ibnezzoubayr/L-Ami-Fiduciaire
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c89d1879bf66c36fcc6943f4c7f511ed0ff6e3d0
L-Ami-Fiduciaire/app/Concerns/HasWorkspaceScope.php

31 lines
761 B
PHP
Raw Normal View History

feat: complete Epic 1 — team management & permission system - Story 1.1: Permission enum, config, AuthorizesPermissions & HasWorkspaceScope traits, member→worker migration - Story 1.2: Team page with member list, invitation system with queued email - Story 1.3: Role assignment (Manager/Worker) and member removal with activity logging - Story 1.4: Owner-only permission toggle matrix for Managers (manage team, view logs, configure portal) - Story 1.5: Role-based access enforcement — Workers see only assigned declarations/clients, sidebar scoping - Story 1.6: Workspace switcher dropdown for multi-workspace users with session-based switching - 83 new/modified files, 182 tests passing with zero regressions Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-18 00:12:50 +00:00
<?php
namespace App\Concerns;
use App\Models\Workspace;
use Illuminate\Database\Eloquent\Model;
trait HasWorkspaceScope
{
/**
* Resolve the current workspace from the session.
*/
protected function currentWorkspace(): Workspace
{
return auth()->user()->workspaces()
->where('workspaces.id', session('current_workspace_id'))
->firstOrFail();
}
/**
* Verify the given resource belongs to the current workspace.
* Aborts with 404 if the resource does not belong to the workspace.
*/
protected function authorizeWorkspaceAccess(Model $resource): void
{
if ($resource->workspace_id !== (int) session('current_workspace_id')) {
abort(404);
}
}
}
Reference in New Issue Copy Permalink