Skip to content

Commit db54cc7

Browse files
mchevmchev
committed
Fix reservation policy
1 parent 37ffd43 commit db54cc7

File tree

156 files changed

+2306
-4397
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

156 files changed

+2306
-4397
lines changed

app/Policies/ReservationPolicy.php

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,8 @@ public function viewAny(?User $user): bool
2525
public function view(User $user, Reservation $reservation): bool
2626
{
2727
return $user->id === $reservation->user_id ||
28-
$user->isAdminOf($reservation->organization) ||
29-
$user->isMemberOf($reservation->organization);
28+
($reservation->lenderOrganization && ($user->isAdminOf($reservation->lenderOrganization) || $user->isMemberOf($reservation->lenderOrganization))) ||
29+
($reservation->borrowerOrganization && ($user->isAdminOf($reservation->borrowerOrganization) || $user->isMemberOf($reservation->borrowerOrganization)));
3030
}
3131

3232
/**
@@ -43,7 +43,8 @@ public function create(User $user, Organization $organization): bool
4343
public function update(User $user, Reservation $reservation): bool
4444
{
4545
return $user->id === $reservation->user_id ||
46-
$user->isAdminOf($reservation->organization);
46+
($reservation->lenderOrganization && $user->isAdminOf($reservation->lenderOrganization)) ||
47+
($reservation->borrowerOrganization && $user->isAdminOf($reservation->borrowerOrganization));
4748
}
4849

4950
/**
@@ -52,22 +53,25 @@ public function update(User $user, Reservation $reservation): bool
5253
public function delete(User $user, Reservation $reservation): bool
5354
{
5455
return $user->id === $reservation->user_id ||
55-
$user->isAdminOf($reservation->organization);
56+
($reservation->lenderOrganization && $user->isAdminOf($reservation->lenderOrganization)) ||
57+
($reservation->borrowerOrganization && $user->isAdminOf($reservation->borrowerOrganization));
5658
}
5759

5860
/**
5961
* Determine whether the user can restore the model.
6062
*/
6163
public function restore(User $user, Reservation $reservation): bool
6264
{
63-
return $user->isAdminOf($reservation->organization);
65+
return ($reservation->lenderOrganization && $user->isAdminOf($reservation->lenderOrganization)) ||
66+
($reservation->borrowerOrganization && $user->isAdminOf($reservation->borrowerOrganization));
6467
}
6568

6669
/**
6770
* Determine whether the user can permanently delete the model.
6871
*/
6972
public function forceDelete(User $user, Reservation $reservation): bool
7073
{
71-
return $user->isAdminOf($reservation->organization);
74+
return ($reservation->lenderOrganization && $user->isAdminOf($reservation->lenderOrganization)) ||
75+
($reservation->borrowerOrganization && $user->isAdminOf($reservation->borrowerOrganization));
7276
}
7377
}

0 commit comments

Comments
 (0)