Add policy

laravelwebdev · laravelwebdev · commit e0da939ca33f · 2024-08-13T05:55:09.000Z
diff --git a/.tinkerun/inspiring.php b/.tinkerun/inspiring.php
@@ -9,12 +9,14 @@
 use App\Models\UnitKerja;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Schema;
 use Laravel\Nova\Nova;
 
 
 
 
+
 // $kodes = KodeArsip::cache()->get('all')->all();
 
 // function setOptions($collection, $value, $label, $group='')
@@ -57,7 +59,9 @@
 
 // }
 // $b = nomor('2024','6',1,1,'B');
-User::cache()->get('all')->where('role','koordinator');
+User::cache()->get('all')->where('unit_kerja_id',1)->pluck('id')->toArray();
+
+
 
 
 
diff --git a/app/Models/IzinKeluar.php b/app/Models/IzinKeluar.php
@@ -16,7 +16,6 @@ class IzinKeluar extends Model
     protected $casts = [
         'tanggal' => 'date',
     ];
-
     /**
      * The "booted" method of the model.
      */
diff --git a/app/Nova/IzinKeluar.php b/app/Nova/IzinKeluar.php
@@ -47,6 +47,22 @@ public static function label()
         'kegiatan',
     ];
 
+    /**
+     * Build an "index" query for the given resource.
+     *
+     * @param  \Laravel\Nova\Http\Requests\NovaRequest  $request
+     * @param  \Illuminate\Database\Eloquent\Builder  $query
+     * @return \Illuminate\Database\Eloquent\Builder
+     */
+    public static function indexQuery(NovaRequest $request, $query)
+    {
+        $users = User::cache()->get('all')->where('unit_kerja_id',$request->user()->unit_kerja_id)->pluck('id')->toArray();
+        if (session('role') === 'anggota')
+            return $query->where('user_id', $request->user()->id);
+        if (session('role') === 'koordinator')
+            return $query->whereIn('user_id', $users);     
+    }
+
     /**
      * Get the fields displayed by the resource.
      *
diff --git a/app/Nova/JenisNaskah.php b/app/Nova/JenisNaskah.php
@@ -6,8 +6,6 @@
 use Laravel\Nova\Fields\BelongsTo;
 use Laravel\Nova\Fields\File;
 use Laravel\Nova\Fields\Text;
-
-Laravel\Nova\Fields\Textarea;
 use Laravel\Nova\Fields\URL;
 use Laravel\Nova\Http\Requests\NovaRequest;
 
diff --git a/app/Policies/IzinKeluarPolicy.php b/app/Policies/IzinKeluarPolicy.php
@@ -0,0 +1,89 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\IzinKeluar;
+use App\Models\User;
+use Illuminate\Auth\Access\Response;
+
+class IzinKeluarPolicy
+{
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(): bool
+    {
+        return in_array(session('role'), ['kepala','anggota','koordinator']);
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(User $user, IzinKeluar $izinKeluar): bool
+    {
+        $allowedyear = ((session('year') == $izinKeluar->tahun));
+        if (session('role') === 'kepala') {
+            return $allowedyear;
+        }
+        if (session('role') === 'koordinator') {
+            return $allowedyear && ($user->unit_kerja_id === $izinKeluar->user->unit_kerja_id);
+        }
+        if (session('role') === 'anggota') {
+            return $allowedyear && ($user->id === $izinKeluar->user_id);
+        }
+        return false;
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(User $user): bool
+    {
+        return in_array(session('role'), ['kepala','anggota','koordinator']);
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(User $user, IzinKeluar $izinKeluar): bool
+    {
+        $allowedyear = ((session('year') == $izinKeluar->tahun));
+        return $allowedyear && ($user->id === $izinKeluar->user_id);
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(User $user, IzinKeluar $izinKeluar): bool
+    {
+        $allowedyear = ((session('year') == $izinKeluar->tahun));
+        return $allowedyear && ($user->id === $izinKeluar->user_id);
+    }
+
+    /**
+     * Determine whether the user can restore the model.
+     */
+    public function restore(User $user, IzinKeluar $izinKeluar): bool
+    {
+        $allowedyear = ((session('year') == $izinKeluar->tahun));
+        return $allowedyear && ($user->id === $izinKeluar->user_id);
+    }
+
+    /**
+     * Determine whether the user can permanently delete the model.
+     */
+    public function forceDelete(User $user, IzinKeluar $izinKeluar): bool
+    {
+        $allowedyear = ((session('year') == $izinKeluar->tahun));
+        return $allowedyear && ($user->id === $izinKeluar->user_id);
+    }
+
+    /**
+     * Determine whether the user can replicate the model.
+     */
+    public function replicate(User $user, IzinKeluar $izinKeluar): bool
+    {
+        $allowedyear = ((session('year') == $izinKeluar->tahun));
+        return $allowedyear && ($user->id === $izinKeluar->user_id);
+    }
+}
diff --git a/app/Policies/JenisNaskahPolicy.php b/app/Policies/JenisNaskahPolicy.php
@@ -2,72 +2,69 @@
 
