From a5f8751f94986d3658ebc1375bedc4071b66c13b Mon Sep 17 00:00:00 2001
From: aslan <aslan@aslan.ru>
Date: Wed, 14 Feb 2024 10:18:45 +0300
Subject: [PATCH] refactoring User resource

---
 .env.example                                  |  3 +
 app/Http/Controllers/admin/UserController.php |  5 ++
 app/Policies/UserPolicy.php                   | 65 +++++++++++++++++++
 app/Providers/AuthServiceProvider.php         |  4 +-
 config/app.php                                |  2 +
 database/seeders/DatabaseSeeder.php           |  4 +-
 6 files changed, 80 insertions(+), 3 deletions(-)
 create mode 100644 app/Policies/UserPolicy.php

diff --git a/.env.example b/.env.example
index 2721c55..3d857c4 100644
--- a/.env.example
+++ b/.env.example
@@ -4,6 +4,9 @@ APP_KEY=
 APP_DEBUG=true
 APP_URL=http://localhost
 
+ADMIN_NAME=admin
+ADMIN_EMAIL=test@example.com
+
 LOG_CHANNEL=stack
 LOG_DEPRECATIONS_CHANNEL=null
 LOG_LEVEL=debug
diff --git a/app/Http/Controllers/admin/UserController.php b/app/Http/Controllers/admin/UserController.php
index 4150da0..a2f0d3c 100644
--- a/app/Http/Controllers/admin/UserController.php
+++ b/app/Http/Controllers/admin/UserController.php
@@ -15,6 +15,11 @@ use Illuminate\Support\Str;
 
 class UserController extends Controller
 {
+    public function __construct()
+    {
+        $this->authorizeResource(User::class, 'user');
+    }
+
     public function index(): View|Application|Factory|\Illuminate\Contracts\Foundation\Application
     {
         abort_if(Auth::user()->name !== 'admin', 403);
diff --git a/app/Policies/UserPolicy.php b/app/Policies/UserPolicy.php
new file mode 100644
index 0000000..baa9ba0
--- /dev/null
+++ b/app/Policies/UserPolicy.php
@@ -0,0 +1,65 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\User;
+use Illuminate\Auth\Access\Response;
+
+class UserPolicy
+{
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(User $user): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(User $user, User $model): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(User $user): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(User $user, User $model): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(User $user, User $model): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+
+    /**
+     * Determine whether the user can restore the model.
+     */
+    public function restore(User $user, User $model): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+
+    /**
+     * Determine whether the user can permanently delete the model.
+     */
+    public function forceDelete(User $user, User $model): bool
+    {
+        return $user->name === config('app.admin_name') && $user->email === config('app.admin_email');
+    }
+}
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
index 54756cd..db9607e 100644
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -3,6 +3,8 @@
 namespace App\Providers;
 
 // use Illuminate\Support\Facades\Gate;
+use App\Models\User;
+use App\Policies\UserPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 
 class AuthServiceProvider extends ServiceProvider
@@ -13,7 +15,7 @@ class AuthServiceProvider extends ServiceProvider
      * @var array<class-string, class-string>
      */
     protected $policies = [
-        //
+        User::class => UserPolicy::class,
     ];
 
     /**
diff --git a/config/app.php b/config/app.php
index 9207160..56258ee 100644
--- a/config/app.php
+++ b/config/app.php
@@ -185,4 +185,6 @@ return [
         // 'Example' => App\Facades\Example::class,
     ])->toArray(),
 
+    'admin_name' => env('ADMIN_NAME'),
+    'admin_email' => env('ADMIN_EMAIL')
 ];
diff --git a/database/seeders/DatabaseSeeder.php b/database/seeders/DatabaseSeeder.php
index 711c6fa..6b484d6 100644
--- a/database/seeders/DatabaseSeeder.php
+++ b/database/seeders/DatabaseSeeder.php
@@ -13,8 +13,8 @@ class DatabaseSeeder extends Seeder
     public function run(): void
     {
         User::factory()->create([
-            'name' => 'admin',
-            'email' => 'test@example.com',
+            'name' => config('app.admin_name'),
+            'email' => config('app.admin_email'),
             'password' => 123456
         ]);