From 17275e3ff608e7210ff3ec98d07f2167bd344fa0 Mon Sep 17 00:00:00 2001 From: Geist5000 Date: Wed, 21 Jul 2021 13:56:13 +0200 Subject: [PATCH 1/6] basic store function --- app/Http/Controllers/SharedSaveController.php | 13 +++++++++++-- routes/api.php | 19 +++++++++++++------ 2 files changed, 24 insertions(+), 8 deletions(-) diff --git a/app/Http/Controllers/SharedSaveController.php b/app/Http/Controllers/SharedSaveController.php index 07a6f64..2996a74 100644 --- a/app/Http/Controllers/SharedSaveController.php +++ b/app/Http/Controllers/SharedSaveController.php @@ -2,7 +2,9 @@ namespace App\Http\Controllers; +use App\Models\Save; use App\Models\SharedSave; +use App\Models\User; use Illuminate\Http\Request; class SharedSaveController extends Controller @@ -23,9 +25,16 @@ public function index() * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ - public function store(Request $request) + public function store(Request $request,Save $save, User $user) { - // + $validated = $request->validate([ + "permission" => ["required","integer","min:0","max:2"] + ]); + $this->authorize("create",[SharedSave::class,$save]); + $shared_save = new SharedSave($validated); + $shared_save->user_id = $user->id; + $save->invitations()->save($shared_save); + return response()->created("contribution",$shared_save); } /** diff --git a/routes/api.php b/routes/api.php index d71dba6..90662f5 100644 --- a/routes/api.php +++ b/routes/api.php @@ -18,18 +18,25 @@ | is assigned the "api" middleware group. Enjoy building your API! | */ -Route::group(["middleware"=>"auth:api"],function (){ +Route::group(["middleware" => "auth:api"], function () { Route::apiResources([ - "tools"=>ToolController::class, - "saves"=>SaveController::class, - "invitation_link"=>InvitationLinkController::class, + "tools" => ToolController::class, + "saves" => SaveController::class, + "invitation_link" => InvitationLinkController::class, ]); + Route::apiResource("contribution", SharedSaveController::class, [ + "except" => ["store"] + ]); + + Route::post("/saves/{save}/contributors/{user}", [SharedSaveController::class, "store"])->name("contribution.store"); + Route::post("/users/{user}/contributions/{save}", [SharedSaveController::class, "store"])->name("contribution.store"); + // Users - Route::get('users/{user}/saves','App\Http\Controllers\UserSavesController@index'); + Route::get('users/{user}/saves', 'App\Http\Controllers\UserSavesController@index'); Route::get("checkUsername", 'App\Http\Controllers\UserController@checkUsername'); - Route::apiResource('users',UserController::class); + Route::apiResource('users', UserController::class); }); From 34e44af069e568520eeb2076bc7b16605408fa2d Mon Sep 17 00:00:00 2001 From: Geist5000 Date: Wed, 21 Jul 2021 14:45:24 +0200 Subject: [PATCH 2/6] finished create routes --- app/Http/Controllers/SharedSaveController.php | 5 +++++ app/Policies/SharedSavePolicy.php | 19 +++++++++++-------- routes/api.php | 7 ++++--- 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/app/Http/Controllers/SharedSaveController.php b/app/Http/Controllers/SharedSaveController.php index 2996a74..2897b15 100644 --- a/app/Http/Controllers/SharedSaveController.php +++ b/app/Http/Controllers/SharedSaveController.php @@ -33,10 +33,15 @@ public function store(Request $request,Save $save, User $user) $this->authorize("create",[SharedSave::class,$save]); $shared_save = new SharedSave($validated); $shared_save->user_id = $user->id; + $shared_save->accepted = false; $save->invitations()->save($shared_save); return response()->created("contribution",$shared_save); } + public function storeReverse(Request $request,User $user, Save $save){ + return $this->store($request,$save,$user); + } + /** * Display the specified resource. * diff --git a/app/Policies/SharedSavePolicy.php b/app/Policies/SharedSavePolicy.php index 70c79f2..817efcb 100644 --- a/app/Policies/SharedSavePolicy.php +++ b/app/Policies/SharedSavePolicy.php @@ -2,6 +2,8 @@ namespace App\Policies; +use App\Helper\PermissionHelper; +use App\Models\Save; use App\Models\SharedSave; use App\Models\User; use Illuminate\Auth\Access\HandlesAuthorization; @@ -18,7 +20,7 @@ class SharedSavePolicy */ public function viewAny(User $user) { - // + return false; } /** @@ -30,7 +32,8 @@ public function viewAny(User $user) */ public function view(User $user, SharedSave $sharedSave) { - // + $save = $sharedSave->safe; + return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_READ); } /** @@ -39,9 +42,9 @@ public function view(User $user, SharedSave $sharedSave) * @param \App\Models\User $user * @return mixed */ - public function create(User $user) + public function create(User $user, Save $save) { - // + return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_ADMIN); } /** @@ -53,7 +56,7 @@ public function create(User $user) */ public function update(User $user, SharedSave $sharedSave) { - // + return $sharedSave->safe->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_ADMIN); } /** @@ -65,7 +68,7 @@ public function update(User $user, SharedSave $sharedSave) */ public function delete(User $user, SharedSave $sharedSave) { - // + return $sharedSave->safe->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_ADMIN); } /** @@ -77,7 +80,7 @@ public function delete(User $user, SharedSave $sharedSave) */ public function restore(User $user, SharedSave $sharedSave) { - // + return false; } /** @@ -89,6 +92,6 @@ public function restore(User $user, SharedSave $sharedSave) */ public function forceDelete(User $user, SharedSave $sharedSave) { - // + return false; } } diff --git a/routes/api.php b/routes/api.php index 90662f5..76a0bfe 100644 --- a/routes/api.php +++ b/routes/api.php @@ -25,12 +25,13 @@ "invitation_link" => InvitationLinkController::class, ]); + + // contributors Route::apiResource("contribution", SharedSaveController::class, [ "except" => ["store"] - ]); - + ])->parameter("contribution","sharedSave"); Route::post("/saves/{save}/contributors/{user}", [SharedSaveController::class, "store"])->name("contribution.store"); - Route::post("/users/{user}/contributions/{save}", [SharedSaveController::class, "store"])->name("contribution.store"); + Route::post("/users/{user}/contributions/{save}", [SharedSaveController::class, "storeReverse"])->name("contribution.store"); // Users From b3d9d1edfe63990f38f9fd721f3aa9fc746da1d7 Mon Sep 17 00:00:00 2001 From: Geist5000 Date: Wed, 21 Jul 2021 14:55:06 +0200 Subject: [PATCH 3/6] delete, update, show routes implemented --- app/Http/Controllers/SharedSaveController.php | 43 +++++++++++++------ app/Policies/SharedSavePolicy.php | 2 +- ..._06_23_171701_create_shared_save_table.php | 3 ++ 3 files changed, 33 insertions(+), 15 deletions(-) diff --git a/app/Http/Controllers/SharedSaveController.php b/app/Http/Controllers/SharedSaveController.php index 2897b15..1414c8d 100644 --- a/app/Http/Controllers/SharedSaveController.php +++ b/app/Http/Controllers/SharedSaveController.php @@ -2,28 +2,33 @@ namespace App\Http\Controllers; +use App\Http\Resources\SharedSaveResource; use App\Models\Save; use App\Models\SharedSave; use App\Models\User; use Illuminate\Http\Request; +use Illuminate\Http\Resources\Json\AnonymousResourceCollection; +use Illuminate\Http\Response; class SharedSaveController extends Controller { /** * Display a listing of the resource. * - * @return \Illuminate\Http\Response + * @return AnonymousResourceCollection */ public function index() { - // + $this->authorize("viewAny",SharedSave::class); + + return SharedSaveResource::collection(SharedSave::simplePaginate()); } /** * Store a newly created resource in storage. * - * @param \Illuminate\Http\Request $request - * @return \Illuminate\Http\Response + * @param Request $request + * @return Response */ public function store(Request $request,Save $save, User $user) { @@ -45,34 +50,44 @@ public function storeReverse(Request $request,User $user, Save $save){ /** * Display the specified resource. * - * @param \App\Models\SharedSave $sharedSave - * @return \Illuminate\Http\Response + * @param SharedSave $sharedSave + * @return SharedSaveResource */ public function show(SharedSave $sharedSave) { - // + $this->authorize("view",$sharedSave); + + return new SharedSaveResource($sharedSave); } /** * Update the specified resource in storage. * - * @param \Illuminate\Http\Request $request - * @param \App\Models\SharedSave $sharedSave - * @return \Illuminate\Http\Response + * @param Request $request + * @param SharedSave $sharedSave + * @return Response */ public function update(Request $request, SharedSave $sharedSave) { - // + $this->authorize("update",$sharedSave); + $validated = $request->validate([ + "permission" => ["integer","min:0","min:2"] + ]); + $sharedSave->fill($validated); + $sharedSave->save(); + return \response()->noContent(Response::HTTP_OK); } /** * Remove the specified resource from storage. * - * @param \App\Models\SharedSave $sharedSave - * @return \Illuminate\Http\Response + * @param SharedSave $sharedSave + * @return Response */ public function destroy(SharedSave $sharedSave) { - // + $this->authorize("delete",$sharedSave); + $sharedSave->delete(); + return \response()->noContent(Response::HTTP_OK); } } diff --git a/app/Policies/SharedSavePolicy.php b/app/Policies/SharedSavePolicy.php index 817efcb..266048a 100644 --- a/app/Policies/SharedSavePolicy.php +++ b/app/Policies/SharedSavePolicy.php @@ -20,7 +20,7 @@ class SharedSavePolicy */ public function viewAny(User $user) { - return false; + return env("APP_DEBUG"); } /** diff --git a/database/migrations/2021_06_23_171701_create_shared_save_table.php b/database/migrations/2021_06_23_171701_create_shared_save_table.php index 65c83d0..429e133 100644 --- a/database/migrations/2021_06_23_171701_create_shared_save_table.php +++ b/database/migrations/2021_06_23_171701_create_shared_save_table.php @@ -17,8 +17,11 @@ public function up() $table->id(); $table->foreignId("user_id")->constrained(); $table->foreignId("save_id")->constrained(); + $table->unique(["user_id","save_id"]); + $table->integer("permission"); $table->boolean("accepted")->default(false); + $table->boolean("declined")->default(false); $table->timestamps(); }); } From c836b175350fffd9b6a238dc453b63955975b97d Mon Sep 17 00:00:00 2001 From: Geist5000 Date: Wed, 21 Jul 2021 16:55:49 +0200 Subject: [PATCH 4/6] added user index and save index routes --- app/Http/Controllers/SharedSaveController.php | 12 ++++++++++++ app/Models/EmailVerification.php | 2 ++ app/Models/InvitationLink.php | 2 ++ app/Models/Save.php | 10 ++++++++-- app/Models/User.php | 6 ++++++ app/Policies/SharedSavePolicy.php | 19 +++++++++++++++++++ routes/api.php | 6 ++++-- 7 files changed, 53 insertions(+), 4 deletions(-) diff --git a/app/Http/Controllers/SharedSaveController.php b/app/Http/Controllers/SharedSaveController.php index 1414c8d..f766838 100644 --- a/app/Http/Controllers/SharedSaveController.php +++ b/app/Http/Controllers/SharedSaveController.php @@ -24,6 +24,18 @@ public function index() return SharedSaveResource::collection(SharedSave::simplePaginate()); } + + public function indexSave(Save $save){ + $this->authorize("viewOfSave", [SharedSave::class,$save]); + return SharedSaveResource::collection($save->sharedSaves()->simplePaginate()); + } + + + public function indexUser(User $user, User $model){ + $this->authorize("viewOfUser",[SharedSave::class,$model]); + return SharedSaveResource::collection($user->sharedSaves()->simplePaginate()); + } + /** * Store a newly created resource in storage. * diff --git a/app/Models/EmailVerification.php b/app/Models/EmailVerification.php index 2009765..8a5cf5c 100644 --- a/app/Models/EmailVerification.php +++ b/app/Models/EmailVerification.php @@ -23,6 +23,8 @@ * @method static \Illuminate\Database\Eloquent\Builder|EmailVerification whereUserId($value) * @mixin \Eloquent * @property-read \App\Models\User $user + * @property string $token + * @method static \Illuminate\Database\Eloquent\Builder|EmailVerification whereToken($value) */ class EmailVerification extends Model { diff --git a/app/Models/InvitationLink.php b/app/Models/InvitationLink.php index 85197e5..a6ce0a2 100644 --- a/app/Models/InvitationLink.php +++ b/app/Models/InvitationLink.php @@ -25,6 +25,8 @@ * @method static \Illuminate\Database\Eloquent\Builder|InvitationLink whereUpdatedAt($value) * @mixin \Eloquent * @property-read \App\Models\Save $safe + * @property string $token + * @method static \Illuminate\Database\Eloquent\Builder|InvitationLink whereToken($value) */ class InvitationLink extends Model { diff --git a/app/Models/Save.php b/app/Models/Save.php index 