From 842eb060db7e4e48fd2616bc5e7066ead5586abd Mon Sep 17 00:00:00 2001 From: Zach Silveira Date: Sun, 5 Mar 2017 20:38:31 -0800 Subject: [PATCH] Add policy support --- .gitignore | 3 ++- README.md | 1 + src/Controller.php | 10 ++++++++++ src/{Transmitters => Traits}/Destroy.php | 8 +++++++- src/{Transmitters => Traits}/Index.php | 4 ++++ src/{Transmitters => Traits}/Show.php | 8 +++++++- src/{Transmitters => Traits}/Store.php | 4 ++++ src/{Transmitters => Traits}/Update.php | 5 +++++ 8 files changed, 40 insertions(+), 3 deletions(-) rename src/{Transmitters => Traits}/Destroy.php (66%) rename src/{Transmitters => Traits}/Index.php (74%) rename src/{Transmitters => Traits}/Show.php (66%) rename src/{Transmitters => Traits}/Store.php (78%) rename src/{Transmitters => Traits}/Update.php (85%) diff --git a/.gitignore b/.gitignore index ea4845b..99b489f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ composer.lock docs vendor -.idea \ No newline at end of file +.idea +.DS_Store diff --git a/README.md b/README.md index 3a7ed28..b21a6e5 100644 --- a/README.md +++ b/README.md @@ -59,6 +59,7 @@ class BookController extends Controller $this ->setTransformer($transformer) ->setModel($bookModel); + //optionally add `shouldAuthorize` to add authorize checks in built in traits } } ``` diff --git a/src/Controller.php b/src/Controller.php index 4b90016..e969109 100644 --- a/src/Controller.php +++ b/src/Controller.php @@ -46,6 +46,16 @@ public function setModel($model) { return $this; } + /** + * Calls authorization methods on the default traits + * + * @return mixed + */ + public function shouldAuthorize() { + $this->shouldAuthorize = true; + return $this; + } + /** * Sets resource key for fractal * diff --git a/src/Transmitters/Destroy.php b/src/Traits/Destroy.php similarity index 66% rename from src/Transmitters/Destroy.php rename to src/Traits/Destroy.php index e2ce3e1..bfd3fcc 100644 --- a/src/Transmitters/Destroy.php +++ b/src/Traits/Destroy.php @@ -14,7 +14,13 @@ trait Destroy */ public function destroy($id) { - $this->model->findOrFail($id)->delete(); + $item = $this->model->findOrFail($id); + + if ($this->shouldAuthorize) { + $this->authorize('delete', $item); + } + + $item->delete(); return $this->respondWithNoContent(); } } diff --git a/src/Transmitters/Index.php b/src/Traits/Index.php similarity index 74% rename from src/Transmitters/Index.php rename to src/Traits/Index.php index 0289e16..e8296db 100644 --- a/src/Transmitters/Index.php +++ b/src/Traits/Index.php @@ -14,6 +14,10 @@ trait Index */ public function index() { + if ($this->shouldAuthorize) { + $this->authorize('index', get_class($this->model)); + } + return $this->respondWithPaginatedCollection($this->model); } } diff --git a/src/Transmitters/Show.php b/src/Traits/Show.php similarity index 66% rename from src/Transmitters/Show.php rename to src/Traits/Show.php index d910056..1ceeef2 100644 --- a/src/Transmitters/Show.php +++ b/src/Traits/Show.php @@ -15,7 +15,13 @@ trait Show public function show($id) { return $this->respondWithItem($this->model, function ($model) use ($id) { - return $model->findOrFail($id); + $item = $model->findOrFail($id); + + if ($this->shouldAuthorize) { + $this->authorize('view', $item); + } + + return $item; }); } } diff --git a/src/Transmitters/Store.php b/src/Traits/Store.php similarity index 78% rename from src/Transmitters/Store.php rename to src/Traits/Store.php index 209c32c..3951625 100644 --- a/src/Transmitters/Store.php +++ b/src/Traits/Store.php @@ -14,6 +14,10 @@ trait Store */ public function store() { + if ($this->shouldAuthorize) { + $this->authorize('create', get_class($this->model)); + } + $item = $this->model->create(request()->all()); return $this->respondWithItem($item); } diff --git a/src/Transmitters/Update.php b/src/Traits/Update.php similarity index 85% rename from src/Transmitters/Update.php rename to src/Traits/Update.php index f23cef5..16ea966 100644 --- a/src/Transmitters/Update.php +++ b/src/Traits/Update.php @@ -18,6 +18,11 @@ public function update($id, Request $request) { return $this->respondWithItem($this->model, function ($model) use ($id, $request) { $item = $model->findOrFail($id); + + if ($this->shouldAuthorize) { + $this->authorize('update', $item); + } + $item->fill($request->all()); $item->save(); return $item;