/** * Fired before the policies get checked. * @param User $user * @param $ability * @param $model Model|string * @return bool */ public function before(User $user, $ability, $model) { $this->class = is_object($model) ? get_class($model) : $model; // Does the user have the Super User role? if ($user->hasRole('Super User')) { return true; } // Does the particular class have a management ability? $this->manager = $this->permissions->exists('manage', $this->class); // Does the permission exist in the index? If not, grant by default. if (!$this->permissions->exists($ability, $this->class)) { return true; } // Is this a managed class and does the user have the managed permissions? if ($this->manager) { return $this->manage($user, $model, $ability); } }
/** * Give this role to a user. * @param User $user * @return null|Collection */ public function assign(User $user) { if ($user->hasRole($this)) { return null; } return $user->roles()->attach($this); }