Merge pull request #60 from balajidharma/2.x-Changes

Added Policy-Driven Authorization

Author: balajidharma

app/Http/Controllers/Admin/CategoryController.php

@@ -3,30 +3,25 @@
 namespace App\Http\Controllers\Admin;
 
 use App\Http\Controllers\Controller;
-use BalajiDharma\LaravelAdminCore\Requests\StoreCategoryRequest;
-use BalajiDharma\LaravelAdminCore\Requests\UpdateCategoryRequest;
+use BalajiDharma\LaravelAdminCore\Actions\Category\CategoryCreateAction;
+use BalajiDharma\LaravelAdminCore\Actions\Category\CategoryUpdateAction;
+use BalajiDharma\LaravelAdminCore\Data\Category\CategoryCreateData;
+use BalajiDharma\LaravelAdminCore\Data\Category\CategoryUpdateData;
 use BalajiDharma\LaravelCategory\Models\Category;
 use BalajiDharma\LaravelCategory\Models\CategoryType;
 use Illuminate\Support\Facades\Auth;
 use Inertia\Inertia;
 
 class CategoryController extends Controller
 {
-    public function __construct()
-    {
-        $this->middleware('can:category list', ['only' => ['index', 'show']]);
-        $this->middleware('can:category create', ['only' => ['create', 'store']]);
-        $this->middleware('can:category edit', ['only' => ['edit', 'update']]);
-        $this->middleware('can:category delete', ['only' => ['destroy']]);
-    }
-
     /**
      * Display a listing of the resource.
      *
      * @return \Inertia\Response
      */
     public function index(CategoryType $type)
     {
+        $this->authorize('adminViewAny', Category::class);
         $items = (new Category)->toTree($type->id, true);
 
         return Inertia::render('Admin/Category/Item/Index', [
@@ -47,6 +42,7 @@ public function index(CategoryType $type)
      */
     public function create(CategoryType $type)
     {
+        $this->authorize('adminCreate', Category::class);
         $itemOptions = Category::selectOptions($type->id, null, true);
 
         return Inertia::render('Admin/Category/Item/Create', [
@@ -60,13 +56,10 @@ public function create(CategoryType $type)
      *
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(StoreCategoryRequest $request, CategoryType $type)
+    public function store(CategoryCreateData $data, CategoryType $type, CategoryCreateAction $categoryCreateAction)
     {
-        if (! $request->has('enabled')) {
-            $request['enabled'] = false;
-        }
-
-        $type->categories()->create($request->all());
+        $this->authorize('adminCreate', Category::class);
+        $categoryCreateAction->handle($data, $type);
 
         return redirect()->route('admin.category.type.item.index', $type->id)
             ->with('message', 'Category created successfully.');
@@ -79,6 +72,7 @@ public function store(StoreCategoryRequest $request, CategoryType $type)
      */
     public function edit(CategoryType $type, Category $item)
     {
+        $this->authorize('adminUpdate', $item);
         $itemOptions = Category::selectOptions($type->id, $item->parent_id ?? $item->id);
 
         return Inertia::render('Admin/Category/Item/Edit', [
@@ -93,13 +87,10 @@ public function edit(CategoryType $type, Category $item)
      *
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update(UpdateCategoryRequest $request, CategoryType $type, Category $item)
+    public function update(CategoryUpdateData $data, CategoryType $type, Category $item, CategoryUpdateAction $categoryUpdateAction)
     {
-        if (! $request->has('enabled')) {
-            $request['enabled'] = false;
-        }
-
-        $item->update($request->all());
+        $this->authorize('adminUpdate', $item);
+        $categoryUpdateAction->handle($data, $item);
 
         return redirect()->route('admin.category.type.item.index', $type->id)
             ->with('message', 'Category updated successfully.');
@@ -113,6 +104,7 @@ public function update(UpdateCategoryRequest $request, CategoryType $type, Categ
      */
     public function destroy(CategoryType $type, Category $item)
     {
+        $this->authorize('adminDelete', $item);
         $item->delete();
 
         return redirect()->route('admin.category.type.item.index', $type->id)

app/Http/Controllers/Admin/CategoryTypeController.php

@@ -3,29 +3,24 @@
 namespace App\Http\Controllers\Admin;
 
