sber permissions

app/Modules/SberPaymentOrder/Nova/Resources/Concerns/NovaSberPaymentOrderAuth.php

@@ -0,0 +1,87 @@
+<?php
+
+namespace App\Modules\SberPaymentOrder\Nova\Resources\Concerns;
+
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
+
+trait NovaSberPaymentOrderAuth
+{
+    public function authorizeToView(Request $request)
+    {
+        $user = auth()->user();
+
+        if ($user->isSystemUser()) {
+            return;
+        }
+
+        if ($this->resource->user_id == auth()->id()) {
+            return;
+        }
+
+        throw new AuthorizationException();
+    }
+
+    /**
+     * Edit button
+     */
+    public function authorizedToUpdate(Request $request): bool
+    {
+        $user = auth()->user();
+
+        if ($user->isSystemUser()) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Edit proceess
+     */
+    public function authorizeToUpdate(Request $request): void
+    {
+        $user = auth()->user();
+
+        if ($user->isSystemUser()) {
+            return;
+        }
+
+        if ($this->resource->user_id == auth()->id()) {
+            return;
+        }
+
+        throw new AuthorizationException();
+    }
+
+    /**
+     * Delete button
+     */
+    public function authorizedToDelete(Request $request)
+    {
+        $user = auth()->user();
+
+        if ($user->isSystemUser()) {
+            return true;
+        }
+
+        return false;
+    }
+
+    public function authorizeToDelete(Request $request)
+    {
+        $user = auth()->user();
+
+        if ($user->isSystemUser()) {
+            return;
+        }
+
+        throw new AuthorizationException();
+    }
+
+    public function authorizedToForceDelete(Request $request)
+    {
+        throw_unless(auth()->user()->isMe(), AuthorizationException::class);
+    }
+}