47 lines
1.5 KiB
PHP
47 lines
1.5 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
|
|
use Illuminate\Support\Facades\Gate;
|
|
|
|
class AuthServiceProvider extends ServiceProvider
|
|
{
|
|
protected $policies = [
|
|
// 'App\Models\Model' => 'App\Policies\ModelPolicy',
|
|
];
|
|
|
|
public function boot(): void
|
|
{
|
|
$this->registerPolicies();
|
|
|
|
// Fallback: map generic CRUD abilities to permission slugs directly
|
|
foreach (['create', 'read', 'update', 'delete'] as $ability) {
|
|
Gate::define($ability, function (User $user) use ($ability): bool {
|
|
return $user->hasPermission($ability) || $user->hasRole('admin');
|
|
});
|
|
}
|
|
|
|
// More specific examples
|
|
Gate::define('manage-settings', function (User $user): bool {
|
|
return $user->hasPermission('manage-settings') || $user->hasRole('admin');
|
|
});
|
|
Gate::define('manage-imports', function (User $user): bool {
|
|
return $user->hasPermission('manage-imports') || $user->hasRole('admin');
|
|
});
|
|
Gate::define('manage-document-templates', function (User $user): bool {
|
|
return $user->hasPermission('manage-document-templates') || $user->hasRole('admin');
|
|
});
|
|
|
|
// Global override for admin role
|
|
Gate::before(function (User $user, string $ability) {
|
|
if ($user->hasRole('admin')) {
|
|
return true;
|
|
}
|
|
|
|
return null; // fall through
|
|
});
|
|
}
|
|
}
|