adding routes to create new posts

app/Http/Controllers/PostController.php

@@ -17,4 +17,38 @@ public function index()
         //return blog.blade.php template from resources/views folder
         return view('blog.index', ['posts' => $posts, 'title' => 'Blog Posts']);
     }
+
+    public function create(Request $request)
+    {
+      if ($request->user()->canManagePosts()) {
+        return view('blog.posts.create');
+      } else {
+        return redirect('/')
+            ->withErrors('You do not have permission to create posts.');
+      }
+    }
+
+    public function save(Request $request)
+    {
+        $post = new Post();
+        $post->title = $request->get('title');
+        $post->metaTitle = $request->get('metaTitle');
+        $post->body = $request->get('body');
+        $post->metaDescription = $request->get('metaDescription');
+        $post->slug = $request->get('urlSlug') ?? Str::slug($post->title);
+        $post->user_id = $request->user()->id;
+
+        if ($request->has('draft')) {
+            $post->active = 0;
+            $message = 'Draft saved!';
+        } else {
+            $post->active = 1;
+            $message = 'Post published!';
+        }
+
+        $post->save();
+
+        return redirect('admin/blog/post/' . $post->slug)
+            ->withMessage($message);
+    }
 }

app/Models/User.php

@@ -51,4 +51,22 @@ public function comments()
         return $this->hasMany('App\Models\Comments', 'user_id');
     }
 
+    /**
+     * Check if a user can CRUD posts
+     */
+    public function canManagePosts(): bool
+    {
+        if ($this->role === 'author' || $this->isAdmin()) {
+            return true;
+        }
+        return false;      
+    }
+
+    /**
+     * Check if the user is an admin
+     */
+    public function isAdmin(): bool
+    {
+        return $this->role === 'admin';
+    }
 }

resources/views/blog/posts/create.blade.php

@@ -0,0 +1,36 @@
+@extends('layouts.app')
+
+@section('content')
+    @if (session('message'))
+        <div class="alert alert-success">
+            {{ session('message') }}
+        </div>
+    @endif
+
+    <form action="/admin/blog/post" method="post" class="container">
+        <input type="hidden" name="_token" value="{{ csrf_token() }}">
+        <div class="form-group">
+            <label for="title">Title</label>
+            <input type="text" name="title" class="form-control" />
+        </div>
+        <div class="form-group">
+            <label for="metaTitle">Meta Title</label>
+            <input type="text" name="metaTitle" class="form-control" />
+        </div>
+        <div class="form-group">
+            <label for="body">Body</label>
+            <textarea name="body" class="form-control"></textarea>
+        </div>
+        <div class="form-group">
+            <label for="metaDescription">Meta Description</label>
+            <textarea name="metaDescription" class="form-control"></textarea>
+        </div>
+        <div class="form-group">
+            <label for="urlSlug">URL Slug (optional)</label>
+            <small>If not specified one will be created from the title</small>
+            <input type="text" name="urlSlug" class="form-control" />
+        </div>
+        <input type="submit" name="publish" class="btn btn-success" value="Publish" />
+        <input type="submit" name="draft" class="btn btn-default" value="Save Draft" />
+    </form>
+@stop

routes/web.php

@@ -18,3 +18,10 @@
 Route::get('/blog', 'App\Http\Controllers\PostController@index');
 
 Auth::routes();
+
+Route::group(['prefix' => 'admin'], function () {
+    Route::group(['prefix' => 'blog'], function () {
+        Route::get('/post', 'App\Http\Controllers\PostController@create');
+        Route::post('/post', 'App\Http\Controllers\PostController@save');
+    });
+});