3eb857b..7bc7d58 100644 --- a/app/Models/Save.php +++ b/app/Models/Save.php @@ -5,6 +5,7 @@ use App\Helper\PermissionHelper; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Model; +use Illuminate\Database\Eloquent\Relations\HasMany; use Illuminate\Database\Eloquent\SoftDeletes; /** @@ -100,6 +101,11 @@ public function tool(): \Illuminate\Database\Eloquent\Relations\BelongsTo return $this->belongsTo(Tool::class); } + public function sharedSaves(): HasMany + { + return $this->hasMany(SharedSave::class); + } + public function invited(): \Illuminate\Database\Eloquent\Relations\BelongsToMany { return $this->belongsToMany(User::class, 'invite')->using(SharedSave::class)->as("invitation") @@ -108,7 +114,7 @@ public function invited(): \Illuminate\Database\Eloquent\Relations\BelongsToMany ->withTimestamps(); } - public function invitations(): \Illuminate\Database\Eloquent\Relations\HasMany + public function invitations(): HasMany { return $this->hasMany(SharedSave::class)->where("accepted", '=', false); } @@ -121,7 +127,7 @@ public function contributors(): \Illuminate\Database\Eloquent\Relations\BelongsT ->withTimestamps(); } - public function invitationLinks(): \Illuminate\Database\Eloquent\Relations\HasMany + public function invitationLinks(): HasMany { return $this->hasMany(InvitationLink::class); } diff --git a/app/Models/User.php b/app/Models/User.php index c895759..d21c2f7 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -57,6 +57,7 @@ * @property-read int|null $clients_count * @property-read \Illuminate\Database\Eloquent\Collection|\Laravel\Passport\Token[] $tokens * @property-read int|null $tokens_count + * @method static \Illuminate\Database\Eloquent\Builder|User whereLastActivity($value) */ class User extends Authenticatable { @@ -126,6 +127,11 @@ public function invitations(): HasMany return $this->hasMany(SharedSave::class)->where('accepted', '=', false); } + public function sharedSaves(): HasMany + { + return $this->hasMany(SharedSave::class); + } + public function accessibleShares(): BelongsToMany { return $this->belongsToMany(Save::class, 'shared_save')->using(SharedSave::class) diff --git a/app/Policies/SharedSavePolicy.php b/app/Policies/SharedSavePolicy.php index 266048a..9f52082 100644 --- a/app/Policies/SharedSavePolicy.php +++ b/app/Policies/SharedSavePolicy.php @@ -36,6 +36,25 @@ public function view(User $user, SharedSave $sharedSave) return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_READ); } + + /** + * Determine whether the user can view the model of the given save + * @param User $user + * @param Save $save + */ + public function viewOfSave(User $user, Save $save){ + return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_READ); + } + + /** + * Determine whether the user can view the model of the given user + * @param User $user + * @param Save $model + */ + public function viewOfUser(User $user, User $model){ + return $model->id === $user->id; + } + /** * Determine whether the user can create models. * diff --git a/routes/api.php b/routes/api.php index 76a0bfe..6874af8 100644 --- a/routes/api.php +++ b/routes/api.php @@ -30,8 +30,10 @@ Route::apiResource("contribution", SharedSaveController::class, [ "except" => ["store"] ])->parameter("contribution","sharedSave"); - Route::post("/saves/{save}/contributors/{user}", [SharedSaveController::class, "store"])->name("contribution.store"); - Route::post("/users/{user}/contributions/{save}", [SharedSaveController::class, "storeReverse"])->name("contribution.store"); + Route::get("/users/{user}/contributions", [SharedSaveController::class, "indexUser"])->name("contributions.index.user"); + Route::get("/saves/{save}/contributors", [SharedSaveController::class, "indexSave"])->name("contributions.index.save"); + Route::post("/saves/{save}/contributors/{user}", [SharedSaveController::class, "store"])->name("contribution.store.save"); + Route::post("/users/{user}/contributions/{save}", [SharedSaveController::class, "storeReverse"])->name("contribution.store.user"); // Users From 143f4965b236c99336d4457dfe754ce6463b9230 Mon Sep 17 00:00:00 2001 From: Geist5000 Date: Wed, 21 Jul 2021 18:13:24 +0200 Subject: [PATCH 5/6] finished all important routes --- app/Http/Controllers/SaveController.php | 2 +- app/Http/Controllers/SharedSaveController.php | 57 ++++++++++++++----- app/Http/Resources/SaveResource.php | 5 +- app/Http/Resources/SharedSaveResource.php | 3 + app/Models/Save.php | 13 +++-- app/Models/SharedSave.php | 5 +- app/Models/User.php | 8 ++- app/Policies/SharedSavePolicy.php | 47 ++++++++------- ..._06_23_171701_create_shared_save_table.php | 1 + routes/api.php | 3 + 10 files changed, 101 insertions(+), 43 deletions(-) diff --git a/app/Http/Controllers/SaveController.php b/app/Http/Controllers/SaveController.php index cb9f508..9c04e6a 100644 --- a/app/Http/Controllers/SaveController.php +++ b/app/Http/Controllers/SaveController.php @@ -22,7 +22,7 @@ public function index(): AnonymousResourceCollection { $this->authorize("viewAny", Save::class); - return SimpleSaveResource::collection(Save::with("contributorss")->simplePaginate()); + return SimpleSaveResource::collection(Save::with("contributors")->simplePaginate()); } /** diff --git a/app/Http/Controllers/SharedSaveController.php b/app/Http/Controllers/SharedSaveController.php index f766838..c717973 100644 --- a/app/Http/Controllers/SharedSaveController.php +++ b/app/Http/Controllers/SharedSaveController.php @@ -19,20 +19,22 @@ class SharedSaveController extends Controller */ public function index() { - $this->authorize("viewAny",SharedSave::class); + $this->authorize("viewAny", SharedSave::class); return SharedSaveResource::collection(SharedSave::simplePaginate()); } - public function indexSave(Save $save){ - $this->authorize("viewOfSave", [SharedSave::class,$save]); + public function indexSave(Save $save) + { + $this->authorize("viewOfSave", [SharedSave::class, $save]); return SharedSaveResource::collection($save->sharedSaves()->simplePaginate()); } - public function indexUser(User $user, User $model){ - $this->authorize("viewOfUser",[SharedSave::class,$model]); + public function indexUser(User $user, User $model) + { + $this->authorize("viewOfUser", [SharedSave::class, $model]); return SharedSaveResource::collection($user->sharedSaves()->simplePaginate()); } @@ -42,21 +44,22 @@ public function indexUser(User $user, User $model){ * @param Request $request * @return Response */ - public function store(Request $request,Save $save, User $user) + public function store(Request $request, Save $save, User $user) { $validated = $request->validate([ - "permission" => ["required","integer","min:0","max:2"] + "permission" => ["required", "integer", "min:0", "max:2"] ]); - $this->authorize("create",[SharedSave::class,$save]); + $this->authorize("create", [SharedSave::class, $save]); $shared_save = new SharedSave($validated); $shared_save->user_id = $user->id; $shared_save->accepted = false; $save->invitations()->save($shared_save); - return response()->created("contribution",$shared_save); + return response()->created("contribution", $shared_save); } - public function storeReverse(Request $request,User $user, Save $save){ - return $this->store($request,$save,$user); + public function storeReverse(Request $request, User $user, Save $save) + { + return $this->store($request, $save, $user); } /** @@ -67,7 +70,7 @@ public function storeReverse(Request $request,User $user, Save $save){ */ public function show(SharedSave $sharedSave) { - $this->authorize("view",$sharedSave); + $this->authorize("view", $sharedSave); return new SharedSaveResource($sharedSave); } @@ -81,15 +84,39 @@ public function show(SharedSave $sharedSave) */ public function update(Request $request, SharedSave $sharedSave) { - $this->authorize("update",$sharedSave); + $this->authorize("update", $sharedSave); $validated = $request->validate([ - "permission" => ["integer","min:0","min:2"] + "permission" => ["integer", "min:0", "min:2"], + "revoked" => ["boolean"], ]); $sharedSave->fill($validated); $sharedSave->save(); return \response()->noContent(Response::HTTP_OK); } + + public function accept(Request $request, SharedSave $sharedSave) + { + $this->authorize("acceptDecline", $sharedSave); + if (!