/** * Checks if an entity has a restriction set upon it. * @param Ownable $ownable * @param $permission * @return bool */ public function checkOwnableUserAccess(Ownable $ownable, $permission) { if ($this->isAdmin) { return true; } $explodedPermission = explode('-', $permission); $baseQuery = $ownable->where('id', '=', $ownable->id); $action = end($explodedPermission); $this->currentAction = $action; $nonJointPermissions = ['restrictions']; // Handle non entity specific jointPermissions if (in_array($explodedPermission[0], $nonJointPermissions)) { $allPermission = $this->currentUser && $this->currentUser->can($permission . '-all'); $ownPermission = $this->currentUser && $this->currentUser->can($permission . '-own'); $this->currentAction = 'view'; $isOwner = $this->currentUser && $this->currentUser->id === $ownable->created_by; return $allPermission || $isOwner && $ownPermission; } // Handle abnormal create jointPermissions if ($action === 'create') { $this->currentAction = $permission; } return $this->entityRestrictionQuery($baseQuery)->count() > 0; }