API module returns only status and message on post create or update instead of the full object

src/Module/Templates/DemoApi/src/Controllers/PostManagementController.php.tpl

@@ -79,11 +79,12 @@ class PostManagementController extends BaseController
             $postData['image'] = $imageName;
         }
 
-        $this->postService->addPost($postData);
+        $post = $this->postService->addPost($postData);
 
         $response->json([
             'status' => 'success',
-            'message' => t('common.created_successfully')
+            'message' => t('common.created_successfully'),
+            'data' => current($this->postService->transformData([$post]))
         ]);
     }
 
@@ -118,11 +119,12 @@ class PostManagementController extends BaseController
             $postData['image'] = $imageName;
         }
 
-        $this->postService->updatePost($postUuid, $postData);
+        $post = $this->postService->updatePost($postUuid, $postData);
 
         $response->json([
             'status' => 'success',
-            'message' => t('common.updated_successfully')
+            'message' => t('common.updated_successfully'),
+            'data' => current($this->postService->transformData([$post]))
         ]);
     }
 

src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php.tpl

@@ -0,0 +1,73 @@
+<?php
+
+/**
+ * Quantum PHP Framework
+ *
+ * An open source software development framework for PHP
+ *
+ * @package Quantum
+ * @author Arman Ag. <arman.ag@softberg.org>
+ * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org)
+ * @link http://quantum.softberg.org/
+ * @since 2.9.9
+ */
+
+namespace {{MODULE_NAMESPACE}}\Middlewares;
+
+use Quantum\Service\Factories\ServiceFactory;
+use {{MODULE_NAMESPACE}}\Services\CommentService;
+use Quantum\Libraries\Validation\Rule;
+use Quantum\Http\Response;
+use Quantum\Http\Request;
+use Closure;
+
+/**
+ * Class CommentOwner
+ * @package Modules\{{MODULE_NAME}}
+ */
+class CommentOwner extends BaseMiddleware
+{
+
+    /**
+     * @param Request $request
+     * @param Response $response
+     * @param Closure $next
+     * @return mixed
+     */
+    public function apply(Request $request, Response $response, Closure $next)
+    {
+        $uuid = (string)route_param('uuid');
+
+        $request->set('uuid', $uuid);
+
+        $this->validateRequest($request, $response);
+
+        return $next($request, $response);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function defineValidationRules(Request $request): void
+    {
+        $this->registerCustomRules();
+
+        $this->validator->setRules([
+            'uuid' => [
+                Rule::required(),
+                Rule::commentOwner(),
+            ],
+        ]);
+    }
+
+    /**
+     * Registers custom validation rules
+     */
+    private function registerCustomRules(): void
+    {
+        $this->validator->addRule('commentOwner', function ($commentUuid) {
+            $comment = ServiceFactory::get(CommentService::class)->getComment($commentUuid);
+            return !$comment->isEmpty() && $comment->user_uuid === auth()->user()->uuid;
+        });
+    }
+}

src/Module/Templates/DemoApi/src/Middlewares/Owner.php.tpl → src/Module/Templates/DemoApi/src/Middlewares/PostOwner.php.tpl

@@ -9,7 +9,7 @@
  * @author Arman Ag. <arman.ag@softberg.org>
  * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org)
  * @link http://quantum.softberg.org/
- * @since 2.9.8
+ * @since 2.9.9
  */
 
 namespace {{MODULE_NAMESPACE}}\Middlewares;
@@ -22,10 +22,10 @@ use Quantum\Http\Request;
 use Closure;
 
 /**
- * Class Owner
+ * Class PostOwner
  * @package Modules\{{MODULE_NAME}}
  */
-class Owner extends BaseMiddleware
+class PostOwner extends BaseMiddleware
 {
 
     /**

src/Module/Templates/DemoApi/src/Services/PostService.php.tpl

@@ -151,10 +151,10 @@ class PostService extends QtService
     /**
      * Add post
      * @param array $data
-     * @return array
+     * @return Post
      * @throws ModelException
      */
-    public function addPost(array $data): array
+    public function addPost(array $data): Post
     {
         $data['uuid'] = $data['uuid'] ?? uuid_ordered();
         $data['created_at'] = date('Y-m-d H:i:s');
@@ -163,22 +163,25 @@ class PostService extends QtService
         $post->fillObjectProps($data);
         $post->save();
 
-        return $data;
+        return $this->getPost($post->uuid);
     }
 
     /**
      * Update post
      * @param string $uuid
      * @param array $data
+     * @return Post
      * @throws ModelException
      */
-    public function updatePost(string $uuid, array $data)
+    public function updatePost(string $uuid, array $data): Post
     {
         $data['updated_at'] = date('Y-m-d H:i:s');
 
         $post = $this->model->findOneBy('uuid', $uuid);
         $post->fillObjectProps($data);
         $post->save();
+
+        return $this->getPost($post->uuid);
     }
 
     /**

src/Module/Templates/DemoApi/src/routes/routes.php.tpl

@@ -15,11 +15,12 @@ return function ($route) {
     $route->group('auth', function ($route) {
         $route->get('[:alpha:2]?/my-posts', 'PostManagementController', 'myPosts')->middlewares(['Editor']);
         $route->post('[:alpha:2]?/my-posts/create', 'PostManagementController', 'create')->middlewares(['Editor']);
-        $route->put('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'Owner']);
-        $route->delete('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'Owner']);
-        $route->delete('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'Owner']);
+        $route->put('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'PostOwner']);
+        $route->delete('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'PostOwner']);
+        $route->delete('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'PostOwner']);
 