$sharedSave->revoked) { + $sharedSave->declined = false; + $sharedSave->accepted = true; + $sharedSave->save(); + return \response()->noContent(Response::HTTP_OK); + } else { + return \response(null, Response::HTTP_CONFLICT); + } + } + + public function decline(Request $request, SharedSave $sharedSave) + { + $this->authorize("acceptDecline", $sharedSave); + $sharedSave->accepted = false; + $sharedSave->declined = true; + $sharedSave->save(); + return \response(null, Response::HTTP_OK); + } + /** * Remove the specified resource from storage. * @@ -98,7 +125,7 @@ public function update(Request $request, SharedSave $sharedSave) */ public function destroy(SharedSave $sharedSave) { - $this->authorize("delete",$sharedSave); + $this->authorize("delete", $sharedSave); $sharedSave->delete(); return \response()->noContent(Response::HTTP_OK); } diff --git a/app/Http/Resources/SaveResource.php b/app/Http/Resources/SaveResource.php index 5a8d8c2..72e0280 100644 --- a/app/Http/Resources/SaveResource.php +++ b/app/Http/Resources/SaveResource.php @@ -23,7 +23,10 @@ public function toArray($request) "tool_id"=>$this->tool_id, "contributors"=>$this->contributors->map(function($c){ return $c->id; - })->toArray() + })->toArray(), + "invited"=>$this->invited->map(function($c){ + return $c->id; + })->toArray(), ]; } } diff --git a/app/Http/Resources/SharedSaveResource.php b/app/Http/Resources/SharedSaveResource.php index 2f9510e..1cf0d36 100644 --- a/app/Http/Resources/SharedSaveResource.php +++ b/app/Http/Resources/SharedSaveResource.php @@ -15,10 +15,13 @@ class SharedSaveResource extends JsonResource public function toArray($request) { return [ + "id" => $this->id, "user"=>$this->user_id, "save"=>$this->save_id, "permission"=>$this->permission, "accepted" => $this->accepted, + "declined" => $this->declined, + "revoked" => $this->revoked ]; } } diff --git a/app/Models/Save.php b/app/Models/Save.php index 7bc7d58..28562bd 100644 --- a/app/Models/Save.php +++ b/app/Models/Save.php @@ -52,6 +52,8 @@ * @method static \Illuminate\Database\Query\Builder|Save withoutTrashed() * @method static \Database\Factories\SaveFactory factory(...$parameters) * @method static \Illuminate\Database\Eloquent\Builder|Save whereName($value) + * @property-read \Illuminate\Database\Eloquent\Collection|\App\Models\SharedSave[] $sharedSaves + * @property-read int|null $shared_saves_count */ class Save extends Model { @@ -108,22 +110,25 @@ public function sharedSaves(): HasMany public function invited(): \Illuminate\Database\Eloquent\Relations\BelongsToMany { - return $this->belongsToMany(User::class, 'invite')->using(SharedSave::class)->as("invitation") - ->withPivot(["permission", "accepted"]) + return $this->belongsToMany(User::class, 'shared_save')->using(SharedSave::class) + ->withPivot(["permission", "accepted", "declined", "revoked"]) ->withPivotValue("accepted", false) ->withTimestamps(); } public function invitations(): HasMany { - return $this->hasMany(SharedSave::class)->where("accepted", '=', false); + return $this->hasMany(SharedSave::class) + ->where("accepted", '=', false); } public function contributors(): \Illuminate\Database\Eloquent\Relations\BelongsToMany { return $this->belongsToMany(User::class, 'shared_save')->using(SharedSave::class) - ->withPivot(["permission", "accepted"]) + ->withPivot(["permission", "accepted", "declined", "revoked"]) ->withPivotValue("accepted", true) + ->withPivotValue("declined", false) + ->withPivotValue("revoked", false) ->withTimestamps(); } diff --git a/app/Models/SharedSave.php b/app/Models/SharedSave.php index 64d769d..5316242 100644 --- a/app/Models/SharedSave.php +++ b/app/Models/SharedSave.php @@ -27,6 +27,8 @@ * @method static \Illuminate\Database\Eloquent\Builder|SharedSave whereSaveId($value) * @method static \Illuminate\Database\Eloquent\Builder|SharedSave whereUpdatedAt($value) * @method static \Illuminate\Database\Eloquent\Builder|SharedSave whereUserId($value) + * @property int $declined + * @method static \Illuminate\Database\Eloquent\Builder|SharedSave whereDeclined($value) */ class SharedSave extends Pivot { @@ -40,6 +42,7 @@ class SharedSave extends Pivot */ protected $fillable = [ 'permission', + 'revoked' ]; /** @@ -69,7 +72,7 @@ public function user(): \Illuminate\Database\Eloquent\Relations\BelongsTo */ public function safe(): \Illuminate\Database\Eloquent\Relations\BelongsTo { - return $this->belongsTo(Save::class); + return $this->belongsTo(Save::class,"save_id"); } } diff --git a/app/Models/User.php b/app/Models/User.php index d21c2f7..37285d0 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -58,6 +58,8 @@ * @property-read \Illuminate\Database\Eloquent\Collection|\Laravel\Passport\Token[] $tokens * @property-read int|null $tokens_count * @method static \Illuminate\Database\Eloquent\Builder|User whereLastActivity($value) + * @property-read \Illuminate\Database\Eloquent\Collection|\App\Models\SharedSave[] $sharedSaves + * @property-read int|null $shared_saves_count */ class User extends Authenticatable { @@ -119,12 +121,15 @@ public function invitedSaves(): BelongsToMany return $this->belongsToMany(Save::class, 'shared_save')->using(SharedSave::class) ->withPivot(["permission"]) ->withPivotValue("accepted", false) + ->withPivotValue("declined", false) ->withTimestamps(); } public function invitations(): HasMany { - return $this->hasMany(SharedSave::class)->where('accepted', '=', false); + return $this->hasMany(SharedSave::class) + ->where('accepted', '=', false) + ->where('declined', '=', false); } public function sharedSaves(): HasMany @@ -137,6 +142,7 @@ public function accessibleShares(): BelongsToMany return $this->belongsToMany(Save::class, 'shared_save')->using(SharedSave::class) ->withPivot(["permission"]) ->withPivotValue("accepted", true) + ->withPivotValue("declined",false) ->withTimestamps(); } diff --git a/app/Policies/SharedSavePolicy.php b/app/Policies/SharedSavePolicy.php index 9f52082..0235622 100644 --- a/app/Policies/SharedSavePolicy.php +++ b/app/Policies/SharedSavePolicy.php @@ -15,7 +15,7 @@ class SharedSavePolicy /** * Determine whether the user can view any models. * - * @param \App\Models\User $user + * @param \App\Models\User $user * @return mixed */ public function viewAny(User $user) @@ -26,14 +26,13 @@ public function viewAny(User $user) /** * Determine whether the user can view the model. * - * @param \App\Models\User $user - * @param \App\Models\SharedSave $sharedSave + * @param \App\Models\User $user + * @param \App\Models\SharedSave $sharedSave * @return mixed */ public function view(User $user, SharedSave $sharedSave) { - $save = $sharedSave->safe; - return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_READ); + return $sharedSave->safe->hasAtLeasPermission($user, PermissionHelper::$PERMISSION_READ); } @@ -42,8 +41,9 @@ public function view(User $user, SharedSave $sharedSave) * @param User $user * @param Save $save */ - public function viewOfSave(User $user, Save $save){ - return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_READ); + public function viewOfSave(User $user, Save $save) + { + return $save->hasAtLeasPermission($user, PermissionHelper::$PERMISSION_READ); } /** @@ -51,50 +51,57 @@ public function viewOfSave(User $user, Save $save){ * @param User $user * @param Save $model */ - public function viewOfUser(User $user, User $model){ + public function viewOfUser(User $user, User $model) + { return $model->id === $user->id; } /** * Determine whether the user can create models. * - * @param \App\Models\User $user + * @param \App\Models\User $user * @return mixed */ public function create(User $user, Save $save) { - return $save->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_ADMIN); + return $save->hasAtLeasPermission($user, PermissionHelper::$PERMISSION_ADMIN); } /** * Determine whether the user can update the model. * - * @param \App\Models\User $user - * @param \App\Models\SharedSave $sharedSave + * @param \App\Models\User $user + * @param \App\Models\SharedSave $sharedSave * @return mixed */ public function update(User $user, SharedSave $sharedSave) { - return $sharedSave->safe->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_ADMIN); + return $sharedSave->safe->hasAtLeasPermission($user, PermissionHelper::$PERMISSION_ADMIN); + } + + + public function acceptDecline(User $user, SharedSave $sharedSave) + { + return $sharedSave->user_id === $user->id; } /** * Determine whether the user can delete the model. * - * @param \App\Models\User $user - * @param \App\Models\SharedSave $sharedSave + * @param \App\Models\User $user + * @param \App\Models\SharedSave $sharedSave * @return mixed */ public function delete(User $user, SharedSave $sharedSave) { - return $sharedSave->safe->hasAtLeasPermission($user,PermissionHelper::$PERMISSION_ADMIN); + return false; } /** * Determine whether the user can restore the model. * - * @param \App\Models\User $user - * @param \App\Models\SharedSave $sharedSave + * @param \App\Models\User $user + * @param \App\Models\SharedSave $sharedSave * @return mixed */ public function restore(User $user, SharedSave $sharedSave) @@ -105,8 +112,8 @@ public function restore(User $user, SharedSave $sharedSave) /** * Determine whether the user can permanently delete the model. * - * @param \App\Models\User $user - * @param \App\Models\SharedSave $sharedSave + * @param \App\Models\User $user + * @param \App\Models\SharedSave $sharedSave * @return mixed */ public function forceDelete(User $user, SharedSave $sharedSave) diff --git a/database/migrations/2021_06_23_171701_create_shared_save_table.php b/database/migrations/2021_06_23_171701_create_shared_save_table.php index 429e133..82ebf9c 100644 --- a/database/migrations/2021_06_23_171701_create_shared_save_table.php +++ b/database/migrations/2021_06_23_171701_create_shared_save_table.php @@ -22,6 +22,7 @@ public function up() $table->integer("permission"); $table->boolean("accepted")->default(false); $table->boolean("declined")->default(false); + $table->boolean("revoked")->default(false); $table->timestamps(); }); } diff --git a/routes/api.php b/routes/api.php index 6874af8..c3d39a0 100644 --- a/routes/api.php +++ b/routes/api.php @@ -30,6 +30,9 @@ Route::apiResource("contribution", SharedSaveController::class, [ "except" => ["store"] ])->parameter("contribution","sharedSave"); + Route::put("/contribution/{sharedSave}/accept", [SharedSaveController::class,"accept"]); + Route::put("/contribution/{sharedSave}/decline", [SharedSaveController::class, "decline"]); + Route::get("/users/{user}/contributions", [SharedSaveController::class, "indexUser"])->name("contributions.index.user"); Route::get("/saves/{save}/contributors", [SharedSaveController::class, "indexSave"])->name("contributions.index.save"); Route::post("/saves/{save}/contributors/{user}", [SharedSaveController::class, "store"])->name("contribution.store.save"); From 549540dffd3ceac24e7fd0a17bc96717b5471864 Mon Sep 17 00:00:00 2001 From: Geist5000 Date: Wed, 21 Jul 2021 19:31:54 +0200 Subject: [PATCH 6/6] changes --- app/Http/Controllers/SharedSaveController.php | 7 +------ routes/api.php | 1 - 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/app/Http/Controllers/SharedSaveController.php b/app/Http/Controllers/SharedSaveController.php index c717973..50bd993 100644 --- a/app/Http/Controllers/SharedSaveController.php +++ b/app/Http/Controllers/SharedSaveController.php @@ -57,11 +57,6 @@ public function store(Request $request, Save $save, User $user) return response()->created("contribution", $shared_save); } - public function storeReverse(Request $request, User $user, Save $save) - { - return $this->store($request, $save, $user); - } - /** * Display the specified resource. * @@ -127,6 +122,6 @@ public function destroy(SharedSave $sharedSave) { $this->authorize("delete", $sharedSave); $sharedSave->delete(); - return \response()->noContent(Response::HTTP_OK); + return \response(null, Response::HTTP_OK); } } diff --git a/routes/api.php b/routes/api.php index c3d39a0..63636d8 100644 --- a/routes/api.php +++ b/routes/api.php @@ -33,7 +33,6 @@ Route::put("/contribution/{sharedSave}/accept", [SharedSaveController::class,"accept"]); Route::put("/contribution/{sharedSave}/decline", [SharedSaveController::class, "decline"]); - Route::get("/users/{user}/contributions", [SharedSaveController::class, "indexUser"])->name("contributions.index.user"); Route::get("/saves/{save}/contributors", [SharedSaveController::class, "indexSave"])->name("contributions.index.save"); Route::post("/saves/{save}/contributors/{user}", [SharedSaveController::class, "store"])->name("contribution.store.save"); Route::post("/users/{user}/contributions/{save}", [SharedSaveController::class, "storeReverse"])->name("contribution.store.user");