zenithar/app/Models/User.php

<?php

namespace App\Models;

use App\Enums\RoleName;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;

class User extends Authenticatable
{
    use HasFactory, HasUlids, Notifiable;

    protected $table = 'users';

    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    protected $hidden = [
        'password',
        'remember_token',
    ];

    public function roles(): BelongsToMany
    {
        return $this->belongsToMany(Role::class, 'user_roles', 'user_id', 'role_id');
    }

    public function isAn(...$roles): bool
    {
        return $this->roles()->whereIn('name', $roles)->exists();
    }

    public function scopeFilterSuperadmin(Builder $query) {
        if(!auth()->check()) {
            return;
        }

        if (!auth()->user()->isAn(RoleName::SuperAdmin)) {
            $query->whereDoesntHave('roles', function (Builder $builder) {
                $builder->where('name', RoleName::SuperAdmin);
            });
        }
    }

    protected function casts(): array
    {
        return [
            'email_verified_at' => 'datetime',
            'password' => 'hashed',
        ];
    }
}