Merge pull request #123 from binaryk/authorize-repository

Authorize repository

Author: Lupacescu Eduard

src/Commands/stubs/policy.stub

@@ -16,6 +16,17 @@ class DummyClass
      * @param  \App\User  $user
      * @return mixed
      */
+    public function showEvery(User $user = null)
+    {
+        //
+    }
+
+    /**
+     * Determine whether the user is authorized to access the repository uriKey
+     *
+     * @param  \App\User  $user
+     * @return mixed
+     */
     public function showAny(User $user = null)
     {
         //

src/Http/Requests/InteractWithRepositories.php

@@ -44,7 +44,7 @@ public function repository($key = null)
             }
 
             if (! $repository::authorizedToShowAny($this)) {
-                throw new UnauthorizedException(__('Unauthorized to view repository :name.', [
+                throw new UnauthorizedException(__('Unauthorized to view repository :name. See "showAny" policy.', [
                     'name' => $repository,
                 ]), 403);
             }

src/Repositories/Crudable.php

@@ -47,7 +47,7 @@ public function index(RestifyRequest $request)
         });
 
         try {
-            $this->allowToViewAny($request, $items);
+            $this->allowToShowEvery($request, $items);
         } catch (UnauthorizedException | AuthorizationException $e) {
             return $this->response()->forbidden()->addError($e->getMessage());
         }
@@ -203,9 +203,9 @@ public function allowToShow($request)
      * @param Collection $items
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function allowToViewAny($request, Collection $items)
+    public function allowToShowEvery($request, Collection $items)
     {
-        $this->authorizeToShowAny($request);
+        $this->authorizeToShowEvery($request);
     }
 
     /**

src/Traits/AuthorizableModels.php

@@ -69,6 +69,41 @@ public static function authorizedToShowAny(Request $request)
             : true;
     }
 
+    /**
+     * Determine if the resource should be available for the given request (.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @return void
+     * @throws AuthorizationException
+     */
+    public function authorizeToShowEvery(Request $request)
+    {
+        if (! static::authorizable()) {
+            return;
+        }
+
+        if (method_exists(Gate::getPolicyFor(static::newModel()), 'showEvery')) {
+            $this->authorizeTo($request, 'showEvery');
+        }
+    }
+
+    /**
+     * Determine if the resource should be available for the given request.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @return bool
+     */
+    public static function authorizedToShowEvery(Request $request)
+    {
+        if (! static::authorizable()) {
+            return true;
+        }
+
+        return method_exists(Gate::getPolicyFor(static::newModel()), 'showEvery')
+            ? Gate::check('showEvery', get_class(static::newModel()))
+            : true;
+    }
+
     /**
      * Determine if the current user can view the given resource or throw.
      *