 namespace App\Policies;
 
-use App\Models\JenisNaskah;
-use App\Models\User;
-
 class JenisNaskahPolicy
 {
     /**
      * Determine whether the user can view any models.
      */
-    public function viewAny(User $user): bool
+    public function viewAny(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 
     /**
      * Determine whether the user can view the model.
      */
-    public function view(User $user, JenisNaskah $jenisNaskah): bool
+    public function view(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 
     /**
      * Determine whether the user can create models.
      */
-    public function create(User $user): bool
+    public function create(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 
     /**
      * Determine whether the user can update the model.
      */
-    public function update(User $user, JenisNaskah $jenisNaskah): bool
+    public function update(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');              
     }
 
     /**
      * Determine whether the user can delete the model.
      */
-    public function delete(User $user, JenisNaskah $jenisNaskah): bool
+    public function delete(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 
     /**
      * Determine whether the user can restore the model.
      */
-    public function restore(User $user, JenisNaskah $jenisNaskah): bool
+    public function restore(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 
     /**
      * Determine whether the user can permanently delete the model.
      */
-    public function forceDelete(User $user, JenisNaskah $jenisNaskah): bool
+    public function forceDelete(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 
     /**
      * Determine whether the user can replicate the model.
      */
-    public function replicate(User $user, JenisNaskah $jenisNaskah): bool
+    public function replicate(): bool
     {
-        return session('role') === 'admin';
+        return (session('role') === 'admin');
     }
 }
diff --git a/app/Policies/KodeArsipPolicy.php b/app/Policies/KodeArsipPolicy.php
@@ -0,0 +1,70 @@
+<?php
+
+namespace App\Policies;
+
+class KodeArsipPolicy
+{
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(): bool
+    {
+        return (session('role') === 'admin');              
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can restore the model.
+     */
+    public function restore(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can permanently delete the model.
+     */
+    public function forceDelete(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can replicate the model.
+     */
+    public function replicate(): bool
+    {
+        return (session('role') === 'admin');
+    }
+}
diff --git a/app/Policies/KodeNaskahPolicy.php b/app/Policies/KodeNaskahPolicy.php
@@ -0,0 +1,70 @@
+<?php
+
+namespace App\Policies;
+
+class KodeNaskahPolicy
+{
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(): bool
+    {
+        return (session('role') === 'admin');              
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can restore the model.
+     */
+    public function restore(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can permanently delete the model.
+     */
+    public function forceDelete(): bool
+    {
+        return (session('role') === 'admin');
+    }
+
+    /**
+     * Determine whether the user can replicate the model.
+     */
+    public function replicate(): bool
+    {
+        return (session('role') === 'admin');
+    }
+}
diff --git a/app/Policies/PengelolaPolicy.php b/app/Policies/PengelolaPolicy.php
diff --git a/app/Policies/UnitKerjaPolicy.php b/app/Policies/UnitKerjaPolicy.php
diff --git a/modified/policy.plain.stub b/modified/policy.plain.stub

