From 0d23d28a65e37e95514cced8cdceb008784d5544 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 11 Apr 2024 15:15:56 +0100 Subject: [PATCH] Added comments Signed-off-by: snipe --- app/Models/CompanyableTrait.php | 7 ++++++- app/Providers/AuthServiceProvider.php | 25 ++++++++++++++++--------- 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/app/Models/CompanyableTrait.php b/app/Models/CompanyableTrait.php index b03b346d2e..df67f2be4f 100644 --- a/app/Models/CompanyableTrait.php +++ b/app/Models/CompanyableTrait.php @@ -5,8 +5,13 @@ namespace App\Models; trait CompanyableTrait { /** - * Boot the companyable trait for a model. + * This trait is used to scope models to the current company. To use this scope on companyable models, + * we use the "use Companyable;" statement at the top of the mode. * + * We CANNOT USE THIS ON USERS, as it causes an infinite loop and prevents users from logging in, since this scope will be + * applied to the currently logged in (or logging in) user in addition to the user model for viewing lists of users. + * + * @see \App\Models\Company\Company::scopeCompanyables() * @return void */ public static function bootCompanyableTrait() diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 9d493e85bb..11a5d3c1ba 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -93,21 +93,28 @@ class AuthServiceProvider extends ServiceProvider Passport::personalAccessTokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years'))); Passport::withCookieSerialization(); - // -------------------------------- - // BEFORE ANYTHING ELSE - // -------------------------------- - // If this condition is true, ANYTHING else below will be assumed - // to be true. This can cause weird blade behavior. + + /** + * BEFORE ANYTHING ELSE + * + * If this condition is true, ANYTHING else below will be assumed to be true. + * This is where we set the superadmin permission to allow superadmins to be able to do everything within the system. + * + */ Gate::before(function ($user) { if ($user->isSuperUser()) { return true; } }); - // -------------------------------- - // GENERAL GATES - // These control general sections of the admin - // -------------------------------- + + /** + * GENERAL GATES + * + * These control general sections of the admin. These definitions are used in our blades via @can('blah) and also + * use in our controllers to determine if a user has access to a certain area. + */ + Gate::define('admin', function ($user) { if ($user->hasAccess('admin')) { return true;