function it_can_intercept_permission(User $user) { $user->abilities()->shouldBeCalled()->willReturn(['super-update']); $this->intercept('update', function ($user, $ability) { return $this->check('super-update'); })->check('update')->shouldEqual(true); }
/** * Check if user granted an ability * * @param string $ability * @return boolean */ public function check($ability) { $return = true; $ability = $this->applyAlias($ability); if (!$this->applyPrecondition($ability)) { $return = false; } // Intercept was applied and return false if (!$this->applyIntercept($ability)) { $return = false; } // Checking if user has ability and the owner of the resource if (!in_array($ability, $this->user->abilities()) || !$this->applyForResource()) { $return = false; } return $return; }
public function isBelongsTo(User $user) { return $user->id() === $this->ownerId; }