protected function load($select = array(), $with = array()) { $map_model_repos = array('category' => 'categories', 'thread' => 'threads', 'post' => 'posts'); $map_route_models = array('forum.get.view.category' => 'category', 'forum.get.create.thread' => 'category', 'forum.get.view.thread' => 'thread', 'forum.post.lock.thread' => 'thread', 'forum.post.pin.thread' => 'thread', 'forum.delete.thread' => 'thread', 'forum.get.edit.post' => 'post', 'forum.delete.post' => 'post'); $map_route_permissions = array('forum.get.view.category' => 'access_category', 'forum.get.create.thread' => 'create_threads', 'forum.get.view.thread' => 'access_category', 'forum.post.lock.thread' => 'lock_threads', 'forum.post.pin.thread' => 'pin_threads', 'forum.delete.thread' => 'delete_threads', 'forum.get.edit.post' => 'edit_post', 'forum.delete.post' => 'delete_posts'); $route_name = Route::current()->getName(); foreach ($select as $model => $id) { $this->collections[$model] = $this->{$map_model_repos[$model]}->getByID($id, $with); if (isset($map_route_permissions[$route_name]) && $model == $map_route_models[$route_name]) { AccessControl::check($this->collections[$model], $map_route_permissions[$route_name]); } } $this->check404(); }
public function getUserCanDeleteAttribute() { return AccessControl::check($this, 'delete_threads', false); }
public function getUserCanPostAttribute() { return AccessControl::check($this, 'create_threads', false); }