can('view-files', $project));
$this->assertTrue($worker->can('view-files', $project));
}
}
Write Preview
Loading…
Cancel
Save