From bc72c6c12e3ef0322503b5de2cd9ea77403ad94c Mon Sep 17 00:00:00 2001 From: devoalda Date: Fri, 11 Aug 2023 08:16:35 +0800 Subject: [PATCH] refactor(CRUD Policy): Moved Policy and data manipulation to policy and request --- .../Controllers/ProjectTodoController.php | 59 ++++--------------- .../Requests/Project/StoreTodoRequest.php | 13 +++- .../Requests/Project/UpdateTodoRequest.php | 21 ++++++- app/Policies/TodoPolicy.php | 20 ++++--- app/Providers/AuthServiceProvider.php | 7 ++- 5 files changed, 62 insertions(+), 58 deletions(-) diff --git a/app/Http/Controllers/ProjectTodoController.php b/app/Http/Controllers/ProjectTodoController.php index 0b70a07..c588223 100644 --- a/app/Http/Controllers/ProjectTodoController.php +++ b/app/Http/Controllers/ProjectTodoController.php @@ -55,26 +55,17 @@ class ProjectTodoController extends Controller */ public function store($project_id, StoreTodoRequest $request): RedirectResponse { + $user = User::find(auth()->user()->id); + $this->authorize('create', [Todo::class, $user]); + $validatedData = $request->validated(); - if(isset($validatedData['due_start'])) - $validatedData['due_start'] = strtotime($validatedData['due_start']); - - if (isset($validatedData['due_end'])) - $validatedData['due_end'] = strtotime($validatedData['due_end']); - elseif (isset($validatedData['due_start'])) - $validatedData['due_end'] = $validatedData['due_start']; -// - $todo = new Todo($validatedData); - - $user = User::find(auth()->user()->id); $project = $user->projects->find($project_id); // Add the Todo to the Project - $project->todos()->save($todo); + $project->todos()->save(new Todo($validatedData)); return redirect()->route('project.todo.index', $project_id) ->with('success', 'Todo created successfully.'); -// ->setStatusCode(201); } /** @@ -101,12 +92,8 @@ class ProjectTodoController extends Controller $projects = $user->projects; $project = $projects->find($project_id); - if (!$project || $project->user->id !== auth()->user()->id || $todo->user()[0]->id !== auth()->user()->id) - return back()->with('error', 'Project/Todo not found'); + $this->authorize('update', [Todo::class, $project, $todo]); - // Check if the given todo is in the given project (Reverse find with todo's project_id) - if ($todo->project->id !== $project_id) - return back()->with('error', 'Todo not found in the given project'); return view('todo.edit', compact('project', 'todo')); } @@ -114,39 +101,17 @@ class ProjectTodoController extends Controller /** * Update Todo in storage based on the given project */ - public function update($project_id, Request $request, Todo $todo) + public function update($project_id, UpdateTodoRequest $request, Todo $todo) { - if ($todo->project->id !== $project_id) { - return back()->with('error', 'Todo not found in the given project'); - } + $project = auth()->user()->projects->find($project_id); - $data = Request::only(['title', 'description', 'due_start', 'due_end', 'completed_at']); + $this->authorize('update', [Todo::class, $project, $todo]); - if (Request::filled('completed_at')) { - $todo->completed_at = Request::input('completed_at') === 'on' ? strtotime(now($this->timezone)) : null; - $todo->save(); - return back()->with('success', 'Todo updated successfully'); - } else { - // If 'completed_at' is not provided, toggle its value (only if the request is empty) - if (empty($data)) - $todo->completed_at = $todo->completed_at ? null : strtotime(now($this->timezone)); - else - // Continue to update other fields - unset($data['completed_at']); - } + // Update other fields + $todo->fill($request->validated()); - if (Request::filled('due_start')) { - $data['due_start'] = strtotime(Request::input('due_start')); - } - if (Request::filled('due_end')) { - $data['due_end'] = strtotime(Request::input('due_end')); - } elseif (isset($data['due_start'])) { - // If 'due_end' is not provided, set it to 'due_start' value - $data['due_end'] = strtotime(Request::input('due_start')); - } - - $todo->update($data); + $todo->save(); return back() ->with('success', 'Todo updated successfully'); @@ -157,6 +122,8 @@ class ProjectTodoController extends Controller */ public function destroy($project_id, Todo $todo): RedirectResponse { + $this->authorize('delete', [Todo::class, $todo]); + $todo->delete(); return redirect()->route('project.todo.index', $project_id) diff --git