Exam upload and handling

.env.example

@@ -44,3 +44,5 @@ PUSHER_APP_CLUSTER=mt1
 
 MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
 MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
+
+FILESYSTEM_DRIVER=local

app/Exam.php

@@ -8,6 +8,15 @@ class Exam extends Model
 {
     protected $table = 'exams';
 
+    protected $fillable = [
+        'course_id',
+        'file_name',
+        'name',
+        'grade',
+        'points',
+        'path'
+    ];
+
     public function course(){
         return $this->belongsTo('App\Course');
     }

app/Http/Controllers/ExamController.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Course;
+use App\Exam;
+use App\University;
+use Illuminate\Http\File;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Storage;
+
+class ExamController extends Controller
+{
+    public function __construct()
+    {
+        $this->middleware( 'verified' )->except( 'index', 'show', 'create', 'store' );
+        $this->middleware( 'valid_user' )->except( 'index', 'show', 'create', 'store'  );
+        $this->middleware( 'moderator' )->except( 'index', 'show', 'create', 'store'  );
+    }
+
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index()
+    {
+        $exams = Exam::all();
+
+        return view( 'exams.index' )->with( 'exams', $exams );
+    }
+
+    /**
+     * Show the form for creating a new resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function create()
+    {
+        $universities = University::all();
+
+        return view( 'exams.create' )->with( 'universities', $universities );
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $request->validate( [
+            'name' => 'required|string',
+            'grade' => 'required|string',
+            'points' => 'required|integer',
+            'exam' => 'required|mimetypes:application/pdf',
+            'recaptcha' => 'required'
+        ] );
+
+        $url = 'https://www.google.com/recaptcha/api/siteverify';
+        $data = [
+            'secret'   => env( 'GOOGLE_RECAPTCHA_SECRET' ),
+            'response' => $request->recaptcha
+        ];
+
+        $options = [
+            'http' => [
+                'header'  => 'Content-type: application/x-www-form-urlencoded',
+                'method'  => 'POST',
+                'content' => http_build_query( $data )
+            ]
+        ];
+
+        $context = stream_context_create( $options );
+        $result = file_get_contents( $url, false, $context );
+        $json = json_decode( $result );
+
+        if( $json->success != true )
+        {
+            return back()->with( 'error', 'Capatcha fel!' );
+        }
+
+        $course = Course::findOrFail( $request->course_id );
+
+        $path = Storage::putFile(
+            'exams/' . str_replace( ' ', '-', $course->code ), new File($request->exam)
+        );
+
+        Exam::create( [
+            'name' => $request->name,
+            'grade' => $request->grade,
+            'points' => $request->points,
+            'file_name' => $request->exam->getClientOriginalName(),
+            'course_id' => $request->course_id,
+            'path' => $path
+        ] );
+
+        return redirect()->route( 'exams.index' )->with( 'success', 'Ny tenta uppladdad! Yay.' );
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $exam = Exam::findOrFail( $id );
+
+        $exam->views += 1;
+        $exam->save();
+
+        return redirect( Storage::url( $exam->path ) );
+    }
+
+    public function download( $id )
+    {
+        $exam = Exam::findOrFail( $id );
+        $exam->downloads += 1;
+        $exam->save();
+
+        return Storage::download( $exam->path );
+    }
+
+    /**
+     * Show the form for editing the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function edit($id)
+    {
+        abort( 404 );
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        abort( 403 );
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $exam = Exam::findOrFail( $id );
+        $this->authorize( 'delete', Auth::user(), $exam );
+
+        $exam->delete();
+        return redirect()->back()->with( 'success', 'Tenta borttagen, waow...' );
+    }
+}

app/Policies/ExamPolicy.php

@@ -65,7 +65,11 @@ public function update(User $user, Exam $exam)
      */
     public function delete(User $user, Exam $exam)
     {
-        //
+        if( $user->role === 'super' || $user->role >= 'moderator' && $user->association->course->id === $exam->course->id )
+        {
+            return true;
+        }
+        return false;
     }
 
     /**

composer.json

@@ -10,6 +10,7 @@
     "require": {
         "php": "^7.1.3",
         "fideloper/proxy": "^4.0",
+        "google/recaptcha": "^1.2",
         "laravel/framework": "6.0.*",
         "laravel/tinker": "^1.0"
     },