koel/app/Policies/AlbumPolicy.php

31 lines
711 B
PHP
Raw Normal View History

<?php
namespace App\Policies;
use App\Facades\License;
use App\Models\Album;
use App\Models\Song;
use App\Models\User;
use Illuminate\Auth\Access\Response;
class AlbumPolicy
{
/**
* If the user can update the album (e.g. upload cover).
*/
public function update(User $user, Album $album): Response
{
if ($user->is_admin) {
return Response::allow();
}
if (License::isCommunity()) {
return Response::deny('This action is unauthorized.');
}
return $album->songs->every(static fn (Song $song) => $song->ownedBy($user))
? Response::allow()
: Response::deny('Album is not owned by the user.');
}
}