Add policy support

kimmelsg · Mar 6, 2017 · 842eb06 · 842eb06
1 parent 3b851f1
commit 842eb06
Show file tree

Hide file tree

Showing 8 changed files with 40 additions and 3 deletions.
diff --git a/.gitignore b/.gitignore
@@ -3,4 +3,5 @@ composer.lock
 docs
 vendor
 
-.idea
+.idea
+.DS_Store
diff --git a/README.md b/README.md
@@ -59,6 +59,7 @@ class BookController extends Controller
         $this
           ->setTransformer($transformer)
           ->setModel($bookModel);
+        //optionally add `shouldAuthorize` to add authorize checks in built in traits
     }
 }
 ```

diff --git a/src/Controller.php b/src/Controller.php
@@ -46,6 +46,16 @@ public function setModel($model) {
         return $this;
     }
 
+    /**
+     * Calls authorization methods on the default traits
+     *
+     * @return mixed
+     */
+    public function shouldAuthorize() {
+        $this->shouldAuthorize = true;
+        return $this;
+    }
+
     /**
      * Sets resource key for fractal
      *

diff --git a/src/Transmitters/Destroy.php → src/Traits/Destroy.php b/src/Transmitters/Destroy.php → src/Traits/Destroy.php
@@ -14,7 +14,13 @@ trait Destroy
      */
     public function destroy($id)
     {
-        $this->model->findOrFail($id)->delete();
+        $item = $this->model->findOrFail($id);
+
+        if ($this->shouldAuthorize) {
+            $this->authorize('delete', $item);
+        }
+
+        $item->delete();
         return $this->respondWithNoContent();
     }
 }
diff --git a/src/Transmitters/Index.php → src/Traits/Index.php b/src/Transmitters/Index.php → src/Traits/Index.php
@@ -14,6 +14,10 @@ trait Index
      */
      public function index()
      {
+         if ($this->shouldAuthorize) {
+             $this->authorize('index', get_class($this->model));
+         }
+
          return $this->respondWithPaginatedCollection($this->model);
      }
 }
diff --git a/src/Transmitters/Show.php → src/Traits/Show.php b/src/Transmitters/Show.php → src/Traits/Show.php
@@ -15,7 +15,13 @@ trait Show
     public function show($id)
     {
         return $this->respondWithItem($this->model, function ($model) use ($id) {
-            return $model->findOrFail($id);
+            $item = $model->findOrFail($id);
+
+            if ($this->shouldAuthorize) {
+                $this->authorize('view', $item);
+            }
+
+            return $item;
         });
     }
 }
diff --git a/src/Transmitters/Store.php → src/Traits/Store.php b/src/Transmitters/Store.php → src/Traits/Store.php
@@ -14,6 +14,10 @@ trait Store
      */
     public function store()
     {
+        if ($this->shouldAuthorize) {
+            $this->authorize('create', get_class($this->model));
+        }
+
         $item = $this->model->create(request()->all());
         return $this->respondWithItem($item);
     }

diff --git a/src/Transmitters/Update.php → src/Traits/Update.php b/src/Transmitters/Update.php → src/Traits/Update.php
@@ -18,6 +18,11 @@ public function update($id, Request $request)
     {
         return $this->respondWithItem($this->model, function ($model) use ($id, $request) {
             $item = $model->findOrFail($id);
+
+            if ($this->shouldAuthorize) {
+                $this->authorize('update', $item);
+            }
+
             $item->fill($request->all());
             $item->save();
             return $item;