From bc2e4211286a6fc65d31d2a2c97a3ad303a5fb83 Mon Sep 17 00:00:00 2001 From: Saeed Vaziry Date: Sat, 23 Nov 2024 10:38:36 +0100 Subject: [PATCH] fix policies --- app/Policies/BackupPolicy.php | 23 +++++++++++++++-------- app/Policies/DatabasePolicy.php | 17 ++++++++++++----- app/Policies/DatabaseUserPolicy.php | 17 ++++++++++++----- app/Policies/SitePolicy.php | 29 ++++++++++++++++++----------- 4 files changed, 57 insertions(+), 29 deletions(-) diff --git a/app/Policies/BackupPolicy.php b/app/Policies/BackupPolicy.php index cd34c75c..994da248 100644 --- a/app/Policies/BackupPolicy.php +++ b/app/Policies/BackupPolicy.php @@ -13,29 +13,36 @@ class BackupPolicy public function viewAny(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->database(); } public function view(User $user, Backup $backup): bool { - return ($user->isAdmin() || $backup->server->project->users->contains($user)) && - $backup->server->isReady(); + return ($user->isAdmin() || $backup->server->project->users->contains($user)) + && $backup->server->isReady() + && $backup->server->database(); } public function create(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->database(); } public function update(User $user, Backup $backup): bool { - return ($user->isAdmin() || $backup->server->project->users->contains($user)) && - $backup->server->isReady(); + return ($user->isAdmin() || $backup->server->project->users->contains($user)) + && $backup->server->isReady() + && $backup->server->database(); } public function delete(User $user, Backup $backup): bool { - return ($user->isAdmin() || $backup->server->project->users->contains($user)) && - $backup->server->isReady(); + return ($user->isAdmin() || $backup->server->project->users->contains($user)) + && $backup->server->isReady() + && $backup->server->database(); } } diff --git a/app/Policies/DatabasePolicy.php b/app/Policies/DatabasePolicy.php index a3d4a887..5a0afc3a 100644 --- a/app/Policies/DatabasePolicy.php +++ b/app/Policies/DatabasePolicy.php @@ -13,29 +13,36 @@ class DatabasePolicy public function viewAny(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->database(); } public function view(User $user, Database $database): bool { return ($user->isAdmin() || $database->server->project->users->contains($user)) && - $database->server->isReady(); + $database->server->isReady() && + $database->server->database(); } public function create(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) && + $server->isReady() && + $server->database(); } public function update(User $user, Database $database): bool { return ($user->isAdmin() || $database->server->project->users->contains($user)) && - $database->server->isReady(); + $database->server->isReady() && + $database->server->database(); } public function delete(User $user, Database $database): bool { return ($user->isAdmin() || $database->server->project->users->contains($user)) && - $database->server->isReady(); + $database->server->isReady() && + $database->server->database(); } } diff --git a/app/Policies/DatabaseUserPolicy.php b/app/Policies/DatabaseUserPolicy.php index c4d0768e..a403d84e 100644 --- a/app/Policies/DatabaseUserPolicy.php +++ b/app/Policies/DatabaseUserPolicy.php @@ -13,29 +13,36 @@ class DatabaseUserPolicy public function viewAny(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->database(); } public function view(User $user, DatabaseUser $databaseUser): bool { return ($user->isAdmin() || $databaseUser->server->project->users->contains($user)) && - $databaseUser->server->isReady(); + $databaseUser->server->isReady() + && $databaseUser->server->database(); } public function create(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->database(); } public function update(User $user, DatabaseUser $databaseUser): bool { return ($user->isAdmin() || $databaseUser->server->project->users->contains($user)) && - $databaseUser->server->isReady(); + $databaseUser->server->isReady() + && $databaseUser->server->database(); } public function delete(User $user, DatabaseUser $databaseUser): bool { return ($user->isAdmin() || $databaseUser->server->project->users->contains($user)) && - $databaseUser->server->isReady(); + $databaseUser->server->isReady() + && $databaseUser->server->database(); } } diff --git a/app/Policies/SitePolicy.php b/app/Policies/SitePolicy.php index f5687b7b..5db61330 100644 --- a/app/Policies/SitePolicy.php +++ b/app/Policies/SitePolicy.php @@ -13,32 +13,39 @@ class SitePolicy public function viewAny(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->webserver(); } public function view(User $user, Site $site, Server $server): bool { - return ($user->isAdmin() || $site->server->project->users->contains($user)) && - $site->server_id === $server->id && - $site->server->isReady(); + return ($user->isAdmin() || $site->server->project->users->contains($user)) + && $site->server_id === $server->id + && $site->server->isReady() + && $site->server->webserver(); } public function create(User $user, Server $server): bool { - return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady(); + return ($user->isAdmin() || $server->project->users->contains($user)) + && $server->isReady() + && $server->webserver(); } public function update(User $user, Site $site, Server $server): bool { - return ($user->isAdmin() || $site->server->project->users->contains($user)) && - $site->server_id === $server->id && - $site->server->isReady(); + return ($user->isAdmin() || $site->server->project->users->contains($user)) + && $site->server_id === $server->id + && $site->server->isReady() + && $site->server->webserver(); } public function delete(User $user, Site $site, Server $server): bool { - return ($user->isAdmin() || $site->server->project->users->contains($user)) && - $site->server_id === $server->id && - $site->server->isReady(); + return ($user->isAdmin() || $site->server->project->users->contains($user)) + && $site->server_id === $server->id + && $site->server->isReady() + && $site->server->webserver(); } }