From 0901fd2ce93caa2076c9eb1cda301966fde8a9e6 Mon Sep 17 00:00:00 2001 From: Nafies Luthfi Date: Wed, 21 Feb 2018 22:53:01 +0800 Subject: [PATCH] Add project policy for viewing more project details Add view-jobs policy Add view-payments policy Add view-subscriptions policy Add view-invoices policy Add view-documents policy --- app/Policies/Projects/ProjectPolicy.php | 67 +++++++++++++++++++++++++++++++ tests/Unit/Policies/ProjectPolicyTest.php | 59 +++++++++++++++++++++++++++ 2 files changed, 126 insertions(+) diff --git a/app/Policies/Projects/ProjectPolicy.php b/app/Policies/Projects/ProjectPolicy.php index aef72f3..97f9eb0 100644 --- a/app/Policies/Projects/ProjectPolicy.php +++ b/app/Policies/Projects/ProjectPolicy.php @@ -67,4 +67,71 @@ class ProjectPolicy { return $user->hasRole('admin'); } + + /** + * Determine whether the user can view project jobs. + * + * @param \App\Entities\Users\User $user + * @param \App\Entities\Projects\Project $project + * + * @return mixed + */ + public function viewJobs(User $user, Project $project) + { + return $user->hasRole('admin') + || ($user->hasRole('worker') && $user->projects->contains($project->id)); + } + + /** + * Determine whether the user can view project payments. + * + * @param \App\Entities\Users\User $user + * @param \App\Entities\Projects\Project $project + * + * @return mixed + */ + public function viewPayments(User $user, Project $project) + { + return $user->hasRole('admin'); + } + + /** + * Determine whether the user can view project subscriptions. + * + * @param \App\Entities\Users\User $user + * @param \App\Entities\Projects\Project $project + * + * @return mixed + */ + public function viewSubscriptions(User $user, Project $project) + { + return $user->hasRole('admin'); + } + + /** + * Determine whether the user can view project invoices. + * + * @param \App\Entities\Users\User $user + * @param \App\Entities\Projects\Project $project + * + * @return mixed + */ + public function viewInvoices(User $user, Project $project) + { + return $user->hasRole('admin'); + } + + /** + * Determine whether the user can view project files. + * + * @param \App\Entities\Users\User $user + * @param \App\Entities\Projects\Project $project + * + * @return mixed + */ + public function viewFiles(User $user, Project $project) + { + return $user->hasRole('admin') + || ($user->hasRole('worker') && $user->projects->contains($project->id)); + } } diff --git a/tests/Unit/Policies/ProjectPolicyTest.php b/tests/Unit/Policies/ProjectPolicyTest.php index 846d076..91021dd 100644 --- a/tests/Unit/Policies/ProjectPolicyTest.php +++ b/tests/Unit/Policies/ProjectPolicyTest.php @@ -66,4 +66,63 @@ class ProjectPolicyTest extends TestCase $this->assertTrue($admin->can('delete', $project)); $this->assertFalse($worker->can('delete', $project)); } + + /** @test */ + public function admin_and_worker_view_project_job_list() + { + $admin = $this->createUser('admin'); + $worker = $this->createUser('worker'); + + $project = factory(Project::class)->create(); + $job = factory(Job::class)->create([ + 'project_id' => $project->id, + 'worker_id' => $worker->id, + ]); + + $this->assertTrue($admin->can('view-jobs', $project)); + $this->assertTrue($worker->can('view-jobs', $project)); + } + + /** @test */ + public function only_admin_view_project_payment_list() + { + $admin = $this->createUser('admin'); + $project = factory(Project::class)->create(); + + $this->assertTrue($admin->can('view-payments', $project)); + } + + /** @test */ + public function only_admin_view_project_subscription_list() + { + $admin = $this->createUser('admin'); + $project = factory(Project::class)->create(); + + $this->assertTrue($admin->can('view-subscriptions', $project)); + } + + /** @test */ + public function only_admin_view_project_invoice_list() + { + $admin = $this->createUser('admin'); + $project = factory(Project::class)->create(); + + $this->assertTrue($admin->can('view-invoices', $project)); + } + + /** @test */ + public function admin_and_worker_view_project_file_list() + { + $admin = $this->createUser('admin'); + $worker = $this->createUser('worker'); + + $project = factory(Project::class)->create(); + $job = factory(Job::class)->create([ + 'project_id' => $project->id, + 'worker_id' => $worker->id, + ]); + + $this->assertTrue($admin->can('view-files', $project)); + $this->assertTrue($worker->can('view-files', $project)); + } }