hasPermissionTo('pdn.view'); } public function view(User $user, PersonalData $data): bool { $allowed = $user->hasPermissionTo('pdn.view') && ($user->hasRole('admin') || $user->id === $data->owner_id); if ($allowed) { Audit::log('pdn.viewed', 'read', 'PersonalData:'.$data->id); } return $allowed; } public function create(User $user): bool { return $user->hasPermissionTo('pdn.create'); } public function update(User $user, PersonalData $data): bool { return $user->hasPermissionTo('pdn.update') && ($user->hasRole('admin') || $user->id === $data->owner_id); } public function delete(User $user, PersonalData $data): bool { return $user->hasPermissionTo('pdn.delete') && $user->hasRole('admin'); } public function export(User $user): bool { return $user->hasPermissionTo('pdn.export'); } }