pashaapsky · pashaapsky · Sep 10, 2020 · Sep 10, 2020
diff --git a/app/Http/Controllers/PostsController.php b/app/Http/Controllers/PostsController.php
@@ -9,15 +9,28 @@
 
 class PostsController extends Controller
 {
+    public function __construct()
+    {
+        $this->middleware('auth');
+        $this->middleware('can:update,post')->except(['index', 'userPosts', 'adminIndex', 'create']);
+    }
+
     public function index()
     {
         $posts = Post::with('tags')->latest()->get();
         return view('/index', compact('posts'));
     }
 
+    public function userPosts()
+    {
+//        $posts = Post::where('owner_id', auth()->id())->with('tags')->latest()->get();
+        $posts = Auth()->user()->posts()->with('tags')->latest()->get();
+        return view('/posts.index', compact('posts'));
+    }
+
     public function adminIndex() {
         $posts = Post::with('tags')->latest()->get();
-        return view('/posts.index', compact('posts'));
+        return view('/posts.admin-index', compact('posts'));
     }
 
     public function create()
@@ -27,7 +40,7 @@ public function create()
 
     public function store(Request $request)
     {
-        $request->validate([
+        $attr = $request->validate([
             'code' => 'required|unique:posts|regex:/[a-zA-Z0-9_-]+/',
             'name' => 'required|min:5|max:100',
             'description' => 'required|max:255',
@@ -36,9 +49,12 @@ public function store(Request $request)
 
         if ($request->all(['published'])) {
             $request->merge(['published' => 1]);
+            $attr['published'] = 1;
         }
 
-        Post::create($request->all());
+        $attr['owner_id'] = auth()->id();
+
+        Post::create($attr);
 
         return redirect('/');
     }

diff --git a/app/Policies/PostPolicy.php b/app/Policies/PostPolicy.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Policies;
+
+use App\Post;
+use App\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class PostPolicy
+{
+    use HandlesAuthorization;
+
+    public function update(User $user, Post $post)
+    {
+        return $post->owner_id == $user->id;
+    }
+}
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
@@ -14,17 +14,22 @@ class AuthServiceProvider extends ServiceProvider
      */
     protected $policies = [
         // 'App\Model' => 'App\Policies\ModelPolicy',
+         'App\Post' => 'App\Policies\PostPolicy',
     ];
 
     /**
      * Register any authentication / authorization services.
      *
      * @return void
      */
-    public function boot()
+    public function boot(\Illuminate\Contracts\Auth\Access\Gate $gate)
     {
         $this->registerPolicies();
 
-        //
+        $gate->before(function ($user) {
+            if ($user->id == 2) {
+                return true;
+            }
+        });
     }
 }
diff --git a/app/User.php b/app/User.php
@@ -36,4 +36,8 @@ class User extends Authenticatable
     protected $casts = [
         'email_verified_at' => 'datetime',
     ];
+
+    public function posts() {
+        return $this->hasMany(Post::class, 'owner_id');
+    }
 }
diff --git a/database/dumps/apsky-laravel.sql b/database/dumps/apsky-laravel.sql
@@ -198,7 +198,7 @@ CREATE TABLE `posts` (
 
