Manage User Roles with API

app/Exceptions/Handler.php

@@ -2,11 +2,11 @@
 
 namespace App\Exceptions;
 
+use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use Throwable;
 
-class Handler extends ExceptionHandler
+class Handler extends ExceptionHandler {
-{
     /**
      * A list of exception types with their corresponding custom log levels.
      *
@@ -41,10 +41,19 @@ class Handler extends ExceptionHandler
      *
      * @return void
      */
-    public function register()
+    public function register() {
-    {
         $this->reportable(function (Throwable $e) {
             //
         });
     }
+
+    public function render($request, Throwable $exception) {
+        if ($exception instanceof ModelNotFoundException) {
+            return response([
+                'error'=>1,
+                'message'=>$exception->getMessage()
+            ],404);
+        }
+        return parent::render($request, $exception);
+    }
 }

app/Http/Controllers/RoleController.php

@@ -0,0 +1,114 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Role;
+use Illuminate\Http\Request;
+
+class RoleController extends Controller {
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index() {
+        return Role::all();
+    }
+
+    /**
+     * Show the form for creating a new resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function create() {
+        //
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request) {
+        $data = $request->validate([
+            'name' => 'required',
+            'slug' => 'required'
+        ]);
+
+        $existing = Role::where('slug', $data['slug'])->first();
+
+        if (!$existing) {
+            $role = Role::create([
+                'name' => $data['name'],
+                'slug' => $data['slug']
+            ]);
+            return $role;
+        }
+
+        return response(['error' => 1, 'message' => 'role already exists'], 409);
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  \App\Models\Role  $role
+     * @return \Illuminate\Http\Response
+     */
+    public function show(Role $role) {
+        return $role;
+    }
+
+    /**
+     * Show the form for editing the specified resource.
+     *
+     * @param  \App\Models\Role  $role
+     * @return \Illuminate\Http\Response
+     */
+    public function edit(Role $role) {
+        //
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Models\Role  $role
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, Role $role=null) {
+        $data = $request->validate([
+            'name' => 'required',
+            'slug' => 'required'
+        ]);
+
+        if(!$role){
+            return response(['error' => 1, 'message' => 'role doesn\'t exist'], 404);
+        }
+
+        $role->name = $data['name'];
+        if ($role->slug != 'admin' && $role->slug != 'super-admin') {
+            //don't allow changing the admin slug, because it will make the routes inaccessbile due to faile ability check
+            $role->slug = $data['slug'];
+        }
+        $role->update();
+
+        return $role;
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  \App\Models\Role  $role
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy(Role $role) {
+        if ($role->slug != 'admin' && $role->slug != 'super-admin') {
+            //don't allow changing the admin slug, because it will make the routes inaccessbile due to faile ability check
+            $role->delete();
+            return response(['error' => 0, 'message' => 'role has been deleted']);
+        } else {
+            return response(['error' => 1, 'message' => 'you cannot delete this role'], 422);
+        }
+    }
+}

routes/api.php

@@ -1,5 +1,6 @@
 <?php
 
+use App\Http\Controllers\RoleController;
 use App\Http\Controllers\UserController;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Route;
@@ -19,6 +20,8 @@ Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
     return $request->user();
 });
 
-Route::apiResource('users',UserController::class)->except(['create','edit','show','update','destroy']);
+Route::apiResource('users',UserController::class)->except(['edit','create'])->middleware(['auth:sanctum', 'abilities:admin,super-admin']);
-Route::apiResource('users',UserController::class)->except(['store','index'])->middleware('auth:sanctum');
+Route::post('users',[UserController::class,'store']);
 Route::post('login',[UserController::class,'login']);
+
+Route::apiResource('roles',RoleController::class)->except(['create','edit'])->middleware(['auth:sanctum', 'abilities:admin,super-admin']);