mirror of
https://github.com/koel/koel
synced 2024-11-24 13:13:05 +00:00
899c7176c1
The comment below motivated me to find a better solution for the repeated authorisation checks: ```php // This can't be put into a Request authorize(), due to Laravel(?)'s limitation. ``` This is the result.
16 lines
317 B
PHP
16 lines
317 B
PHP
<?php
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
|
|
|
class UserPolicy
|
|
{
|
|
use HandlesAuthorization;
|
|
|
|
public function destroy(User $currentUser, User $userToDestroy)
|
|
{
|
|
return $currentUser->is_admin || $currentUser->id !== $userToDestroy->id;
|
|
}
|
|
}
|