/** * @return array */ public function getFunctions() { return [new Twig_SimpleFunction('user', [$this, 'getUserValue'], ['is_safe' => ['html']]), new Twig_SimpleFunction('user_input', function ($name) { return request($name, $this->getUserValue($name)); }), new Twig_SimpleFunction('link_to_profile', function () { $args = func_get_args(); if (is_array($args[0])) { $userId = isset($args['user_id']) ? $args['user_id'] : $args['id']; $name = isset($args['user_name']) ? $args['user_name'] : $args['name']; $isActive = $args['is_active']; $isBlocked = $args['is_blocked']; } else { $userId = array_shift($args); $name = array_shift($args); $isActive = array_shift($args); $isBlocked = array_shift($args); } $attributes = ['data-user-id' => $userId]; if ($isBlocked || !$isActive) { $attributes['class'] = 'del'; } return link_to_route('profile', $name, $userId, $attributes); }, ['is_safe' => ['html']]), new Twig_SimpleFunction('user_photo', function ($photo) { return $photo ? asset('storage/photo/' . $photo) : asset('img/avatar.png'); }), new Twig_SimpleFunction('can', function ($ability, $policy) { return Auth::guest() ? false : policy($policy)->{$ability}(auth()->user(), $policy); })]; }
/** * Show the form for creating a new resource. * * @param \App\User $user * @return \Illuminate\Http\Response */ public function create($user) { // Clean up the URL before letting Authenticated User Post // $this->authorize('create', $user) not working! if (!policy(Post::class)->create(Auth::user(), $user)) { return redirect('users/' . Auth::user()->profile_link . '/posts/create'); } return view(Config::get('boxtar.createPost'), compact('user')); }
/** * Display the specified resource. * * @param int $id * * @return \Illuminate\Http\Response */ public function show($id) { $category = Category::findOrFail($id); if (policy($category)->show(auth()->user(), $category)) { $bills = $category->bills()->with('categories')->latest('made_at')->paginate(20); return view('bill.index', compact('bills')); } else { return redirect('bill')->withErrors('你没有足够的权限来执行此操作。'); } }
function getGraphName($type, $p) { if ($type == 'mksdc-datasets') { return dataset($p); } else { if ($type == 'mksdc-policies') { return policy($p); } } }
public function store(CommentFormRequest $request, $postId) { $post = Post::findOrFail($postId); policy(Comment::class)->create($request->user(), $post); $comment = new Comment($request->all()); $comment->user()->associate($request->user()); $comment->post()->associate($post); $comment->save(); return $this->createDefaultResponse($request); }
/** * @param FrontendMenuCreated $event */ public function composeFrontendMenu(FrontendMenuCreated $event) { if (Auth::guest() || !policy(Page::class)->index(Auth::user())) { return; } $event->handler->addChild('site::page.title.index')->setUri('#')->setExtra('icon', 'file-o'); foreach (Page::published()->get() as $page) { $event->handler['site::page.title.index']->addChild($page->slug)->setLabel($page->content->title)->setUri(route('site.show', ['slug' => $page->slug]))->setExtra('raw', true); } }
/** * Get the policy registered for this model. * * @param Model $model * @return mixed|null */ protected function XgetModelPolicy(Model $model) { try { $policy = policy($model); if (is_subclass_of($policy, EloquentJsPolicy::class)) { return $policy; } } catch (\InvalidArgumentException $exception) { } return null; }
/** * Display a listing of the resource. * * @return \Eos\Http\Response\Format\JsonApi */ public function index() { $user = $this->user(); if ($user == null) { throw new UnauthorizedHttpException("Bearer", "You are not authorized to see all permissions.", null, 0xc00401); } if (!policy(Permission::class)->canSeeAll($user)) { throw new HttpException(403, "You are not authorized to see all permissions.", null, [], 0xc00402); } $permissions = $this->repository->all(); return $this->response->collection($permissions, new PermissionTransformer(), ["key" => "permissions"]); }
public function destroy(Request $request, Tasks2 $task2) { $response = new Response(); $destroy_message = ''; if (policy($task2)->destroy($request->user(), $task2)) { $task2->delete(); $destroy_message = $response->getStatusText(Response::HTTP_OK); } else { $destroy_message = $response->getStatusText(Response::HTTP_UNAUTHORIZED); } return back()->with('destroy_message', $destroy_message); }
/** * Display a listing of the resource. * * @return \Eos\Http\Response\Format\JsonApi */ public function index() { $user = $this->user(); // if ($user == null) { // throw new UnauthorizedHttpException("Bearer", "You are not authorized to see all users.", null, 0x00C00301); // } if (!policy($user)->canSeeAll($user)) { throw new HttpException(403, "You are not authorized to see all users.", null, [], 0xc00302); } $users = $this->repository->all(); return $this->response->collection($users, new UserTransformer(), ["key" => "users"]); }
/** * @param FrontendMenuCreated $event */ public function composeFrontendMenu(FrontendMenuCreated $event) { if (Auth::check() && policy(Category::class)->index(Auth::user())) { $event->handler->addChild('support::support.index')->setExtra('routes', ['support.category.show', 'support.category.index'])->setUri(route('support.category.index'))->setExtra('icon', 'question-circle'); } }
/** * @param FrontendMenuCreated $event */ public function composeFrontendMenu(FrontendMenuCreated $event) { if (Auth::check() && policy(Post::class)->index(Auth::user())) { $event->handler->addChild('blog::blog.index')->setExtra('routes', ['blog.post.show', 'blog.category.show'])->setUri(route('blog.post.index'))->setExtra('icon', 'newspaper-o'); } }