kimchanhyung98 · kimchanhyung98 · Mar 31, 2024 · Mar 25, 2024 · Mar 25, 2024 · Mar 26, 2024
diff --git a/app/Http/Controllers/ErrorController.php b/app/Http/Controllers/ErrorController.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+
+class ErrorController extends Controller
+{
+    public function __invoke(Request $request)
+    {
+        abort($request->code ?? 500, $request->message ?? null);
+    }
+}
diff --git a/app/Http/Controllers/PostController.php b/app/Http/Controllers/PostController.php
@@ -2,13 +2,15 @@
 
 namespace App\Http\Controllers;
 
+use App\Http\Resources\Post\EditResource;
 use App\Http\Resources\Post\IndexResource;
 use App\Http\Resources\Post\MessageResource;
 use App\Http\Resources\Post\ShowResource;
 use App\Models\Post;
 use Illuminate\Http\Request;
 use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Gate;
 
 class PostController extends Controller
 {
@@ -31,7 +33,7 @@ public function store(Request $request): MessageResource
 
         return new MessageResource([
             'id' => $post->id,
-            'message' => '게시글이 등록되었습니다.',
+            'message' => __('post.store'),
         ]);
     }
 
@@ -42,11 +44,16 @@ public function show(Post $post): ShowResource
         return new ShowResource($post);
     }
 
+    public function edit(Post $post): EditResource
+    {
+        Gate::authorize('update', $post);
+
+        return new EditResource($post);
+    }
+
     public function update(Request $request, Post $post): MessageResource
     {
-        if ($post->user_id !== Auth::id()) {
-            abort(403, '게시글 작성자만 수정할 수 있습니다.');
-        }
+        Gate::authorize('update', $post);
 
         $post->update([
             'type' => $request->type ?? null,
@@ -57,21 +64,18 @@ public function update(Request $request, Post $post): MessageResource
 
         return new MessageResource([
             'id' => $post->id,
-            'message' => '게시글이 수정되었습니다.',
+            'message' => __('post.update'),
         ]);
     }
 
     public function destroy(Post $post): MessageResource
     {
-        if ($post->user_id !== Auth::id()) {
-            abort(403, '게시글 작성자만 삭제할 수 있습니다.');
-        }
-
+        Gate::authorize('delete', $post);
         $post->delete();
 
         return new MessageResource([
             'id' => 0,
-            'message' => '게시글이 삭제되었습니다.',
+            'message' => __('post.destroy'),
         ]);
     }
 }
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
@@ -12,6 +12,6 @@ class Authenticate extends Middleware
      */
     protected function redirectTo(Request $request): ?string
     {
-        return $request->expectsJson() ? null : route('login');
+        return $request->expectsJson() ? null : 'errors/401';
     }
 }
diff --git a/app/Http/Resources/Account/UserResource.php b/app/Http/Resources/Account/UserResource.php
@@ -16,6 +16,7 @@ public function toArray(Request $request): array
             'email' => $this->email,
             'phone' => $this->phone,
             'provider' => $this->provider,
+            'created_at' => $this->created_at,
         ];
     }
 }
diff --git a/app/Http/Resources/Post/EditResource.php b/app/Http/Resources/Post/EditResource.php
@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Resources\Post;
+
+use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+class EditResource extends JsonResource
+{
+    public function toArray(Request $request): array
+    {
+        return [
+            'id' => $this->id,
+            'type' => $this->type,
+            'title' => $this->title,
+            'contents' => $this->contents,
+            'is_open' => $this->is_open,
+        ];
+    }
+}
diff --git a/app/Http/Resources/Post/IndexResource.php b/app/Http/Resources/Post/IndexResource.php
@@ -18,6 +18,7 @@ public function toArray(Request $request): array
             'type' => $this->type,
             'title' => $this->title,
             'hit' => $this->hit,
+            'created_at' => $this->created_at,
         ];
     }
 }
diff --git a/app/Http/Resources/Post/ShowResource.php b/app/Http/Resources/Post/ShowResource.php
@@ -20,6 +20,7 @@ public function toArray(Request $request): array
             'title' => $this->title,
             'contents' => $this->contents,
             'hit' => $this->hit,
+            'created_at' => $this->created_at,
         ];
     }
 }
diff --git a/app/Models/Post.php b/app/Models/Post.php
@@ -14,6 +14,7 @@ class Post extends Model
 
