privacy != "strong" || $user->id == $model->id || Permission::canManageUserBasicInfo(); } public function viewEmail(User $user, User $model) { do_log(sprintf("user: %s, model: %s", $user->id, $model->id)); return $model->privacy == "low" || $user->id == $model->id || Permission::canViewUserConfidentialInfo(); } /** * Determine whether the user can create models. * * @param \App\Models\User $user * @return \Illuminate\Auth\Access\Response|bool */ public function create(User $user) { return $this->can($user); } /** * Determine whether the user can update the model. * * @param \App\Models\User $user * @param \App\Models\User $model * @return \Illuminate\Auth\Access\Response|bool */ public function update(User $user, User $model) { return $this->can($user); } /** * Determine whether the user can delete the model. * * @param \App\Models\User $user * @param \App\Models\User $model * @return \Illuminate\Auth\Access\Response|bool */ public function delete(User $user, User $model) { return $this->can($user); } /** * Determine whether the user can restore the model. * * @param \App\Models\User $user * @param \App\Models\User $model * @return \Illuminate\Auth\Access\Response|bool */ public function restore(User $user, User $model) { // } /** * Determine whether the user can permanently delete the model. * * @param \App\Models\User $user * @param \App\Models\User $model * @return \Illuminate\Auth\Access\Response|bool */ public function forceDelete(User $user, User $model) { // } private function can(User $user) { if ($user->class >= User::CLASS_ADMINISTRATOR) { return true; } return false; } }