- Departments + cross-department transfer workflow - Role-based closing (staff→resolved, manager→closed) with proof_of_resolution - Private file storage with collection system + temporary signed URLs - Dashboard: resolved tickets table, stats, handler performance bar chart - Spatie RBAC (admin/manager/staff) - Notifications: TicketTransferred, TicketClosed (database + mail) - Pest tests: 8 tests, 21 assertions - Docker production-ready (Dockerfile + compose + entrypoint)
45 lines
995 B
PHP
45 lines
995 B
PHP
<?php
|
|
|
|
namespace App\Policies;
|
|
|
|
use App\Models\Feedback;
|
|
use App\Models\User;
|
|
|
|
class FeedbackPolicy
|
|
{
|
|
public function viewAny(User $user): bool
|
|
{
|
|
return $user->hasRole(['admin', 'manager', 'staff']);
|
|
}
|
|
|
|
public function view(User $user, Feedback $feedback): bool
|
|
{
|
|
return $user->hasRole(['admin', 'manager', 'staff']);
|
|
}
|
|
|
|
public function create(User $user): bool
|
|
{
|
|
return $user->hasRole(['admin', 'manager', 'staff']);
|
|
}
|
|
|
|
public function update(User $user, Feedback $feedback): bool
|
|
{
|
|
return $user->hasRole(['admin', 'manager', 'staff']);
|
|
}
|
|
|
|
public function delete(User $user, Feedback $feedback): bool
|
|
{
|
|
return $user->hasRole(['admin', 'manager']);
|
|
}
|
|
|
|
public function restore(User $user, Feedback $feedback): bool
|
|
{
|
|
return $user->hasRole('admin');
|
|
}
|
|
|
|
public function forceDelete(User $user, Feedback $feedback): bool
|
|
{
|
|
return $user->hasRole('admin');
|
|
}
|
|
}
|