protected function hasPermission($permission, Model $requester)
{
if ($permission == 'create') {
return true;
}
$idProp = $this->userPropertyForProfileId();
if (in_array($permission, ['view', 'edit']) && $this->id() == $requester->{$idProp}) {
return true;
}
return $requester->isAdmin();
}
protected function hasPermission($permission, Model $requester)
{
// always allow new user registrations
if ($permission == 'create') {
return true;
}
// users can only edit themselves
if ($permission === 'edit' && $requester instanceof self && $requester->id() == $this->id()) {
return true;
}
// otherwise, defer to admin permissions
return $requester->isAdmin();
}
protected function hasPermission($permission, Model $requester)
{
return $requester->isAdmin();
}