Skip to content
Permalink
Browse files

Episode 16 Complete

  • Loading branch information...
JeffreyWay committed Jan 18, 2019
1 parent 2192501 commit 40afb9c6138578ee22623d3806d398d84fcf1a1b
@@ -12,12 +12,11 @@ class ProjectTasksController extends Controller
*
* @param Project $project
* @return \Illuminate\Http\RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function store(Project $project)
{
if (auth()->user()->isNot($project->owner)) {
abort(403);
}
$this->authorize('update', $project);
request()->validate(['body' => 'required']);
@@ -32,12 +31,11 @@ public function store(Project $project)
* @param Project $project
* @param Task $task
* @return \Illuminate\Http\RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function update(Project $project, Task $task)
{
if (auth()->user()->isNot($project->owner)) {
abort(403);
}
$this->authorize('update', $task->project);
request()->validate(['body' => 'required']);
@@ -21,15 +21,14 @@ public function index()
/**
* Show a single project.
*
* @param \App\Project $project
* @param Project $project
*
* @return \Illuminate\Http\Response
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function show(Project $project)
{
if (auth()->user()->isNot($project->owner)) {
abort(403);
}
$this->authorize('update', $project);
return view('projects.show', compact('project'));
}
@@ -53,11 +52,28 @@ public function store()
{
$attributes = request()->validate([
'title' => 'required',
'description' => 'required'
'description' => 'required',
'notes' => 'min:3'
]);
$project = auth()->user()->projects()->create($attributes);
return redirect($project->path());
}
/**
* Update the project.
*
* @param Project $project
* @return \Illuminate\Http\RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function update(Project $project)
{
$this->authorize('update', $project);
$project->update(request(['notes']));
return redirect($project->path());
}
}
@@ -0,0 +1,24 @@
<?php
namespace App\Policies;
use App\Project;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class ProjectPolicy
{
use HandlesAuthorization;
/**
* Determine if the user may update the project.
*
* @param User $user
* @param Project $project
* @return bool
*/
public function update(User $user, Project $project)
{
return $user->is($project->owner);
}
}
@@ -13,7 +13,7 @@ class AuthServiceProvider extends ServiceProvider
* @var array
*/
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
'App\Project' => 'App\Policies\ProjectPolicy',
];
/**
@@ -18,6 +18,7 @@ public function up()
$table->unsignedInteger('owner_id');
$table->string('title');
$table->text('description');
$table->text('notes')->nullable();
$table->timestamps();
$table->foreign('owner_id')->references('id')->on('users')->onDelete('cascade');
@@ -46,7 +46,19 @@
<h2 class="text-lg text-grey font-normal mb-3">General Notes</h2>

{{-- general notes --}}
<textarea class="card w-full" style="min-height: 200px">Lorem ipsum.</textarea>
<form method="POST" action="{{ $project->path() }}">
@csrf
@method('PATCH')

<textarea
name="notes"
class="card w-full mb-4"
style="min-height: 200px"
placeholder="Anything special that you want to make a note of?"
>{{ $project->notes }}</textarea>

<button type="submit" class="button">Save</button>
</form>
</div>
</div>

@@ -19,6 +19,7 @@
Route::get('/projects', 'ProjectsController@index');
Route::get('/projects/create', 'ProjectsController@create');
Route::get('/projects/{project}', 'ProjectsController@show');
Route::patch('/projects/{project}', 'ProjectsController@update');
Route::post('/projects', 'ProjectsController@store');
Route::post('/projects/{project}/tasks', 'ProjectTasksController@store');
@@ -33,16 +33,38 @@ public function a_user_can_create_a_project()
$attributes = [
'title' => $this->faker->sentence,
'description' => $this->faker->paragraph
'description' => $this->faker->sentence,
'notes' => 'General notes here.'
];
$response = $this->post('/projects', $attributes);
$response->assertRedirect(Project::where($attributes)->first()->path());
$project = Project::where($attributes)->first();
$response->assertRedirect($project->path());
$this->assertDatabaseHas('projects', $attributes);
$this->get('/projects')->assertSee($attributes['title']);
$this->get($project->path())
->assertSee($attributes['title'])
->assertSee($attributes['description'])
->assertSee($attributes['notes']);
}
/** @test */
function a_user_can_update_a_project()
{
$this->signIn();
$this->withoutExceptionHandling();
$project = factory('App\Project')->create(['owner_id' => auth()->id()]);
$this->patch($project->path(), [
'notes' => 'Changed'
])->assertRedirect($project->path());
$this->assertDatabaseHas('projects', ['notes' => 'Changed']);
}
/** @test */
@@ -69,6 +91,16 @@ public function an_authenticated_user_cannot_view_the_projects_of_others()
$this->get($project->path())->assertStatus(403);
}
/** @test */
public function an_authenticated_user_cannot_update_the_projects_of_others()
{
$this->signIn();
$project = factory('App\Project')->create();
$this->patch($project->path(), [])->assertStatus(403);
}
/** @test */
public function a_project_requires_a_title()
{

0 comments on commit 40afb9c

Please sign in to comment.
You can’t perform that action at this time.