athphane/relaticle-comments
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add README, boost skill, and documentation site

Browse Source
This commit is contained in:
manukminasyan
2026-03-27 00:29:57 +04:00
parent 29fcbd8aec
commit b8d930df1a
25 changed files with 1741 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
docs/content/2.essentials/2.authorization.md Normal file
View File

@@ -0,0 +1,74 @@
---
title: Authorization
description: Control who can create, edit, delete, and reply to comments.
navigation:
icon: i-lucide-shield
seo:
description: Configure comment authorization policies.
---
## Default Policy
The built-in `CommentPolicy` provides sensible defaults:
| Method | Default | Description |
|--------|---------|-------------|
| `viewAny()` | `true` | Everyone can view comments |
| `create()` | `true` | Everyone can create comments |
| `update()` | Owner only | Only the comment author can edit |
| `delete()` | Owner only | Only the comment author can delete |
| `reply()` | Depth check | Can reply if `max_depth` not exceeded |
## Custom Policy
Create your own policy to customize authorization:
```php
namespace App\Policies;
use Relaticle\Comments\Comment;
use Relaticle\Comments\Contracts\Commenter;
class CustomCommentPolicy
{
public function viewAny(Commenter $user): bool
{
return true;
}
public function create(Commenter $user): bool
{
return true;
}
public function update(Commenter $user, Comment $comment): bool
{
return $comment->user_id === $user->getKey()
&& $comment->user_type === $user->getMorphClass();
}
public function delete(Commenter $user, Comment $comment): bool
{
return $comment->user_id === $user->getKey()
|| $user->hasRole('admin');
}
public function reply(Commenter $user, Comment $comment): bool
{
return $comment->canReply();
}
}
```
Register it in your config:
```php
// config/comments.php
'policy' => App\Policies\CustomCommentPolicy::class,
```
## How Authorization Works
The Livewire components check the policy before rendering action buttons. Edit and delete buttons only appear for authorized users. Reply buttons are hidden when the thread has reached the configured `max_depth`.
The policy is registered automatically by the service provider using Laravel's Gate system.