Ways to Determine Both Role and if CurrentTeam is Model Team

Posted 11 months ago by brysonreece

I was wondering, is there a simpler way to check if a user is performing an action on a model with correct permissions, while also checking they are performing actions on behalf of the current team?

For instance, I have a Team->Note relationship set up, so if I only want admins to edit Notes, my controller method looks like:

public function edit(Note $note) {
    if (Auth::user()->currentTeam->is($note->team) && Auth::user()->isTeamAdmin($note->team)) {
        // do work
    }
    else {
        // redirect back with error
    }
}

Now, at first glance it works and isn't bad, but that's a fairly long if statement to include in every admin method, especially if the number of Model subchildren grow (think if Note had a tree of children below it).

Please sign in or create an account to participate in this conversation.

Reply to

Use Markdown with GitHub-flavored code blocks.