 LOCK TABLES `posts` WRITE;
 /*!40000 ALTER TABLE `posts` DISABLE KEYS */;
-INSERT INTO `posts` VALUES (4,'4123','Post4','Post desc4','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',1,'2020-08-26 17:05:56','2020-09-07 14:10:35'),(5,'12313','qweqe','qweqe','qweqeq',0,'2020-08-28 05:05:04','2020-08-28 05:05:04'),(6,'qweqe','qweqe','qweqe','qweqweqe',0,'2020-08-28 06:58:18','2020-08-28 06:58:18'),(7,'qweq','qweqe','qweqe','qweqe',0,'2020-08-28 07:01:17','2020-08-28 07:01:17'),(8,'1231qweq','qweqe','qweqeq','qweqeqe',0,'2020-08-28 07:20:33','2020-08-28 07:20:33'),(9,'qweqeqeqweqw','eeqweqeqe','qweqe','11',0,'2020-08-28 07:28:29','2020-08-28 07:28:29');
+INSERT INTO `posts` VALUES (4,'4123','Post4','Post desc4','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',1,'2020-08-26 17:05:56','2020-09-07 14:10:35'),(5,'12313','qweqe','qweqe','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',0,'2020-08-28 05:05:04','2020-09-10 17:23:00'),(6,'qweqe','qweqe','qweqe','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',0,'2020-08-28 06:58:18','2020-09-10 17:23:00'),(7,'qweq','qweqe','qweqe','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',0,'2020-08-28 07:01:17','2020-09-10 17:23:00'),(8,'1231qweq','qweqe','qweqeq','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',0,'2020-08-28 07:20:33','2020-09-10 17:23:00'),(9,'qweqeqeqweqw','eeqweqeqe','qweqe','Lorem ipsum dolor sit amet, consectetur adipisicing elit. Alias beatae consequatur consequuntur, debitis dicta eos explicabo fugit labore molestiae, nam nemo odit placeat quae quisquam quos repellat repellendus tempore, voluptates?<script>hello</script>',0,'2020-08-28 07:28:29','2020-09-10 17:23:01');
 /*!40000 ALTER TABLE `posts` ENABLE KEYS */;
 UNLOCK TABLES;
 
@@ -247,7 +247,7 @@ CREATE TABLE `users` (
   `updated_at` timestamp NOT NULL,
   PRIMARY KEY (`id`),
   UNIQUE KEY `users_email_unique` (`email`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
+) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
 /*!40101 SET character_set_client = @saved_cs_client */;
 
 --
@@ -256,6 +256,7 @@ CREATE TABLE `users` (
 
 LOCK TABLES `users` WRITE;
 /*!40000 ALTER TABLE `users` DISABLE KEYS */;
+INSERT INTO `users` VALUES (2,'Павел','ap.sky@yandex.ru',NULL,'$2y$10$2yK9UmERiX.O4V7n7gdJiu/96XvQqbFHadj5ISipVZwLBYVOs6LMW',NULL,'2020-09-10 17:13:37','2020-09-10 17:13:37');
 /*!40000 ALTER TABLE `users` ENABLE KEYS */;
 UNLOCK TABLES;
 /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
@@ -268,4 +269,4 @@ UNLOCK TABLES;
 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
 /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
 
--- Dump completed on 2020-09-07 23:02:08
+-- Dump completed on 2020-09-10 21:13:40
diff --git a/database/migrations/2020_08_26_090725_create_posts_table.php b/database/migrations/2020_08_26_090725_create_posts_table.php
@@ -23,6 +23,8 @@ public function up()
             $table->boolean('published')->default(0);
             $table->timestamp('created_at')->default(DB::raw('CURRENT_TIMESTAMP'));
             $table->timestamp('updated_at')->default(DB::raw('CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP'));
+
+            $table->foreignId('owner_id')->constrained('users')->onDelete('cascade');
         });
     }
 

diff --git a/resources/views/layouts/aside-tags.blade.php b/resources/views/layouts/aside-tags.blade.php
@@ -1,5 +1,9 @@
 <div class="tags-cloud d-flex flex-column col-12 col-sm-4 col-lg-2 order-1">
-    <h3 class="tags-cloud__header text-center">Available Tags</h3>
+    @if($tagsCloud->isNotEmpty())
+        <h3 class="tags-cloud__header text-center">Available Tags</h3>
 
-    @include('layouts.posts.tags', ['tags' => $tagsCloud])
+        @include('layouts.posts.tags', ['tags' => $tagsCloud])
+    @else
+        <h3 class="tags-cloud__header text-center">Not available tags</h3>
+    @endif
 </div>
diff --git a/resources/views/layouts/base/header.blade.php b/resources/views/layouts/base/header.blade.php
@@ -1,6 +1,6 @@
 <nav class="navbar navbar-expand-md navbar-light bg-white shadow-sm">
     <div class="container">
-        <a class="navbar-brand" href="{{ url('/') }}">
+        <a class="navbar-brand" href="{{ route('home') }}">
             APSKY <span class="text-danger">LARAVEL</span>
         </a>
 
