public function registerPermissions() { $this->extend(new Permission('forum.view'), new Permission('forum.startDiscussion'), new Permission('discussion.rename'), new Permission('discussion.delete'), new Permission('discussion.reply'), new Permission('post.edit'), new Permission('post.delete')); Forum::grantPermission(function ($grant, $user, $permission) { return $user->hasPermission('forum.' . $permission); }); Post::grantPermission(function ($grant, $user, $permission) { return $user->hasPermission('post' . $permission); }); // Grant view access to a post only if the user can also view the // discussion which the post is in. Also, the if the post is hidden, // the user must have edit permissions too. Post::grantPermission('view', function ($grant) { $grant->whereCan('view', 'discussion'); }); Post::demandPermission('view', function ($demand) { $demand->whereNull('hide_user_id')->orWhereCan('edit'); }); // Allow a user to edit their own post, unless it has been hidden by // someone else. Post::grantPermission('edit', function ($grant, $user) { $grant->where('user_id', $user->id)->where(function ($query) use($user) { $query->whereNull('hide_user_id')->orWhere('hide_user_id', $user->id); }); // @todo add limitations to time etc. according to a config setting }); User::grantPermission(function ($grant, $user, $permission) { return $user->hasPermission('user.' . $permission); }); // Grant view access to a user if the user can view the forum. User::grantPermission('view', function ($grant, $user) { $grant->whereCan('view', 'forum'); }); // Allow a user to edit their own account. User::grantPermission(['edit', 'delete'], function ($grant, $user) { $grant->where('id', $user->id); }); Discussion::grantPermission(function ($grant, $user, $permission) { return $user->hasPermission('discussion.' . $permission); }); // Grant view access to a discussion if the user can view the forum. Discussion::grantPermission('view', function ($grant, $user) { $grant->whereCan('view', 'forum'); }); // Allow a user to rename their own discussion. Discussion::grantPermission('rename', function ($grant, $user) { $grant->where('start_user_id', $user->id); // @todo add limitations to time etc. according to a config setting }); }