Original file line number	Diff line number	Diff line change
`@@ -2,72 +2,69 @@`
`2`	`2`
`3`	`3`	`namespace App\Policies;`
`4`	`4`
`5`		`-use App\Models\JenisNaskah;`
`6`		`-use App\Models\User;`
`7`		`-`
`8`	`5`	`class JenisNaskahPolicy`
`9`	`6`	`{`
`10`	`7`	`/**`
`11`	`8`	`* Determine whether the user can view any models.`
`12`	`9`	`*/`
`13`		`- public function viewAny(User $user): bool`
	`10`	`+ public function viewAny(): bool`
`14`	`11`	`{`
`15`		`- return session('role') === 'admin';`
	`12`	`+ return (session('role') === 'admin');`
`16`	`13`	`}`
`17`	`14`
`18`	`15`	`/**`
`19`	`16`	`* Determine whether the user can view the model.`
`20`	`17`	`*/`
`21`		`- public function view(User $user, JenisNaskah $jenisNaskah): bool`
	`18`	`+ public function view(): bool`
`22`	`19`	`{`
`23`		`- return session('role') === 'admin';`
	`20`	`+ return (session('role') === 'admin');`
`24`	`21`	`}`
`25`	`22`
`26`	`23`	`/**`
`27`	`24`	`* Determine whether the user can create models.`
`28`	`25`	`*/`
`29`		`- public function create(User $user): bool`
	`26`	`+ public function create(): bool`
`30`	`27`	`{`
`31`		`- return session('role') === 'admin';`
	`28`	`+ return (session('role') === 'admin');`
`32`	`29`	`}`
`33`	`30`
`34`	`31`	`/**`
`35`	`32`	`* Determine whether the user can update the model.`
`36`	`33`	`*/`
`37`		`- public function update(User $user, JenisNaskah $jenisNaskah): bool`
	`34`	`+ public function update(): bool`
`38`	`35`	`{`
`39`		`- return session('role') === 'admin';`
	`36`	`+ return (session('role') === 'admin');`
`40`	`37`	`}`
`41`	`38`
`42`	`39`	`/**`
`43`	`40`	`* Determine whether the user can delete the model.`
`44`	`41`	`*/`
`45`		`- public function delete(User $user, JenisNaskah $jenisNaskah): bool`
	`42`	`+ public function delete(): bool`
`46`	`43`	`{`
`47`		`- return session('role') === 'admin';`
	`44`	`+ return (session('role') === 'admin');`
`48`	`45`	`}`
`49`	`46`
`50`	`47`	`/**`
`51`	`48`	`* Determine whether the user can restore the model.`
`52`	`49`	`*/`
`53`		`- public function restore(User $user, JenisNaskah $jenisNaskah): bool`
	`50`	`+ public function restore(): bool`
`54`	`51`	`{`
`55`		`- return session('role') === 'admin';`
	`52`	`+ return (session('role') === 'admin');`
`56`	`53`	`}`
`57`	`54`
`58`	`55`	`/**`
`59`	`56`	`* Determine whether the user can permanently delete the model.`
`60`	`57`	`*/`
`61`		`- public function forceDelete(User $user, JenisNaskah $jenisNaskah): bool`
	`58`	`+ public function forceDelete(): bool`
`62`	`59`	`{`
`63`		`- return session('role') === 'admin';`
	`60`	`+ return (session('role') === 'admin');`
`64`	`61`	`}`
`65`	`62`
`66`	`63`	`/**`
`67`	`64`	`* Determine whether the user can replicate the model.`
`68`	`65`	`*/`
`69`		`- public function replicate(User $user, JenisNaskah $jenisNaskah): bool`
	`66`	`+ public function replicate(): bool`
`70`	`67`	`{`
`71`		`- return session('role') === 'admin';`
	`68`	`+ return (session('role') === 'admin');`
`72`	`69`	`}`
`73`	`70`	`}`