1 files changed, 49 insertions, 0 deletions

diff --git a/app/Policies/WritingPolicy.php b/app/Policies/WritingPolicy.php
new file mode 100644
index 0000000..e2bbaab
--- /dev/null
+++ b/app/Policies/WritingPolicy.php
@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\User;
+use App\Models\Writing;
+
+class WritingPolicy
+{
+    /**
+     * Anyone can view listings.
+     */
+    public function viewAny(?User $user): bool
+    {
+        return true;
+    }
+
+    /**
+     * Anyone can view a single writing.
+     */
+    public function view(?User $user, Writing $writing): bool
+    {
+        return true;
+    }
+
+    /**
+     * Any authenticated user can create writings.
+     */
+    public function create(User $user): bool
+    {
+        return true;
+    }
+
+    /**
+     * Only the owner or an admin can update.
+     */
+    public function update(User $user, Writing $writing): bool
+    {
+        return $user->id === $writing->user_id || $user->isAdmin();
+    }
+
+    /**
+     * Only the owner or an admin can delete.
+     */
+    public function delete(User $user, Writing $writing): bool
+    {
+        return $user->id === $writing->user_id || $user->isAdmin();
+    }
+}