@@ -12,7 +12,7 @@
             <!-- Left Side Of Navbar -->
             <ul class="navbar-nav mr-auto">
                 <li class="nav-item">
-                    <a class="nav-link" href="{{ route('home') }}">{{ __('Home') }}</a>
+                    <a class="nav-link" href="{{ route('user-posts') }}">{{ __('My posts') }}</a>
                 </li>
 
                 <li class="nav-item">

diff --git a/resources/views/posts/admin-index.blade.php b/resources/views/posts/admin-index.blade.php
@@ -0,0 +1,61 @@
+@extends('layouts.app')
+
+@section('header')
+    @include('layouts.admin.admin-header')
+@endsection
+
+@section('content')
+<main class="py-4" style="min-height: 88vh">
+    <div class="container">
+        <section class="posts-section mb-2">
+            <h2 class="posts-section__header">Posts</h2>
+
+            @if ($posts->count())
+            <div class="posts-section__posts row post">
+                @foreach($posts as $post)
+                <div class="post__item col-md-6 ">
+                    <div class="post__intro text-break row py-2 no-gutters border rounded overflow-hidden flex-md-row mb-4 shadow-sm h-md-250 position-relative">
+                        <div class="post__heading col-6 p-4 d-flex flex-column position-static">
+                            <strong class="d-inline-block mb-2 text-primary">Post #{{ $post->id }}</strong>
+
+                            <h3 class="post__name mb-0">{{ $post->name }}</h3>
+
+                            <div class="post__created-at mb-1 text-muted">{{ $post->created_at->toFormattedDateString() }}</div>
+
+                            <p class="post__preview card-text mb-auto text-justify" style="height: 115px"> {{ str_limit($post->text, $limit = 100, $end = '...') }} </p>
+
+                            <a href="{{ route('post-show', $post->id) }}" class="post__view">Continue reading</a>
+                        </div>
+
+                        <div class="post__photo col-6 d-none d-lg-flex align-items-center p-2">
+                            <svg class="bd-placeholder-img" width="auto" height="250" xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid slice" focusable="false" role="img" aria-label="Placeholder: Thumbnail">
+                                <title>Placeholder</title>
+                                <rect width="100%" height="100%" fill="#55595c"></rect>
+                                <text x="35%" y="50%" fill="#eceeef" dy=".3em">Thumbnail</text>
+                            </svg>
+                        </div>
+
+                        <div class="d-flex col-12 justify-content-end pr-2">
+                            <a href="/posts/{{ $post->id }}/edit" class="btn btn-outline-secondary" style="width: 80px; font-size: 0.7rem">Edit</a>
+
+                            <form method="post" action="/posts/{{ $post->id }}">
+                                @csrf
+                                @method('DELETE')
+                                <button type="submit" class="btn btn-outline-secondary" style="width: 80px; font-size: 0.7rem">Delete</button>
+                            </form>
+                        </div>
+                    </div>
+                </div>
+                @endforeach
+            </div>
+            @else
+            <p class="no-posts">Not available posts yet</p>
+            @endif
+        </section>
+    </div>
+</main>
+@endsection
+
+@section('footer')
+@include('layouts.admin.admin-footer')
+@endsection
diff --git a/resources/views/posts/index.blade.php b/resources/views/posts/index.blade.php
@@ -1,7 +1,7 @@
 @extends('layouts.app')
 
 @section('header')
-    @include('layouts.admin.admin-header')
+    @include('layouts.base.header')
 @endsection
 
 @section('content')
@@ -57,5 +57,5 @@
 @endsection
 
 @section('footer')
-    @include('layouts.admin.admin-footer')
+    @include('layouts.base.footer')
 @endsection
diff --git a/routes/web.php b/routes/web.php
@@ -6,6 +6,7 @@
 Route::get('/tags/{tag}', 'TagsController@index');
 
 Route::get('/', 'PostsController@index')->name('home');
+Route::get('/posts', 'PostsController@userPosts')->name('user-posts');
 Route::get('/posts/create', 'PostsController@create')->name('post-create');
 Route::get('/posts/{post}', 'PostsController@show')->name('post-show');
 Route::get('/posts/{post}/edit', 'PostsController@edit');