diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 82a37e4..912aaec 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -2,11 +2,11 @@ namespace App\Exceptions; +use Illuminate\Database\Eloquent\ModelNotFoundException; use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; use Throwable; -class Handler extends ExceptionHandler -{ +class Handler extends ExceptionHandler { /** * A list of exception types with their corresponding custom log levels. * @@ -41,10 +41,19 @@ class Handler extends ExceptionHandler * * @return void */ - public function register() - { + public function register() { $this->reportable(function (Throwable $e) { // }); } + + public function render($request, Throwable $exception) { + if ($exception instanceof ModelNotFoundException) { + return response([ + 'error'=>1, + 'message'=>$exception->getMessage() + ],404); + } + return parent::render($request, $exception); + } } diff --git a/app/Http/Controllers/RoleController.php b/app/Http/Controllers/RoleController.php new file mode 100644 index 0000000..610b1a9 --- /dev/null +++ b/app/Http/Controllers/RoleController.php @@ -0,0 +1,114 @@ +validate([ + 'name' => 'required', + 'slug' => 'required' + ]); + + $existing = Role::where('slug', $data['slug'])->first(); + + if (!$existing) { + $role = Role::create([ + 'name' => $data['name'], + 'slug' => $data['slug'] + ]); + return $role; + } + + return response(['error' => 1, 'message' => 'role already exists'], 409); + } + + /** + * Display the specified resource. + * + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function show(Role $role) { + return $role; + } + + /** + * Show the form for editing the specified resource. + * + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function edit(Role $role) { + // + } + + /** + * Update the specified resource in storage. + * + * @param \Illuminate\Http\Request $request + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function update(Request $request, Role $role=null) { + $data = $request->validate([ + 'name' => 'required', + 'slug' => 'required' + ]); + + if(!$role){ + return response(['error' => 1, 'message' => 'role doesn\'t exist'], 404); + } + + $role->name = $data['name']; + if ($role->slug != 'admin' && $role->slug != 'super-admin') { + //don't allow changing the admin slug, because it will make the routes inaccessbile due to faile ability check + $role->slug = $data['slug']; + } + $role->update(); + + return $role; + } + + /** + * Remove the specified resource from storage. + * + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function destroy(Role $role) { + if ($role->slug != 'admin' && $role->slug != 'super-admin') { + //don't allow changing the admin slug, because it will make the routes inaccessbile due to faile ability check + $role->delete(); + return response(['error' => 0, 'message' => 'role has been deleted']); + } else { + return response(['error' => 1, 'message' => 'you cannot delete this role'], 422); + } + } +} diff --git a/routes/api.php b/routes/api.php index cf1fe2d..bb99908 100644 --- a/routes/api.php +++ b/routes/api.php @@ -1,5 +1,6 @@ get('/user', function (Request $request) { return $request->user(); }); -Route::apiResource('users',UserController::class)->except(['create','edit','show','update','destroy']); -Route::apiResource('users',UserController::class)->except(['store','index'])->middleware('auth:sanctum'); +Route::apiResource('users',UserController::class)->except(['edit','create'])->middleware(['auth:sanctum', 'abilities:admin,super-admin']); +Route::post('users',[UserController::class,'store']); Route::post('login',[UserController::class,'login']); + +Route::apiResource('roles',RoleController::class)->except(['create','edit'])->middleware(['auth:sanctum', 'abilities:admin,super-admin']);