         $route->post('[:alpha:2]?/comments/create/[uuid=:any]', 'CommentController', 'create')->middlewares(['Comment']);
+        $route->delete('[:alpha:2]?/comments/delete/[uuid=:any]', 'CommentController', 'delete')->middlewares(['CommentOwner']);
 
         $route->put('[:alpha:2]?/account-settings/update', 'AccountController', 'update')->middlewares(['Update']);
         $route->put('[:alpha:2]?/account-settings/update-password', 'AccountController', 'updatePassword')->middlewares(['Password']);

src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php.tpl

@@ -0,0 +1,73 @@
+<?php
+
+/**
+ * Quantum PHP Framework
+ *
+ * An open source software development framework for PHP
+ *
+ * @package Quantum
+ * @author Arman Ag. <arman.ag@softberg.org>
+ * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org)
+ * @link http://quantum.softberg.org/
+ * @since 2.9.9
+ */
+
+namespace {{MODULE_NAMESPACE}}\Middlewares;
+
+use Quantum\Service\Factories\ServiceFactory;
+use {{MODULE_NAMESPACE}}\Services\CommentService;
+use Quantum\Libraries\Validation\Rule;
+use Quantum\Http\Response;
+use Quantum\Http\Request;
+use Closure;
+
+/**
+ * Class CommentOwner
+ * @package Modules\{{MODULE_NAME}}
+ */
+class CommentOwner extends BaseMiddleware
+{
+
+    /**
+     * @param Request $request
+     * @param Response $response
+     * @param Closure $next
+     * @return mixed
+     */
+    public function apply(Request $request, Response $response, Closure $next)
+    {
+        $uuid = (string)route_param('uuid');
+
+        $request->set('uuid', $uuid);
+
+        $this->validateRequest($request, $response);
+
+        return $next($request, $response);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function defineValidationRules(Request $request): void
+    {
+        $this->registerCustomRules();
+
+        $this->validator->setRules([
+            'uuid' => [
+                Rule::required(),
+                Rule::commentOwner(),
+            ],
+        ]);
+    }
+
+    /**
+     * Registers custom validation rules
+     */
+    private function registerCustomRules(): void
+    {
+        $this->validator->addRule('commentOwner', function ($commentUuid) {
+            $comment = ServiceFactory::get(CommentService::class)->getComment($commentUuid);
+            return !$comment->isEmpty() && $comment->user_uuid === auth()->user()->uuid;
+        });
+    }
+}

src/Module/Templates/DemoWeb/src/Middlewares/Owner.php.tpl → src/Module/Templates/DemoWeb/src/Middlewares/PostOwner.php.tpl

@@ -9,7 +9,7 @@
  * @author Arman Ag. <arman.ag@softberg.org>
  * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org)
  * @link http://quantum.softberg.org/
- * @since 2.9.8
+ * @since 2.9.9
  */
 
 namespace {{MODULE_NAMESPACE}}\Middlewares;
@@ -23,10 +23,10 @@ use Quantum\Http\Request;
 use Closure;
 
 /**
- * Class Editor
+ * Class PostOwner
  * @package Modules\{{MODULE_NAME}}
  */
-class Owner extends BaseMiddleware
+class PostOwner extends BaseMiddleware
 {
 
 

src/Module/Templates/DemoWeb/src/Services/PostService.php.tpl

@@ -150,10 +150,10 @@ class PostService extends QtService
     /**
      * Add post
      * @param array $data
-     * @return array
+     * @return Post
      * @throws ModelException
      */
-    public function addPost(array $data): array
+    public function addPost(array $data): Post
     {
         $data['uuid'] = $data['uuid'] ?? uuid_ordered();
         $data['created_at'] = date('Y-m-d H:i:s');
@@ -162,22 +162,25 @@ class PostService extends QtService
         $post->fillObjectProps($data);
         $post->save();
 
-        return $data;
+        return $this->getPost($post->uuid);
     }
 
     /**
      * Update post
      * @param string $uuid
      * @param array $data
+     * @return Post
      * @throws ModelException
      */
-    public function updatePost(string $uuid, array $data)
+    public function updatePost(string $uuid, array $data): Post
     {
         $data['updated_at'] = date('Y-m-d H:i:s');
 
         $post = $this->model->findOneBy('uuid', $uuid);
         $post->fillObjectProps($data);
         $post->save();
+
+        return $this->getPost($post->uuid);
     }
 
     /**

src/Module/Templates/DemoWeb/src/routes/routes.php.tpl

@@ -21,12 +21,13 @@ return function ($route) {
         $route->get('[:alpha:2]?/my-posts', 'PostManagementController', 'myPosts')->middlewares(['Editor']);
         $route->get('[:alpha:2]?/my-posts/create', 'PostManagementController', 'createFrom')->middlewares(['Editor']);
         $route->post('[:alpha:2]?/my-posts/create', 'PostManagementController', 'create')->middlewares(['Editor']);
-        $route->get('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amendForm')->middlewares(['Editor', 'Owner']);
-        $route->post('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'Owner']);
-        $route->get('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'Owner']);
-        $route->get('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'Owner']);
+        $route->get('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amendForm')->middlewares(['Editor', 'PostOwner']);
+        $route->post('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'PostOwner']);
+        $route->get('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'PostOwner']);
+        $route->get('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'PostOwner']);
 
         $route->post('[:alpha:2]?/comments/create/[uuid=:any]', 'CommentController', 'create')->middlewares(['Comment']);
+        $route->get('[:alpha:2]?/comments/delete/[uuid=:any]', 'CommentController', 'delete')->middlewares(['CommentOwner']);
 
         $route->get('[:alpha:2]?/account-settings', 'AccountController', 'form');
         $route->post('[:alpha:2]?/account-settings/update', 'AccountController', 'update')->middlewares(['Update']);