     protected $fillable = [
         'user_id',
+        'type',
         'title',
         'contents',
         'is_open',

diff --git a/app/Policies/PostPolicy.php b/app/Policies/PostPolicy.php
@@ -0,0 +1,54 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\Post;
+use App\Models\User;
+use Illuminate\Auth\Access\Response;
+
+class PostPolicy
+{
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(User $user): bool
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(User $user, Post $post): bool
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(User $user): bool
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(User $user, Post $post): Response
+    {
+        return $user->id === $post->user_id
+            ? Response::allow()
+            : Response::deny(__('post.update_denied'));
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(User $user, Post $post): Response
+    {
+        return $user->id === $post->user_id
+            ? Response::allow()
+            : Response::deny(__('post.destroy_denied'));
+    }
+}
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
@@ -3,6 +3,8 @@
 namespace App\Providers;
 
 // use Illuminate\Support\Facades\Gate;
+use App\Models\Post;
+use App\Policies\PostPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 
 class AuthServiceProvider extends ServiceProvider
@@ -13,14 +15,14 @@ class AuthServiceProvider extends ServiceProvider
      * @var array<class-string, class-string>
      */
     protected $policies = [
-        //
+        Post::class => PostPolicy::class,
     ];
 
     /**
      * Register any authentication / authorization services.
      */
     public function boot(): void
     {
-        //
+        // $this->registerPolicies();
     }
 }
diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php
@@ -17,7 +17,7 @@ class RouteServiceProvider extends ServiceProvider
      *
      * @var string
      */
-    public const HOME = '/home';
+    public const HOME = '/';
 
     /**
      * Define your route model bindings, pattern filters, and other route configuration.

diff --git a/database/factories/PostFactory.php b/database/factories/PostFactory.php
@@ -13,8 +13,8 @@ class PostFactory extends Factory
     public function definition(): array
     {
         return [
-            'user_id' => User::factory(),
-            'type' => fake()->randomElement(['notice', 'faq']),
+            'user_id' => User::inRandomOrder()->first()->id,
+            'type' => fake()->randomElement([null, 'notice', 'faq']),
             'title' => fake()->sentence,
             'contents' => fake()->paragraph,
             'hit' => fake()->numberBetween(0, 1000),

diff --git a/lang/en/auth.php b/lang/en/auth.php
@@ -0,0 +1,20 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Authentication Language Lines
+    |--------------------------------------------------------------------------
+    |
+    | The following language lines are used during authentication for various
+    | messages that we need to display to the user. You are free to modify
+    | these language lines according to your application's requirements.
+    |
+    */
+
+    'failed' => 'These credentials do not match our records.',
+    'password' => 'The provided password is incorrect.',
+    'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
+
+];
diff --git a/lang/en/pagination.php b/lang/en/pagination.php
@@ -0,0 +1,19 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Pagination Language Lines
+    |--------------------------------------------------------------------------
+    |
+    | The following language lines are used by the paginator library to build
+    | the simple pagination links. You are free to change them to anything
+    | you want to customize your views to better match your application.
+    |
+    */
+
+    'previous' => '&laquo; Previous',
+    'next' => 'Next &raquo;',
+
+];
diff --git a/lang/en/passwords.php b/lang/en/passwords.php
@@ -0,0 +1,22 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Password Reset Language Lines
+    |--------------------------------------------------------------------------
+    |
+    | The following language lines are the default lines which match reasons
+    | that are given by the password broker for a password update attempt
+    | has failed, such as for an invalid token or invalid new password.
+    |
+    */
+
+    'reset' => 'Your password has been reset.',
+    'sent' => 'We have emailed your password reset link.',
+    'throttled' => 'Please wait before retrying.',
+    'token' => 'This password reset token is invalid.',
+    'user' => "We can't find a user with that email address.",
+
+];