From a65ea639ed4b5989df23d2cd1fd4b25f20a3fe64 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 7 Dec 2017 21:00:09 -0800 Subject: [PATCH] Added comments to SnipePermissionsPolicy for clarity --- app/Policies/SnipePermissionsPolicy.php | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/app/Policies/SnipePermissionsPolicy.php b/app/Policies/SnipePermissionsPolicy.php index d0aac0eca6..b8d4501bdf 100644 --- a/app/Policies/SnipePermissionsPolicy.php +++ b/app/Policies/SnipePermissionsPolicy.php @@ -5,9 +5,31 @@ use App\Models\Company; use App\Models\User; use Illuminate\Auth\Access\HandlesAuthorization; +/** + * SnipePermissionsPolicy provides methods for handling the granular permissions used throughout Snipe-IT. + * Each "area" of a permission (which is usually a model, like Assets, Departments, etc), has a setting + * in config/permissions.php like view/create/edit/delete (and sometimes some extra stuff like + * checkout/checkin, etc.) + * + * A Policy should exist for each of these models, however if they only use the standard view/create/edit/delete, + * the policy can be pretty simple, for example with just one method setting the column name: + * + * protected function columnName() + * { + * return 'manufacturers'; + * } + * + */ + abstract class SnipePermissionsPolicy { - // This should return the key of the model in the users json permission string. + /** + * This should return the key of the model in the users json permission string. + * + * @return boolean + */ + + // abstract protected function columnName(); use HandlesAuthorization;