Add project policy object

8 years ago · 12e11fd4bf
5 changed files with 117 additions and 8 deletions
--- a/app/Policies/Partners/PartnerPolicy.php
+++ b/app/Policies/Partners/PartnerPolicy.php
@ -11,7 +11,7 @@ class PartnerPolicy
    use HandlesAuthorization;

    /**
-     * Determine whether the user can view the project.
+     * Determine whether the user can view the partner.
     *
     * @param  \App\Entities\Users\User  $user
     * @param  \App\Entities\Partners\Partner  $partner
@ -24,7 +24,7 @@ class PartnerPolicy
    }

    /**
-     * Determine whether the user can create projects.
+     * Determine whether the user can create partners.
     *
     * @param  \App\Entities\Users\User  $user
     * @param  \App\Entities\Partners\Partner  $partner
@ -37,7 +37,7 @@ class PartnerPolicy
    }

    /**
-     * Determine whether the user can update the project.
+     * Determine whether the user can update the partner.
     *
     * @param  \App\Entities\Users\User  $user
     * @param  \App\Entities\Partners\Partner  $partner
@ -50,7 +50,7 @@ class PartnerPolicy
    }

    /**
-     * Determine whether the user can delete the project.
+     * Determine whether the user can delete the partner.
     *
     * @param  \App\Entities\Users\User  $user
     * @param  \App\Entities\Partners\Partner  $partner
--- a/app/Policies/Projects/ProjectPolicy.php
+++ b/app/Policies/Projects/ProjectPolicy.php
@ -0,0 +1,62 @@
+<?php
+
+namespace App\Policies\Projects;
+
+use App\Entities\Projects\Project;
+use App\Entities\Users\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class ProjectPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Determine whether the user can view the project.
+     *
+     * @param  \App\Entities\Users\User  $user
+     * @param  \App\Entities\Projects\Project  $project
+     * @return mixed
+     */
+    public function view(User $user, Project $project)
+    {
+        // User can only view the project if he is the project's agency owner.
+        return $user->agency->id == $project->owner_id;
+    }
+
+    /**
+     * Determine whether the user can create projects.
+     *
+     * @param  \App\Entities\Users\User  $user
+     * @param  \App\Entities\Projects\Project  $project
+     * @return mixed
+     */
+    public function create(User $user, Project $project)
+    {
+        // User can create a project if they owns an agency.
+        return  ! is_null($user->agency);
+    }
+
+    /**
+     * Determine whether the user can update the project.
+     *
+     * @param  \App\Entities\Users\User  $user
+     * @param  \App\Entities\Projects\Project  $project
+     * @return mixed
+     */
+    public function update(User $user, Project $project)
+    {
+        return $this->view($user, $project);
+    }
+
+    /**
+     * Determine whether the user can delete the project.
+     *
+     * @param  \App\Entities\Users\User  $user
+     * @param  \App\Entities\Projects\Project  $project
+     * @return mixed
+     */
+    public function delete(User $user, Project $project)
+    {
+        return $this->view($user, $project);
+    }
+}
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@ -15,6 +15,7 @@ class AuthServiceProvider extends ServiceProvider
     */
    protected $policies = [
        'App\Entities\Partners\Partner' => 'App\Policies\Partners\PartnerPolicy',
+        'App\Entities\Projects\Project' => 'App\Policies\Projects\ProjectPolicy',
        'App\Entities\Users\Event'      => 'App\Policies\EventPolicy',
    ];

--- a/tests/Unit/Policies/PartnerPolicyTest.php
+++ b/tests/Unit/Policies/PartnerPolicyTest.php
@ -3,13 +3,10 @@
 namespace Tests\Unit\Policies;

 use App\Entities\Partners\Partner;
-use Illuminate\Foundation\Testing\DatabaseMigrations;
 use Tests\TestCase as TestCase;

-class PartnerTest extends TestCase
+class PartnerPolicyTest extends TestCase
 {
-    use DatabaseMigrations;
-
    /** @test */
    public function user_can_create_partner()
    {
--- a/tests/Unit/Policies/ProjectPolicyTest.php
+++ b/tests/Unit/Policies/ProjectPolicyTest.php
@ -0,0 +1,49 @@
+<?php
+
+namespace Tests\Unit\Policies;
+
+use App\Entities\Agencies\Agency;
+use App\Entities\Projects\Project;
+use Tests\TestCase as TestCase;
+
+class ProjectPolicyTest extends TestCase
+{
+    /** @test */
+    public function user_can_create_project()
+    {
+        $user   = $this->userSigningIn();
+        $agency = factory(Agency::class)->create(['owner_id' => $user->id]);
+
+        $this->assertTrue($user->can('create', new Project));
+    }
+
+    /** @test */
+    public function user_can_view_project()
+    {
+        $user    = $this->userSigningIn();
+        $agency  = factory(Agency::class)->create(['owner_id' => $user->id]);
+        $project = factory(Project::class)->create(['owner_id' => $agency->id]);
+
+        $this->assertTrue($user->can('view', $project));
+    }
+
+    /** @test */
+    public function user_can_update_project()
+    {
+        $user    = $this->userSigningIn();
+        $agency  = factory(Agency::class)->create(['owner_id' => $user->id]);
+        $project = factory(Project::class)->create(['owner_id' => $agency->id]);
+
+        $this->assertTrue($user->can('update', $project));
+    }
+
+    /** @test */
+    public function user_can_delete_project()
+    {
+        $user    = $this->userSigningIn();
+        $agency  = factory(Agency::class)->create(['owner_id' => $user->id]);
+        $project = factory(Project::class)->create(['owner_id' => $agency->id]);
+
+        $this->assertTrue($user->can('delete', $project));
+    }
+}