a/app/Http/Requests/Project/StoreTodoRequest.php b/app/Http/Requests/Project/StoreTodoRequest.php index 539888e..43585df 100644 --- a/app/Http/Requests/Project/StoreTodoRequest.php +++ b/app/Http/Requests/Project/StoreTodoRequest.php @@ -15,6 +15,15 @@ class StoreTodoRequest extends FormRequest return auth()->check(); } + public function prepareForValidation() + { + $this->merge([ + 'due_start' => $this->due_start ? strtotime(Carbon::parse($this->due_start)) : null, + 'due_end' => $this->due_end ? strtotime(Carbon::parse($this->due_end)) : + ($this->due_start ? strtotime(Carbon::parse($this->due_start)) : null), + ]); + } + /** * Get the validation rules that apply to the request. * @@ -25,8 +34,8 @@ class StoreTodoRequest extends FormRequest return [ 'title' => 'required|string|max:255', 'description' => 'nullable|string|max:255', - 'due_start' => 'nullable|date', - 'due_end' => 'nullable|date|after_or_equal:due_start', + 'due_start' => 'nullable', + 'due_end' => 'nullable', ]; } } diff --git a/app/Http/Requests/Project/UpdateTodoRequest.php b/app/Http/Requests/Project/UpdateTodoRequest.php index 56b4c83..1b0f77b 100644 --- a/app/Http/Requests/Project/UpdateTodoRequest.php +++ b/app/Http/Requests/Project/UpdateTodoRequest.php @@ -2,6 +2,7 @@ namespace App\Http\Requests\Project; +use Carbon\Carbon; use Illuminate\Contracts\Validation\ValidationRule; use Illuminate\Foundation\Http\FormRequest; @@ -15,6 +16,20 @@ class UpdateTodoRequest extends FormRequest return auth()->check(); } + /** + * Prepare the data for validation. + */ + public function prepareForValidation(): void + { + $this->merge([ + 'completed_at' => $this->completed_at ? strtotime(Carbon::parse('now')) : null, + 'due_start' => $this->due_start ? strtotime(Carbon::parse($this->due_start)) : null, + 'due_end' => $this->due_end ? strtotime(Carbon::parse($this->due_end)) : + ($this->due_start ? strtotime(Carbon::parse($this->due_start)) : null), + + ]); + } + /** * Get the validation rules that apply to the request. * @@ -23,7 +38,11 @@ class UpdateTodoRequest extends FormRequest public function rules(): array { return [ - // + 'title' => 'nullable|string|max:255', + 'description' => 'nullable|string|max:255', + 'due_start' => 'nullable', + 'due_end' => 'nullable', + 'completed_at' => 'nullable', ]; } } diff --git a/app/Policies/TodoPolicy.php b/app/Policies/TodoPolicy.php index a4ee8f5..66b1bc9 100644 --- a/app/Policies/TodoPolicy.php +++ b/app/Policies/TodoPolicy.php @@ -2,6 +2,7 @@ namespace App\Policies; +use App\Models\Project; use App\Models\Todo; use App\Models\User; use Illuminate\Auth\Access\Response; @@ -13,7 +14,7 @@ class TodoPolicy */ public function viewAny(User $user): bool { - // + return false; } /** @@ -21,7 +22,7 @@ class TodoPolicy */ public function view(User $user, Todo $todo): bool { - // + return $user->id === $todo->project->user->id; } /** @@ -29,15 +30,18 @@ class TodoPolicy */ public function create(User $user): bool { - // + return true; } /** * Determine whether the user can update the model. */ - public function update(User $user, Todo $todo): bool + public function update(User $user, Project $project, Todo $todo): bool { - // + if (!$project || $project->user->id !== $user->id || $todo->user()[0]->id !== $user->id) + return false; + + return $user->id === $todo->project->user->id; } /** @@ -45,7 +49,7 @@ class TodoPolicy */ public function delete(User $user, Todo $todo): bool { - // + return $user->id === $todo->project->user->id; } /** @@ -53,7 +57,7 @@ class TodoPolicy */ public function restore(User $user, Todo $todo): bool { - // + return $user->id === $todo->project->user->id; } /** @@ -61,6 +65,6 @@ class TodoPolicy */ public function forceDelete(User $user, Todo $todo): bool { - // + return $user->id === $todo->project->user->id; } } diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 54756cd..6a5fba2 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -3,6 +3,10 @@ namespace App\Providers; // use Illuminate\Support\Facades\Gate; +use App\Models\Pomo; +use App\Models\Todo; +use App\Policies\PomoPolicy; +use App\Policies\TodoPolicy; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider @@ -13,7 +17,8 @@ class AuthServiceProvider extends ServiceProvider * @var array */ protected $policies = [ - // + Pomo::class => PomoPolicy::class, + Todo::class => TodoPolicy::class, ]; /**