 use App\Http\Controllers\Controller;
-use BalajiDharma\LaravelAdminCore\Requests\StoreCategoryTypeRequest;
-use BalajiDharma\LaravelAdminCore\Requests\UpdateCategoryTypeRequest;
+use BalajiDharma\LaravelAdminCore\Actions\CategoryType\CategoryTypeCreateAction;
+use BalajiDharma\LaravelAdminCore\Actions\CategoryType\CategoryTypeUpdateAction;
+use BalajiDharma\LaravelAdminCore\Data\CategoryType\CategoryTypeCreateData;
+use BalajiDharma\LaravelAdminCore\Data\CategoryType\CategoryTypeUpdateData;
 use BalajiDharma\LaravelCategory\Models\CategoryType;
 use Illuminate\Support\Facades\Auth;
 use Inertia\Inertia;
 
 class CategoryTypeController extends Controller
 {
-    public function __construct()
-    {
-        $this->middleware('can:category.type list', ['only' => ['index']]);
-        $this->middleware('can:category.type create', ['only' => ['create', 'store']]);
-        $this->middleware('can:category.type edit', ['only' => ['edit', 'update']]);
-        $this->middleware('can:category.type delete', ['only' => ['destroy']]);
-    }
-
     /**
      * Display a listing of the resource.
      *
      * @return \Inertia\Response
      */
     public function index()
     {
+        $this->authorize('adminViewAny', CategoryType::class);
         $categoryTypes = (new CategoryType)->newQuery();
 
         if (request()->has('search')) {
@@ -66,6 +61,7 @@ public function index()
      */
     public function create()
     {
+        $this->authorize('adminCreate', CategoryType::class);
         return Inertia::render('Admin/Category/Type/Create');
     }
 
@@ -74,18 +70,10 @@ public function create()
      *
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(StoreCategoryTypeRequest $request)
+    public function store(CategoryTypeCreateData $data, CategoryTypeCreateAction $categoryTypeCreateAction)
     {
-        if (! $request->has('is_flat')) {
-            $request['is_flat'] = false;
-        }
-
-        CategoryType::create([
-            'name' => $request->name,
-            'machine_name' => $request->machine_name,
-            'description' => $request->description,
-            'is_flat' => $request->is_flat,
-        ]);
+        $this->authorize('adminCreate', CategoryType::class);
+        $categoryTypeCreateAction->handle($data);
 
         return redirect()->route('admin.category.type.index')
             ->with('message', 'Category type created successfully.');
@@ -99,6 +87,7 @@ public function store(StoreCategoryTypeRequest $request)
      */
     public function edit(CategoryType $type)
     {
+        $this->authorize('adminUpdate', $type);
         return Inertia::render('Admin/Category/Type/Edit', [
             'categoryType' => $type,
         ]);
@@ -110,13 +99,10 @@ public function edit(CategoryType $type)
      * @param  \BalajiDharma\LaravelCategory\Models\CategoryType  $categoryType
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update(UpdateCategoryTypeRequest $request, CategoryType $type)
+    public function update(CategoryTypeUpdateData $data, CategoryType $type, CategoryTypeUpdateAction $categoryTypeUpdateAction)
     {
-        if (! $request->has('is_flat')) {
-            $request['is_flat'] = false;
-        }
-
-        $type->update($request->all());
+        $this->authorize('adminUpdate', $type);
+        $categoryTypeUpdateAction->handle($data, $type);
 
         return redirect()->route('admin.category.type.index')
             ->with('message', 'Category type updated successfully.');

app/Http/Controllers/Admin/MediaController.php

@@ -14,21 +14,14 @@
 
 class MediaController extends Controller
 {
-    public function __construct()
-    {
-        $this->middleware('can:media list', ['only' => ['index']]);
-        $this->middleware('can:media create', ['only' => ['create', 'store']]);
-        $this->middleware('can:media edit', ['only' => ['edit', 'update']]);
-        $this->middleware('can:media delete', ['only' => ['destroy']]);
-    }
-
     /**
      * Display a listing of the resource.
      *
      * @return \Inertia\Response
      */
     public function index()
     {
+        $this->authorize('adminViewAny', Media::class);
         $mediaItems = (new Media)->newQuery();
         $mediaItems->whereIsOriginal();
         if (request()->has('search')) {
@@ -69,6 +62,7 @@ public function index()
      */
     public function create()
     {
+        $this->authorize('adminCreate', Media::class);
         $typeOptions = media_type_as_options();
         return Inertia::render('Admin/Media/Create', [
             'typeOptions' => $typeOptions,
@@ -82,6 +76,7 @@ public function create()
      */
     public function store(MediaCreateData $data, MediaCreateAction $mediaCreateAction)
     {
+        $this->authorize('adminCreate', Media::class);
         $mediaCreateAction->handle($data);
 
         return redirect()->route('admin.media.index')
@@ -96,6 +91,7 @@ public function store(MediaCreateData $data, MediaCreateAction $mediaCreateActio
     public function show($id)
     {
         $media = Media::findOrFail($id);
+        $this->authorize('adminView', $media);
 
