From b8b145c96b1dcb97f141335308ef256af40697a0 Mon Sep 17 00:00:00 2001 From: Hasin Hayder Date: Thu, 19 May 2022 00:11:02 +0600 Subject: [PATCH] UserRole resourceful nested controller to create and manage user roles - only accessible by someone with admin role --- app/Http/Controllers/UserRoleController.php | 97 +++++++++++++++++++ ...2_05_17_181456_create_user_roles_table.php | 1 + routes/api.php | 2 + 3 files changed, 100 insertions(+) create mode 100644 app/Http/Controllers/UserRoleController.php diff --git a/app/Http/Controllers/UserRoleController.php b/app/Http/Controllers/UserRoleController.php new file mode 100644 index 0000000..c80de3a --- /dev/null +++ b/app/Http/Controllers/UserRoleController.php @@ -0,0 +1,97 @@ +load('roles'); + } + + /** + * Show the form for creating a new resource. + * + * @param \App\Models\User $user + * @return \Illuminate\Http\Response + */ + public function create(User $user) { + // + } + + /** + * Store a newly created resource in storage. + * + * @param \Illuminate\Http\Request $request + * @param \App\Models\User $user + * @return \Illuminate\Http\Response + */ + public function store(Request $request, User $user) { + $data = $request->validate([ + 'role_id' => 'required|integer' + ]); + $role = Role::find($data['role_id']); + if (!$user->roles()->find($data['role_id'])) { + $user->roles()->attach($role); + return $user->load('roles'); + } else { + return $user->load('roles'); + // return response(['error' => 1, 'message' => 'user already has this role'], 409); + } + } + + /** + * Display the specified resource. + * + * @param \App\Models\User $user + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function show(User $user, Role $role) { + } + + /** + * Show the form for editing the specified resource. + * + * @param \App\Models\User $user + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function edit(User $user, Role $role) { + // + } + + /** + * Update the specified resource in storage. + * + * @param \Illuminate\Http\Request $request + * @param \App\Models\User $user + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function update(Request $request, User $user, Role $role) { + // + } + + /** + * Remove the specified resource from storage. + * + * @param \App\Models\User $user + * @param \App\Models\Role $role + * @return \Illuminate\Http\Response + */ + public function destroy(User $user, Role $role) { + //this relationship exists + $user->roles()->detach($role); + return $user->load('roles'); + // return response(['error' => 0, 'message' => 'role has been removed from this user'], 409); + } +} diff --git a/database/migrations/2022_05_17_181456_create_user_roles_table.php b/database/migrations/2022_05_17_181456_create_user_roles_table.php index 1744a86..03bf56d 100644 --- a/database/migrations/2022_05_17_181456_create_user_roles_table.php +++ b/database/migrations/2022_05_17_181456_create_user_roles_table.php @@ -17,6 +17,7 @@ return new class extends Migration $table->id(); $table->foreignId('user_id')->constrained()->cascadeOnDelete(); $table->foreignId('role_id')->constrained()->cascadeOnDelete(); + $table->unique(['user_id','role_id']); $table->timestamps(); }); } diff --git a/routes/api.php b/routes/api.php index bb99908..9298617 100644 --- a/routes/api.php +++ b/routes/api.php @@ -2,6 +2,7 @@ use App\Http\Controllers\RoleController; use App\Http\Controllers\UserController; +use App\Http\Controllers\UserRoleController; use Illuminate\Http\Request; use Illuminate\Support\Facades\Route; @@ -25,3 +26,4 @@ Route::post('users',[UserController::class,'store']); Route::post('login',[UserController::class,'login']); Route::apiResource('roles',RoleController::class)->except(['create','edit'])->middleware(['auth:sanctum', 'abilities:admin,super-admin']); +Route::apiResource('users.roles',UserRoleController::class)->except(['create','edit','show','update'])->middleware(['auth:sanctum', 'abilities:admin,super-admin']);