/** * Returns any appeals that are open which this user can manage. * * @return Collection of \App\BanAppeal */ public static function getAppealsFor(PermissionUser $user) { return static::whereHas('ban', function ($query) use($user) { $query->whereActive(); $query->whereIn('board_uri', $user->canManageAppealsIn()); })->with('ban')->whereOpen()->get(); }
public function getLogVisibleIp($ip, PermissionUser $user = null) { if ($user !== null) { return $user->getTextForIP($ip); } return ip_less($ip); }
/** * Returns board uris with this permission. * * @param \App\Contracts\PermissionUser|null $user User roles must belong to. Defaults to null. * @param bool $anonymous Determines if we should allow generic, unassigned roles. Defaults true. * @return Collection of \App\Board->board_uri strings */ public function getBoardsWithPermissions(PermissionUser $user = null, $anonymous = true) { // Identify roles which affect this user. // Sometimes we will only want direct assignments. // This includes null user_id assignments for anonymouse users. $userRoles = UserRole::select('role_id')->where(function ($query) use($user, $anonymous) { if ($anonymous) { $query->whereNull('user_id'); } if ($user instanceof PermissionUser && !$user->isAnonymous()) { $query->orWhere('user_id', $user->user_id); } else { if (!$anonymous) { $query->where(\DB::raw('0'), '1'); } } })->get()->pluck('role_id'); if (!$userRoles) { return collect(); } $inheritRoles = Role::select('role_id', 'inherit_id')->whereIn('role_id', $userRoles)->get()->pluck('inherit_id')->filter(function ($item) { return !is_null($item); }); // Identify roles which use this permission, // or which borrow inherited roles. $validRoles = RolePermission::select('role_id', 'permission_id')->where(function ($query) use($userRoles, $inheritRoles) { $query->orWhereIn('role_id', $userRoles); if ($inheritRoles) { $query->orWhereIn('role_id', $inheritRoles); } })->where('permission_id', $this->permission_id)->get()->pluck('role_id'); if (!$validRoles) { return collect(); } // Find the intersection of roles we have and roles we want. $intersectIdents = collect($userRoles)->intersect(collect($validRoles)); $inheritIdents = collect($inheritRoles)->intersect(collect($validRoles)); $intersectRoles = collect(); if ($intersectIdents) { // These are only roles which are directly assigned to us with // this permission. $intersectRoles = collect(Role::select('role_id', 'board_uri')->whereIn('role_id', $intersectIdents)->get()->pluck('board_uri')); } if ($inheritIdents) { $intersectRoles = collect(Role::select('role_id', 'board_uri')->whereIn('inherit_id', $inheritIdents)->whereIn('role_id', $userRoles)->get()->pluck('board_uri'))->merge($intersectRoles); } return $intersectRoles; }
/** * Determines if the user can sticky or unsticky this post. * * @param App\Contracts\PermissionUser $user * @return boolean */ public function canSticky($user) { return $user->canSticky($this); }
/** * Narrows query to only roles which can be manipulated by this user. * * @param \App\Contracts\PermissionUser $user * @param \App\Board $board * @return Query */ public function scopeWhereLighterThanUser($query, PermissionUser $user, Board $board = null) { return $query->where(function ($query) use($user, $board) { $weight = -1; if ($user->canEditConfig(null)) { $weight = Role::WEIGHT_ADMIN; } else { if (!is_null($board) && $user->canEditConfig($board)) { $weight = Role::WEIGHT_OWNER; } } $query->where('weight', '<', $weight); }); }
public function canPostInLockedThreads(PermissionUser $user) { return $user->canPostInLockedThreads($this); }
/** * Determines if a user can view this ban (as moderator or client). * * @param PermissionUser $user * @return boolean */ public function canView(PermissionUser $user) { return $this->isBanForIP() || $user->canViewBan($this); }
/** * Reduced query to only reports that the user is directly responsible for. * This means 'site.reports' open `global` ONLY and 'board.reports' only matter in direct assignment. * * @param PermissionUser $user */ public function scopeWhereResponsibleFor($query, PermissionUser $user) { return $query->where(function ($query) use($user) { $query->whereIn('board_uri', $user->canInBoards('board.reports')); if (!$user->can('site.reports')) { $query->where('global', false); } else { $query->orWhere('global', true); } }); }
public function toTextForUser(PermissionUser $user) { return $user->getTextForIP($this->toText()); }