sackey
e3b2b220d2
- Increased icon sizes in service items, service orders, users, and technician management for better visibility. - Added custom loading indicators with appropriate icons in search fields for vehicles, work orders, and technicians. - Introduced invoice management routes for better organization and access control. - Created a new test for the estimate PDF functionality to ensure proper rendering and data integrity.
109 lines
3.2 KiB
PHP
109 lines
3.2 KiB
PHP
<?php
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Models\Estimate;
|
|
use App\Models\User;
|
|
|
|
class EstimatePolicy
|
|
{
|
|
/**
|
|
* Determine whether the user can view any models.
|
|
*/
|
|
public function viewAny(User $user): bool
|
|
{
|
|
// Super admin has global access
|
|
if ($user->hasRole('super_admin')) {
|
|
return true;
|
|
}
|
|
|
|
// Service coordinators, supervisors, and admins can view all estimates in their branch
|
|
return $user->hasAnyRole(['service_coordinator', 'service_supervisor', 'admin'], $user->branch_code);
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can view the model.
|
|
*/
|
|
public function view(User $user, Estimate $estimate): bool
|
|
{
|
|
// Super admin has global access
|
|
if ($user->hasRole('super_admin')) {
|
|
return true;
|
|
}
|
|
|
|
// Service coordinators, supervisors, and admins can view estimates in their branch
|
|
// Or if they created the estimate
|
|
return $user->hasAnyRole(['service_coordinator', 'service_supervisor', 'admin'], $user->branch_code) ||
|
|
$estimate->prepared_by_id === $user->id;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can create models.
|
|
*/
|
|
public function create(User $user): bool
|
|
{
|
|
// Super admin has global access
|
|
if ($user->hasRole('super_admin')) {
|
|
return true;
|
|
}
|
|
|
|
// Service coordinators, supervisors, and admins can create estimates in their branch
|
|
return $user->hasAnyRole(['service_coordinator', 'service_supervisor', 'admin'], $user->branch_code);
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can update the model.
|
|
*/
|
|
public function update(User $user, Estimate $estimate): bool
|
|
{
|
|
// Super admin has global access
|
|
if ($user->hasRole('super_admin')) {
|
|
return true;
|
|
}
|
|
|
|
// Service coordinators, supervisors, and admins can update estimates in their branch
|
|
// Or if they created the estimate (and it's still in draft status)
|
|
if ($user->hasAnyRole(['service_coordinator', 'service_supervisor', 'admin'], $user->branch_code)) {
|
|
return true;
|
|
}
|
|
|
|
// Creator can edit their own draft estimates
|
|
return $estimate->prepared_by_id === $user->id && $estimate->status === 'draft';
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can delete the model.
|
|
*/
|
|
public function delete(User $user, Estimate $estimate): bool
|
|
{
|
|
// Super admin has global access
|
|
if ($user->hasRole('super_admin')) {
|
|
return true;
|
|
}
|
|
|
|
// Service supervisors and admins can delete estimates in their branch
|
|
if ($user->hasAnyRole(['service_supervisor', 'admin'], $user->branch_code)) {
|
|
return true;
|
|
}
|
|
|
|
// Creator can delete their own draft estimates
|
|
return $estimate->prepared_by_id === $user->id && $estimate->status === 'draft';
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can restore the model.
|
|
*/
|
|
public function restore(User $user, Estimate $estimate): bool
|
|
{
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Determine whether the user can permanently delete the model.
|
|
*/
|
|
public function forceDelete(User $user, Estimate $estimate): bool
|
|
{
|
|
return false;
|
|
}
|
|
}
|