|
|
@ -9,11 +9,25 @@ class UserPolicy |
|
|
{ |
|
|
{ |
|
|
use HandlesAuthorization; |
|
|
use HandlesAuthorization; |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
|
* Determine whether the user can edit the user data. |
|
|
|
|
|
* |
|
|
|
|
|
* @param \App\User $user |
|
|
|
|
|
* @param \App\User $editableUser |
|
|
|
|
|
* @return mixed |
|
|
|
|
|
*/ |
|
|
public function edit(User $user, User $editableUser) |
|
|
public function edit(User $user, User $editableUser) |
|
|
{ |
|
|
{ |
|
|
return $editableUser->id == $user->id || $editableUser->manager_id == $user->id; |
|
|
return $editableUser->id == $user->id || $editableUser->manager_id == $user->id; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
|
* Determine whether the user can delete the user. |
|
|
|
|
|
* |
|
|
|
|
|
* @param \App\User $user |
|
|
|
|
|
* @param \App\User $editableUser |
|
|
|
|
|
* @return mixed |
|
|
|
|
|
*/ |
|
|
public function delete(User $user, User $editableUser) |
|
|
public function delete(User $user, User $editableUser) |
|
|
{ |
|
|
{ |
|
|
return $editableUser->manager_id == $user->id && $editableUser->id != $user->id; |
|
|
return $editableUser->manager_id == $user->id && $editableUser->id != $user->id; |
|
|
|
Nafies Luthfi
7 years ago