Merge pull request #5335 from Laravel-Backpack/callable-access

Author: promatik

src/app/Library/CrudPanel/Traits/Access.php

@@ -3,16 +3,14 @@
 namespace Backpack\CRUD\app\Library\CrudPanel\Traits;
 
 use Backpack\CRUD\app\Exceptions\AccessDeniedException;
+use Illuminate\Database\Eloquent\Model;
 
 trait Access
 {
     /**
      * Set an operation as having access using the Settings API.
-     *
-     * @param  string|array  $operation
-     * @return bool
      */
-    public function allowAccess($operation)
+    public function allowAccess(array|string $operation): bool
     {
         foreach ((array) $operation as $op) {
             $this->set($op.'.access', true);
@@ -23,11 +21,8 @@ public function allowAccess($operation)
 
     /**
      * Disable the access to a certain operation, or the current one.
-     *
-     * @param  string|array  $operation  [description]
-     * @return [type] [description]
      */
-    public function denyAccess($operation)
+    public function denyAccess(array|string $operation): bool
     {
         foreach ((array) $operation as $op) {
             $this->set($op.'.access', false);
@@ -38,25 +33,29 @@ public function denyAccess($operation)
 
     /**
      * Check if a operation is allowed for a Crud Panel. Return false if not.
-     *
-     * @param  string  $operation
-     * @return bool
      */
-    public function hasAccess($operation)
+    public function hasAccess(string $operation, $entry = null): bool
     {
-        return $this->get($operation.'.access') ?? false;
+        $condition = $this->get($operation.'.access');
+
+        if (is_callable($condition)) {
+            // supply the current entry, if $entry is missing
+            // this also makes sure the entry is null when missing
+            $entry ??= $this->getCurrentEntry() ?: null;
+
+            return $condition($entry);
+        }
+
+        return $condition ?? false;
     }
 
     /**
      * Check if any operations are allowed for a Crud Panel. Return false if not.
-     *
-     * @param  string|array  $operation_array
-     * @return bool
      */
-    public function hasAccessToAny($operation_array)
+    public function hasAccessToAny(array|string $operation_array, ?Model $entry = null): bool
     {
         foreach ((array) $operation_array as $key => $operation) {
-            if ($this->get($operation.'.access') == true) {
+            if ($this->hasAccess($operation, $entry) == true) {
                 return true;
             }
         }
@@ -66,14 +65,11 @@ public function hasAccessToAny($operation_array)
 
     /**
      * Check if all operations are allowed for a Crud Panel. Return false if not.
-     *
-     * @param  array  $operation_array  Permissions.
-     * @return bool
      */
-    public function hasAccessToAll($operation_array)
+    public function hasAccessToAll(array|string $operation_array, ?Model $entry = null): bool
     {
         foreach ((array) $operation_array as $key => $operation) {
-            if (! $this->get($operation.'.access')) {
+            if (! $this->hasAccess($operation, $entry)) {
                 return false;
             }
         }
@@ -84,17 +80,42 @@ public function hasAccessToAll($operation_array)
     /**
      * Check if a operation is allowed for a Crud Panel. Fail if not.
      *
-     * @param  string  $operation
-     * @return bool
-     *
      * @throws \Backpack\CRUD\Exception\AccessDeniedException in case the operation is not enabled
      */
-    public function hasAccessOrFail($operation)
+    public function hasAccessOrFail(string $operation, ?Model $entry = null): bool
     {
-        if (! $this->get($operation.'.access')) {
+        if (! $this->hasAccess($operation, $entry)) {
             throw new AccessDeniedException(trans('backpack::crud.unauthorized_access', ['access' => $operation]));
         }
 
         return true;
     }
+
+    /**
+     * Get an operation's access condition, if set. A condition
+     * can be anything, but usually a boolean or a callable.
+     */
+    public function getAccessCondition(string $operation): bool|callable|null
+    {
+        return $this->get($operation.'.access');
+    }
+
+    /**
+     * Set the condition under which an operation is allowed for a Crud Panel.
+     */
+    public function setAccessCondition(array|string $operation, bool|callable|null $condition): void
+    {
+        foreach ((array) $operation as $op) {
+            $this->set($op.'.access', $condition);
+        }
+    }
+
+    /**
+     * Check if an operation has an access condition already set.
+     * A condition can be anything, but usually a boolean or a callable.
+     */
+    public function hasAccessCondition(string $operation): bool
+    {
+        return $this->get($operation.'.access') !== null;
+    }
 }

src/resources/views/crud/buttons/delete.blade.php

@@ -1,4 +1,4 @@
-@if ($crud->hasAccess('delete'))
+@if ($crud->hasAccess('delete', $entry))
     <a href="javascript:void(0)" onclick="deleteEntry(this)" data-route="{{ url($crud->route.'/'.$entry->getKey()) }}" class="btn btn-sm btn-link" data-button-type="delete">
         <span><i class="la la-trash"></i> {{ trans('backpack::crud.delete') }}</span>
     </a>

src/resources/views/crud/buttons/quick.blade.php

@@ -20,7 +20,7 @@
     $wrapper['class'] = $wrapper['class'] ?? $defaultClass;
 @endphp
 
-@if ($access === true || $crud->hasAccess($access))
+@if ($access === true || $crud->hasAccess($access, isset($entry) ? $entry : null))
     <{{ $wrapper['element'] }}
         @foreach ($wrapper as $attribute => $value)
             @if (is_string($attribute))

src/resources/views/crud/buttons/show.blade.php

@@ -1,4 +1,4 @@
-@if ($crud->hasAccess('show'))
+@if ($crud->hasAccess('show', $entry))
 	@if (!$crud->model->translationEnabled())
 
 	{{-- Single edit button --}}

src/resources/views/crud/buttons/update.blade.php

@@ -1,4 +1,4 @@
-@if ($crud->hasAccess('update'))
+@if ($crud->hasAccess('update', $entry))
 	@if (!$crud->model->translationEnabled())
 
 	{{-- Single edit button --}}