request + policy
This commit is contained in:
parent
c106d04ba8
commit
55215be5d9
4 changed files with 20 additions and 37 deletions
|
@ -3,6 +3,7 @@
|
|||
namespace App\Http\Requests;
|
||||
|
||||
use Illuminate\Foundation\Http\FormRequest;
|
||||
use Illuminate\Validation\Rule;
|
||||
|
||||
class StoreOwnedRequest extends FormRequest
|
||||
{
|
||||
|
@ -13,7 +14,7 @@ class StoreOwnedRequest extends FormRequest
|
|||
*/
|
||||
public function authorize()
|
||||
{
|
||||
return false;
|
||||
return $this->user()->can('create', Joined::class);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -24,7 +25,15 @@ public function authorize()
|
|||
public function rules()
|
||||
{
|
||||
return [
|
||||
//
|
||||
'categories' => ['required', 'array'],
|
||||
'categories.*' => ['numeric', 'exists:categories,id'],
|
||||
'subject' => ['required', 'string'],
|
||||
'status' => ['required', 'string', Rule::in(['current', 'upcoming'])],
|
||||
'slug' => ['required', 'alpha_dash'],
|
||||
'title' => ['nullable', 'string'],
|
||||
'image' => ['nullable', 'image'],
|
||||
'date_opened' => ['nullable', 'date'],
|
||||
'hold_member_updates' => ['nullable', 'boolean'],
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
use App\Models\Collective;
|
||||
use App\Models\Joined;
|
||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class JoinedPolicy
|
||||
{
|
||||
|
@ -14,19 +13,16 @@ class JoinedPolicy
|
|||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function viewAny(Collective $collective)
|
||||
{
|
||||
return Auth::check();
|
||||
return auth_collective()->id === $collective->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can view the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Joined $joined
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function view(Collective $collective, Joined $joined)
|
||||
|
@ -37,19 +33,16 @@ public function view(Collective $collective, Joined $joined)
|
|||
/**
|
||||
* Determine whether the user can create models.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function create(Collective $collective)
|
||||
{
|
||||
return Auth::check();
|
||||
return auth_collective()->id === $collective->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Joined $joined
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function update(Collective $collective, Joined $joined)
|
||||
|
@ -60,8 +53,6 @@ public function update(Collective $collective, Joined $joined)
|
|||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Joined $joined
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function delete(Collective $collective, Joined $joined)
|
||||
|
@ -72,8 +63,6 @@ public function delete(Collective $collective, Joined $joined)
|
|||
/**
|
||||
* Determine whether the user can restore the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Joined $joined
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function restore(Collective $collective, Joined $joined)
|
||||
|
@ -84,8 +73,6 @@ public function restore(Collective $collective, Joined $joined)
|
|||
/**
|
||||
* Determine whether the user can permanently delete the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Joined $joined
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function forceDelete(Collective $collective, Joined $joined)
|
||||
|
|
|
@ -13,82 +13,70 @@ class OwnedPolicy
|
|||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function viewAny(Collective $collective)
|
||||
{
|
||||
//
|
||||
return auth_collective()->id === $collective->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can view the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Owned $owned
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function view(Collective $collective, Owned $owned)
|
||||
{
|
||||
//
|
||||
return $collective->id === $owned->collective_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can create models.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function create(Collective $collective)
|
||||
{
|
||||
//
|
||||
return auth_collective()->id === $collective->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Owned $owned
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function update(Collective $collective, Owned $owned)
|
||||
{
|
||||
//
|
||||
return $collective->id === $owned->collective_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Owned $owned
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function delete(Collective $collective, Owned $owned)
|
||||
{
|
||||
//
|
||||
return $collective->id === $owned->collective_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can restore the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Owned $owned
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function restore(Collective $collective, Owned $owned)
|
||||
{
|
||||
//
|
||||
return $collective->id === $owned->collective_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether the user can permanently delete the model.
|
||||
*
|
||||
* @param \App\Models\Collective $collective
|
||||
* @param \App\Models\Owned $owned
|
||||
* @return \Illuminate\Auth\Access\Response|bool
|
||||
*/
|
||||
public function forceDelete(Collective $collective, Owned $owned)
|
||||
{
|
||||
//
|
||||
return $collective->id === $owned->collective_id;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -37,7 +37,6 @@ public function definition()
|
|||
'title' => $this->faker->words(3, true),
|
||||
'image' => $this->faker->imageUrl(),
|
||||
'hold_member_updates' => $this->faker->boolean(),
|
||||
'notify_pending' => $this->faker->boolean(),
|
||||
'sort_by' => 'country',
|
||||
];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue