From a4265e488c15d6255e4327dd0e6fbbd72fe12b36 Mon Sep 17 00:00:00 2001
From: Nurmuhammet Allanov <nurmuhammet@mail.com>
Date: Fri, 8 Dec 2023 10:45:01 +0500
Subject: [PATCH] Add policy for action events

---
 .../Concerns/LoanOrderFieldsForDetail.php     |  6 +-
 app/Nova/Resources/Order/Loan/LoanOrder.php   |  5 +-
 .../System/Logs/ActionEventPolicy.php         | 74 +++++++++++++++++++
 app/Providers/AuthServiceProvider.php         | 19 ++++-
 4 files changed, 96 insertions(+), 8 deletions(-)
 create mode 100644 app/Policies/System/Logs/ActionEventPolicy.php

diff --git a/app/Nova/Resources/Order/Loan/Concerns/LoanOrderFieldsForDetail.php b/app/Nova/Resources/Order/Loan/Concerns/LoanOrderFieldsForDetail.php
index 4062024..df201c8 100644
--- a/app/Nova/Resources/Order/Loan/Concerns/LoanOrderFieldsForDetail.php
+++ b/app/Nova/Resources/Order/Loan/Concerns/LoanOrderFieldsForDetail.php
@@ -27,7 +27,7 @@ class LoanOrderFieldsForDetail
     /**
      * Loan order fields for detail
      */
-    public static function make(): array
+    public static function make($resource): array
     {
         return [
             ID::make()->hide(),
@@ -160,8 +160,8 @@ class LoanOrderFieldsForDetail
                     ->size('w-1/2'),
             ]),
 
-            MorphMany::make(__('Actions'), 'actions', config('nova.actions.resource'))
-                ->canSeeWhen('isAdmin', $this)
+            // MorphMany::make(__('Actions'), 'actions', config('nova.actions.resource'))
+            //     ->canSee(fn () => true)
         ];
     }
 }
diff --git a/app/Nova/Resources/Order/Loan/LoanOrder.php b/app/Nova/Resources/Order/Loan/LoanOrder.php
index 1902f48..256abdd 100644
--- a/app/Nova/Resources/Order/Loan/LoanOrder.php
+++ b/app/Nova/Resources/Order/Loan/LoanOrder.php
@@ -157,7 +157,7 @@ class LoanOrder extends Resource
      */
     public function fieldsForDetail(): array
     {
-        return LoanOrderFieldsForDetail::make();
+        return LoanOrderFieldsForDetail::make($this);
     }
 
     /**
@@ -380,6 +380,9 @@ class LoanOrder extends Resource
                     ->creationRules('required')
                     ->updateRules('nullable'),
             ]),
+
+            MorphMany::make(__('Actions'), 'actions', config('nova.actions.resource'))
+                ->canSee(fn ($request) => false)
         ];
     }
 
diff --git a/app/Policies/System/Logs/ActionEventPolicy.php b/app/Policies/System/Logs/ActionEventPolicy.php
new file mode 100644
index 0000000..5c85c4a
--- /dev/null
+++ b/app/Policies/System/Logs/ActionEventPolicy.php
@@ -0,0 +1,74 @@
+<?php
+
+namespace App\Policies\System\Logs;
+
+use Laravel\Nova\Actions\ActionEvent;
+use App\Models\User;
+use Illuminate\Auth\Access\Response;
+
+class ActionEventPolicy
+{
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(User $user): bool
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(User $user, ActionEvent $actionEvent): bool
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+        
+        return false;
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(User $user): bool
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(User $user, ActionEvent $actionEvent): bool
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(User $user, ActionEvent $actionEvent): bool
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can restore the model.
+     */
+    public function restore(User $user, ActionEvent $actionEvent): bool
+    {
+        return false;
+    }
+
+    /**
+     * Determine whether the user can permanently delete the model.
+     */
+    public function forceDelete(User $user, ActionEvent $actionEvent): bool
+    {
+        return false;
+    }
+}
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
index bba5550..9cf9ce0 100644
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -12,11 +12,13 @@ use App\Policies\Branch\BranchPolicy;
 use App\Policies\Order\Loan\LoanOrderPolicy;
 use App\Policies\Order\Loan\LoanTypePolicy;
 use App\Policies\System\Location\ProvincePolicy;
+use App\Policies\System\Logs\ActionEventPolicy;
 use App\Policies\System\Roles\PermissionPolicy;
 use App\Policies\System\Roles\RolePolicy;
 use App\Policies\UserPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 use Illuminate\Support\Facades\Gate;
+use Laravel\Nova\Actions\ActionEvent;
 
 class AuthServiceProvider extends ServiceProvider
 {
@@ -26,16 +28,25 @@ class AuthServiceProvider extends ServiceProvider
      * @var array<class-string, class-string>
      */
     protected $policies = [
+        // Orders...
+        LoanOrder::class => LoanOrderPolicy::class,
+        
+        // Users...
         User::class => UserPolicy::class,
 
+        // Roles and permession
         Role::class => RolePolicy::class,
         Permission::class => PermissionPolicy::class,
 
-        Province::class => ProvincePolicy::class,
-        Branch::class => BranchPolicy::class,
-
-        LoanOrder::class => LoanOrderPolicy::class,
+        // Loan types...
         LoanType::class => LoanTypePolicy::class,
+
+        // Branches and Provinces...
+        Branch::class => BranchPolicy::class,
+        Province::class => ProvincePolicy::class,
+
+        // ActionsEvents...
+        ActionEvent::class => ActionEventPolicy::class,
     ];
 
     /**