         return Inertia::render('Admin/Media/Show', [
             'media' => MediaData::from($media),
@@ -110,6 +106,7 @@ public function show($id)
     public function edit($id)
     {
         $media = Media::findOrFail($id);
+        $this->authorize('adminUpdate', $media);
         $typeOptions = media_type_as_options();
 
         return Inertia::render('Admin/Media/Edit', [
@@ -127,6 +124,7 @@ public function edit($id)
     public function update(MediaUpdateData $mediaUpdateData, $id, MediaUpdateAction $mediaUpdateAction)
     {
         $media = Media::findOrFail($id);
+        $this->authorize('adminUpdate', $media);
         $mediaUpdateAction->handle($mediaUpdateData, $media);
 
         return redirect()->route('admin.media.index')
@@ -141,6 +139,7 @@ public function update(MediaUpdateData $mediaUpdateData, $id, MediaUpdateAction
     public function destroy($id)
     {
         $media = Media::findOrFail($id);
+        $this->authorize('adminDelete', $media);
         $media->getAllVariantsAndSelf()->each(function (Media $variant) {
             $variant->delete();
         });

app/Http/Controllers/Admin/MenuController.php

@@ -3,29 +3,24 @@
 namespace App\Http\Controllers\Admin;
 
 use App\Http\Controllers\Controller;
-use BalajiDharma\LaravelAdminCore\Requests\StoreMenuRequest;
-use BalajiDharma\LaravelAdminCore\Requests\UpdateMenuRequest;
+use BalajiDharma\LaravelAdminCore\Actions\Menu\MenuCreateAction;
+use BalajiDharma\LaravelAdminCore\Actions\Menu\MenuUpdateAction;
+use BalajiDharma\LaravelAdminCore\Data\Menu\MenuCreateData;
+use BalajiDharma\LaravelAdminCore\Data\Menu\MenuUpdateData;
 use BalajiDharma\LaravelMenu\Models\Menu;
 use Illuminate\Support\Facades\Auth;
 use Inertia\Inertia;
 
 class MenuController extends Controller
 {
-    public function __construct()
-    {
-        $this->middleware('can:menu list', ['only' => ['index']]);
-        $this->middleware('can:menu create', ['only' => ['create', 'store']]);
-        $this->middleware('can:menu edit', ['only' => ['edit', 'update']]);
-        $this->middleware('can:menu delete', ['only' => ['destroy']]);
-    }
-
     /**
      * Display a listing of the resource.
      *
      * @return \Inertia\Response
      */
     public function index()
     {
+        $this->authorize('adminViewAny', Menu::class);
         $menus = (new Menu)->newQuery();
 
         if (request()->has('search')) {
@@ -67,6 +62,7 @@ public function index()
      */
     public function create()
     {
+        $this->authorize('adminCreate', Menu::class);
         return Inertia::render('Admin/Menu/Create');
     }
 
@@ -75,13 +71,10 @@ public function create()
      *
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(StoreMenuRequest $request)
+    public function store(MenuCreateData $data, MenuCreateAction $menuCreateAction)
     {
-        Menu::create([
-            'name' => $request->name,
-            'machine_name' => $request->machine_name,
-            'description' => $request->description,
-        ]);
+        $this->authorize('adminCreate', Menu::class);
+        $menuCreateAction->handle($data);
 
         return redirect()->route('admin.menu.index')
             ->with('message', 'Menu created successfully.');
@@ -94,6 +87,7 @@ public function store(StoreMenuRequest $request)
      */
     public function edit(Menu $menu)
     {
+        $this->authorize('adminUpdate', $menu);
         return Inertia::render('Admin/Menu/Edit', [
             'menu' => $menu,
         ]);
@@ -104,9 +98,10 @@ public function edit(Menu $menu)
      *
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update(UpdateMenuRequest $request, Menu $menu)
+    public function update(MenuUpdateData $data, Menu $menu, MenuUpdateAction $menuUpdateAction)
     {
-        $menu->update($request->all());
+        $this->authorize('adminUpdate', $menu);
+        $menuUpdateAction->handle($data, $menu);
 
         return redirect()->route('admin.menu.index')
             ->with('message', 'Menu updated successfully.');
@@ -119,6 +114,7 @@ public function update(UpdateMenuRequest $request, Menu $menu)
      */
     public function destroy(Menu $menu)
     {
+        $this->authorize('adminDelete', $menu);
         $menu->delete();
 
         return redirect()->route('admin.menu.index')